Nessus (BYOL)
Tenable, Inc. | 10.8.3Linux/Unix, Amazon Linux 20240903 - 64-bit Amazon Machine Image (AMI)
External reviews
External reviews are not included in the AWS star rating for the product.
Great for Compliance
What do you like best about the product?
I like that you can set the scans up manual and have them scheduled. I love the customer support.
What do you dislike about the product?
I do not like that you cannot scan applications or webservers.
What problems is the product solving and how is that benefiting you?
scanning applications and webservers. I like the reporting tools and compliance validity of the compliance control sets via the same set the IRS uses. That makes it definitely more valuable than using any other vulnerability tool. This tool tells you what controls are missing as well as what controls need to have improvement and if you use the same files as the IRS uses you are sure to pass any safeguard review/audit. I have my security administrator use it just because of that reason. I wish Nessus could run scans on different types of software but I'm not sure how that is even possible. If there were any improvements to be made it would be on webservers and applications. However, if your just checking your audits against safeguard reviews, this will get you passed.
Recommendations to others considering the product:
I WOULD try to figure out how to have Nessus run vulnerability scans on software, if that is possible. If I could improve Nessus I would find a way to make it take up less band with when doing network scans, find a way to get it to scan different types of software and also, get it to scan webservers. Nessus for me needs to keep staying in compliance with the IRS publication 1075 and NIST 800-53 series. If Nessus can do that then it will continue to hold its excessive valuableness. Federal guidelines are the way that I would go if I were a Nessus developer/tester.
- Leave a Comment |
- Mark review as helpful
Nessus review
What do you like best about the product?
Cost is the biggest factor, the functionality is on par with other commercial solutions but at a reasonable price point and licensing model. The solution is also extremely stable. The information presented in reports is easy to understand and can be put infront of a non-technical audience, a junior admin, network engineer or audit team.
What do you dislike about the product?
Nessus professional lacks robust data management and compression, scan history can grow rapidly out of control. We have been forced to implement so scripting outside of the tool to perform housekeeping activities that would be better served natively.
What problems is the product solving and how is that benefiting you?
Nessus is our primary risk analysis tool and is the foundation of how we demonstrate risk mitigation to our Clients. We can rapidly get Client security buy in to go live once we present the Nessus compliance and vulnerability reports. By reducing the time to get Client sign off we are able to realize revenue sooner.
Recommendations to others considering the product:
Evaluate what you plan to do with the information you receive from the tool, prioritize information that is highest risk and be sure to get support from you business to move toward integrating Nessus into your risk programs life cycle
One solution for all vulnerability scans
What do you like best about the product?
Nessus' ability to automatically update plugins/feed everyday, schedule scans and sending reports on emails upon scan completion. Also, creating different customized policy templates for your different scan/OS needs is awesome. It supports different login methods password/RSA keys etc.
What do you dislike about the product?
Plugins are not released every day. Some times they are delayed for couple of days. Also, few times the scan report shows different number of items found under info. For example one scan will show 87 number of items under info where as another scan on the same device a few minutes apart will show 88 or 89 number of items under info in the scan report.
What problems is the product solving and how is that benefiting you?
We are scanning our OS/software for any vulnerabilities and fixing them before releasing them to customer's systems. Customers are happy that we are fixing the vulnerabilities before they even find and flag it. Customers now have more trust in us.
Recommendations to others considering the product:
It is very easy to use. You need to set it up only once and then no need to do any maintenance. Great product
SQL Developer
What do you like best about the product?
Slick UI, export to Excel option is great for data management
What do you dislike about the product?
We do weekly scans and false positives in general around Windows 10 are a bit annoying. Tenable is pretty quick to update their plugins however.
What problems is the product solving and how is that benefiting you?
Find out of compliance machines for security patching, other new issues we didn't know about.
Nessus price to features
What do you like best about the product?
Cost and Control.
Allot of flexibility in a single application that we can host ourselves.
Allot of flexibility in a single application that we can host ourselves.
What do you dislike about the product?
Licensing and the restrictions in the latest release.
What problems is the product solving and how is that benefiting you?
Compliance certification readiness and overall system hardening based on results.
Recommendations to others considering the product:
Seems with the new licensing, they are going back in the wrong direction
Straight forward and easy to use.
What do you like best about the product?
Important information readily accessible from reports and thus easy for management to read. Flexible scanning options and easy to passively scan many test VMs under development.
What do you dislike about the product?
No multi-year discount for contracts. 2 or 3 year contract is the same price/yr
What problems is the product solving and how is that benefiting you?
Vulnerability scanning with an industry standard tool. Customers recognize and accept Nessus as part of our cybersecurity program.
A big part of the toolkit for Vulnerability assessments
What do you like best about the product?
Nessus has gathered a wide range of templates and policies to help conduct and track Vulnerability assessments.
What do you dislike about the product?
I don't think there is really anything on this list.
What problems is the product solving and how is that benefiting you?
The ability to show how we measure up against industry standards.
Nessus Professional review
What do you like best about the product?
Is easy to understand the learning curve is it not difficult. The interface is easy to use. It helps with the efficiency and vulnerability management.
What do you dislike about the product?
The plugins and they are removing the API support for Nessus Pro 7 so we wont be able to integrate some processes into vulnerability scanning
What problems is the product solving and how is that benefiting you?
vulnerability management
Industry standard for a reason
What do you like best about the product?
Nessus is the standard for a reason - it's flexible, extensible, and well supported. The plugin update system works silently and flawlessly, and helps us not have to write our own scripts constantly.
What do you dislike about the product?
The recent changes to move on-prem scanners to a single user and remove API functionality has been super challenging.
What problems is the product solving and how is that benefiting you?
We are solving for risk analysis and patch compliance with Nessus. Automating the scans and having the ability to write our own compliance module has made it super easy to spot trends and get accurate remediation plans drawn up.
Nessus is a great tool for vulnerability scanning
What do you like best about the product?
Nessus is a pretty good and easy tool to use. It offers a variety of ways to scan for the latest vulnerabilities and also lots of reports for all of your needs. Also another important asset of Nessus is that if the program crashes for any reason, there is a knowledge base with the answers.
What do you dislike about the product?
I don't really have much I dislike. Only thing is possibly add more reporting features and ways to fix the problem.
What problems is the product solving and how is that benefiting you?
I am trying to use Nessus to satisfy PCI requirements on a quarterly basis. It also assist us in finding out internal vulnerabilities.
showing 221 - 230