Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Nessus in the Cloud

Note:  Nessus Cloud is now a part of Tenable.io Vulnerability Management. To learn more about this application and its latest capabilities, visit the Tenable.io Vulnerability Management web page.

Tenable recently announced the availability of our world-renowned Nessus vulnerability management tool as an expanded cloud service. Nessus Cloud is a Tenable-hosted managed software-as-a-service (SaaS) application on Amazon Web Services (AWS). As more companies embrace the so-called second generation cloud, Tenable is meeting our customers’ business needs on four key points: customer choice, ROI, agility and security.

Customer choice

Nessus Cloud meets your business needs on four key points: customer choice, ROI, agility and security

Our customers range from SMBs to global enterprises, from healthcare organizations to government and federal agencies. Each customer possesses a unique set of requirements and restrictions when it comes to IT security needs. A traditional deployment may work for some and not others, so we decided to provide choice and flexibility when you are selecting a deployment that works best for your site.

To accomplish this, our cloud services team built a global SaaS platform which is now available in Amazon’s AWS infrastructure. Nessus Cloud complements our Nessus Professional and Nessus Manager offerings, providing several choices to meet your vulnerability management needs.

Eventually we plan to offer all our products as cloud services to complement our existing product suite and to deliver you more choice.


We made subtle but important changes to the Nessus software for AWS. These subtle differences are important because that’s where the scale and cost savings start. ROI is part of "scale" because you need to grow your ever-increasing computer infrastructure while also predicting and controlling future costs. That is precisely what the cloud model is meant to do and it’s what second generation cloud is all about.

In other words, Tenable deployed to the cloud and modified Nessus so that it uses the cloud in the most efficient way, enabling a substantial savings over traditional on-premises software. It also means that you don’t have to guess at a future upper bound for growth.


Second-generation cloud services place Tenable near to you, our customers, no matter where you happen to be, which keeps us regionally competitive. Nessus Cloud enhances our ability to respond quickly to your demand; we are able to immediately deploy resources anywhere in the world. We have a global market presence and an active global user base. We know that our cloud offering has always been embraced by customers all over the planet and we want you to have the best experience possible. To that end, we wanted not only the application and your data to be regionalized, but also the vulnerability scanning and/or continuous network monitoring infrastructure. The closer these things are to you, the better performance you will receive from our products.

Because Nessus Cloud uses AWS, we can deploy to Singapore as easily as Northern California (both of which we have done). We can move into any number of locations in minutes. This allows us to deploy regional data sites and “pin” a customer’s data to that regional site – for customer preference or regulatory reasons. Customers can be pinned to Frankfurt or just as easily to Tokyo, and be assured that their data will stay in that physical site. 

Because Nessus Cloud uses AWS, we can deploy to Singapore as easily as Northern California

When you couple that with GovCloud (Amazon’s FedRAMP-certified region), it means that the agility conferred by the cloud extends to the ability to service government agencies as if they are geographic regions.


Lastly, the security of the cloud itself is a hot topic of debate lately. To us, hosting our service in the cloud was a more secure choice because of something called the “castle walls” principle. Traditional IT and on-premises designs usually rely on a “castle wall” approach to security; i.e., the resources inside the walls are actually quite vulnerable, but because they are “behind the wall” they are considered secure. But this leads to attacks like the infamous Target hack, where one small hole in that wall leads to a huge breach of internal resources.

On the other hand, Tenable’s cloud approach is more like “armed infantry behind a castle wall.” Our services, while still behind the wall of a cloud based private network, are treated as self-defending systems, so each system and every application is secured in such a way that the entire stack has defenses on each and every component (hence “armed infantry” behind the “castle walls”). Similar tactics can be used on-premises, but they are expensive, harder to do and intrusive to productivity. Security is easier to implement in virtual cloud-based architectures, and as a result, security actually is implemented; therefore, cloud tends to be more secure for your data and applications.

Embrace the cloud

In summary, for Tenable, the move to embrace second-generation cloud and offer all of our products as cloud services is about customer choice, ROI, agility and security.

If you’re a current Nessus Enterprise Cloud customer, you will be automatically upgraded to Nessus Cloud the next time you log in.

If you are a new customer, learn more about Nessus Cloud on our website or watch this short video about deploying Nessus Cloud. You can also contact us or your local authorized Tenable reseller to get started. 

See the Nessus FAQ for more details.

Subscribe to the Tenable Blog

Try for Free Buy Now

Try Tenable.io Vulnerability Management


Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Sign up now and run your first scan within 60 seconds.

Buy Tenable.io Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

65 assets

Try Nessus Professional Free


Nessus® is the most comprehensive vulnerability scanner on the market today. Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.