Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Tenable and Amazon Web Services (AWS) Announce Nessus® Enterprise for AWS

Update: Nessus Enterprise for AWS is no longer available. For pre-authorized scanning for AWS from Tenable, please see Nessus Cloud.


Note:  Nessus Cloud is now a part of Tenable.io Vulnerability Management. To learn more about this application and its latest capabilities, visit the Tenable.io Vulnerability Management web page.


Amazon Web Services (AWS) allows organizations to shift key compute, storage, and network resources from on-premises to the cloud, offering an on-demand delivery of IT resources with pay-as-you-go pricing.   While organizations have deployed vulnerability and security solutions to protect their on-premises assets, they face challenges in monitoring and securing their AWS instances in the cloud. 

If you operate your company's business critical applications in the AWS (Amazon Web Services) cloud, you’re likely facing challenges such as:

  • Inability to perform integrated scan of vulnerabilities, compliance violations, and advanced threats for AWS instances
  • Annoyance of having to submit an AWS Vulnerability / Penetration Testing Request Form each time to scan AWS instances
  • Identifying and continually managing risk from AWS instances whose IPs can change over time
  • Inconvenience of manually installing active scanning software in the AWS cloud
  • Complexity in managing and administering individual scanners, policies, and users in the AWS cloud

To address security risks, Amazon recommends that all AWS developers scan their AWS instances while in development and operations, and before publishing to AWS users.  

To address these, Tenable has worked with Amazon to offer two solutions for AWS environments: Nessus Enterprise for AWS and Nessus (BYOL).  Both are available for purchase on the AWS Marketplace as annual subscriptions and pay-as-you-go pricing, when extra Cloudburst capacity is needed.

Nessus Enterprise for AWS: Purpose-built for and deployed in the AWS cloud, Nessus Enterprise for AWS is pre-authorized to scan AWS instances for vulnerabilities, advanced threats, web application security, and compliance violations – not possible with other solutions.  Due to the dynamic nature of the cloud where IP addresses can change quickly and frequently, Nessus for AWS uses AWS instance IDs to identify scan targets and leverages specific AWS APIs.  Designed for distributed teams or large enterprises, Nessus Enterprise for AWS facilitates team collaboration by centralizing multiple Nessus scanners and results, whether running in the AWS cloud or on-premises. 

Nessus Enterprise for AWS is comprised of two components – Nessus Enterprise for AWS Manager and Nessus Enterprise for AWS Scanner.  The Nessus Enterprise for AWS Manager provides the User Interface (UI) that controls the scanners, creates, configures, and runs Nessus scans, and manages user accounts and report viewing.  Nessus Enterprise for AWS is priced annually at $5,000/year which includes the manager and scanner.   Additional scanners can be purchased as needed.

Nessus (BYOL):  Installed in the AWS cloud, Nessus (BYOL) is simply an AMI version of Nessus that leverages AWS compute resources to audit AWS infrastructure and scan assets outside of the AWS cloud.  The scan results can be viewed directly via the Nessus scanner Web interface or be transmitted back to the Tenable SecurityCenter™ management console for a complete cloud and on-premises analysis, with passive and log analysis.


As organizations embrace new technologies and migrate to the AWS cloud, security and compliance requirements become pivotal considerations.  Tenable solutions enable AWS developers and customers to confidently secure their AWS AMIs throughout the software development lifecycle.    Regardless of whether you want to scan your AWS instances running in the AWS cloud or just want to use the AWS compute resources to deploy Nessus scanners, Tenable Nessus Enterprise for AWS and Nessus (BYOL) offer the flexibility to deploy Nessus within AWS and save money. 

 For more information refer to the Nessus Enterprise for AWS website.  To purchase Nessus Enterprise for AWS or Nessus (BYOL), visit the AWS marketplace.

Subscribe to the Tenable Blog

Try for Free Buy Now

Try Tenable.io Vulnerability Management


Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Sign up now and run your first scan within 60 seconds.

Buy Tenable.io Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

65 assets

Try Nessus Professional Free


Nessus® is the most comprehensive vulnerability scanner on the market today. Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.