Nessus (BYOL)
Tenable, Inc. | 10.8.3Linux/Unix, Amazon Linux 20240903 - 64-bit Amazon Machine Image (AMI)
External reviews
External reviews are not included in the AWS star rating for the product.
Fantastic Vulnerability Scanner
What do you like best about the product?
I liked the simplicity of the readout from the vulnerability scanner
What do you dislike about the product?
Unfortunately, the only thing I had an issue with was the pricing model. It is priced lower than most, but I am working in a non profit organization where budget is extremely tight.
What problems is the product solving and how is that benefiting you?
Vulnerability of business systems
Recommendations to others considering the product:
n/a
- Leave a Comment |
- Mark review as helpful
De Facto Standard in Vulnerbility Scanners - Best Vulnerbility Scanner for the price.
What do you like best about the product?
Nessus Professional is an Intelligent and highly customizable security product. Our team gets very accurate scan results. The security plugins are always current. The compliance templates provided can be customized to reflect the our regulatory and security needs.
What do you dislike about the product?
Improve the Web GUI:
The Nessus Web GUI does take some getting used to. Additionally, advanced configuration settings could be better organized and contextual help should be added / improved when navigating the web GUI. More report customization would aid in providing better management reporting. Disk space utilization and system health should be added to the web GUI as this would help to alert administrators and users if and when system logs require pruning or to proactively clean old scan jobs that are consuming disk space.
Security Compliance:
The security compliance templates are very useful but the compliance templates could be expanded to cover more vendor products and the compliance templates should be maintained at current levels to reflect changing compliance standards.
Mobile App:
There are times when I am away from my desk and we would like to have a mobile version that would run on a portable platform such as a Android phone or tablet.
The Nessus Web GUI does take some getting used to. Additionally, advanced configuration settings could be better organized and contextual help should be added / improved when navigating the web GUI. More report customization would aid in providing better management reporting. Disk space utilization and system health should be added to the web GUI as this would help to alert administrators and users if and when system logs require pruning or to proactively clean old scan jobs that are consuming disk space.
Security Compliance:
The security compliance templates are very useful but the compliance templates could be expanded to cover more vendor products and the compliance templates should be maintained at current levels to reflect changing compliance standards.
Mobile App:
There are times when I am away from my desk and we would like to have a mobile version that would run on a portable platform such as a Android phone or tablet.
What problems is the product solving and how is that benefiting you?
With respect to patch management, we use Nessus to validate new server and network appliance builds. As a government organization, we are required to adhere to security policies pertaining to security compliance and cyber security. To us, Nessus definitely fills are security compliance needs.
Recommendations to others considering the product:
Must be comfortable with customizations. Should have a strong understanding of networking technologies.
Nessus Pro/Manager on-prem review
What do you like best about the product?
Configuration is simple. There aren't a ton of little-used features crowding UIs. Scans are fast.
What do you dislike about the product?
Some plugins are still validating CVE resolution by looking for daemon banner version #s. With a lot of linux distros, the banner versions never line up with the backported security patches. Thus, some packages will seem vulnerable for months and months even though the vendor has patched the CVE.
What problems is the product solving and how is that benefiting you?
Infrastructure vulnerability scans
Better than most
What do you like best about the product?
I like the plugin feed, it is very robust. I also like the ability to upload compliance audit files directly from Tenable.
What do you dislike about the product?
I don't feel like the scanners do a great job of compliance checks, I prefer to use ePO instead of the Nessus scanner to obtain the credential data I need. Could be operator error though ;)
What problems is the product solving and how is that benefiting you?
We are currently resolving FISMA scorecards with the use of our scanner as well as web testing certain applications that are coming into our environment
Nesssus Rocks!
What do you like best about the product?
The flexibility in scan entire networks and for specific vulnerabilities.
What do you dislike about the product?
That the free license is no longer available for home and personal use.
What problems is the product solving and how is that benefiting you?
Filling gaps of employment. We don't have the budget for a security team so the infrastructure team fills both roles. Nessus make our jobs easier to scan for vulnerabilities without paying for FTES or yearly pen test.
Nessus Network scanninhg
What do you like best about the product?
Ease of set up and use, shows exactly where the vulnerabilities are
What do you dislike about the product?
More in depth reporting on the level of risk for each vulnerability found
What problems is the product solving and how is that benefiting you?
Closing possible security holes
Good overall product with room for improvement
What do you like best about the product?
Nessus includes some good functionality to enable integration with a larger suite of vulnerability management systems and help facilitate some light automation. The performance is generally consistent and the interface is intuitive and easy to use.
What do you dislike about the product?
The plugins are not always updated in a timely fashion, which results in unnecessary false positives and time spent researching and documenting. The API functionality is tied to a Tenable.io subscription, limiting automation and integration to the more expensive subscription model, and the accompanying analytics are superficial and don't tie to good key risk indicators.
What problems is the product solving and how is that benefiting you?
As a consultant, I'm helping my clients assess where they may have shortfalls in their vulnerability management, patch management, and system hardening programs. The overall ease of use and ability to deploy remote virtual systems allows us to work with clients without being on site the entire time, improving our efficiency and controlling costs.
Nessus is Cool
What do you like best about the product?
Good detection capabilities. Easy to understand results.
What do you dislike about the product?
The removal of the API and multi-users in Nessus Pro.
Starting to get a little messy with where plug-ins are grouped.
Starting to get a little messy with where plug-ins are grouped.
What problems is the product solving and how is that benefiting you?
Vulnerability scanning.
Dropping API support was a bad decision
What do you like best about the product?
Scans are through and provide links to explanations and corrective actions.
What do you dislike about the product?
Dropping the API support in the latest version renders our Powershell automated scans useless.
What problems is the product solving and how is that benefiting you?
Assuring our products are secure from hacking.
Nessus Professional
What do you like best about the product?
The best thing about Nessus is how indepth the scans can be. Not only are they indepth, there are multiple different scans preset for convenience. Not only that there are a ton of customization options for reports, scheduling, notifications, the type of scan and even the plugins.
What do you dislike about the product?
Migrating Nessus to a new machine isn't the easiest thing to do as there are some restrictions but after doing them a couple of times, I've gotten used to it. Depending on how many scans you have on your original build, migration can take a long time to complete. If something goes wrong, all of that time would have been wasted.
What problems is the product solving and how is that benefiting you?
A big benefit with Nessus is that we are able to pinpoint security risks within our own sites and servers on a monthly basis and escalate to the proper teams within our organization. The scans can be setup to send emails of the pdf file of the scan report to individuals. This allows the proper people are receiving the results as soon as the scans are complete.
Recommendations to others considering the product:
If you are in need of a vulnerability scanner, Nessus is definitely the way to go. The ease of customization and the level of support you get from Nessus makes this the best option.
showing 241 - 250