Compare Nessus with industry vulnerability assessment solutions
Nessus® is the gold standard for vulnerability assessment.
See how Nessus compares to
OpenVAS® and Rapid7® Nexpose®.
From the beginning, we've worked hand-in-hand with the security community to make Nessus the most accurate and comprehensive vulnerability assessment solution in the market. 20 years later, we're still laser focused on community collaboration and product innovation to provide the most accurate and complete vulnerability data – so you don't miss critical issues that could put your organization or your clients at risk.
See why Nessus is trusted by more than 30,000 organizations worldwide.
Vulnerability Assessment
CVE coverage
71K CVEs – the most in the industry
< 26,000 CVEs
< 42,000 CVEs
Scanning accuracy
Industry's lowest false-positive rate – better than six-sigma accuracy1
Not published
Not published; customers report many false-positives
Speed of vulnerability check release
New vulnerability checks (plugins) released within an average of 24 hours of vuln disclosure
Not published
Not published
Pre-built scan templates
Templates for major vulnerabilities (WannaCry, Spectre & Meltdown, etc.), SCAP and OVAL auditing, and
more
[click for screenshot]
No pre-built templates for WannaCry, Spectre & Meltdown, etc.
No pre-built templates for WannaCry, Spectre & Meltdown, etc.
Live Results
Live Results identifies vulnerabilities using existing scan data with new plugin updates, for real-time
visibility
[click for screenshot]
Not available
Not available
Vulnerability grouping
Grouped View presents similar vulnerabilities in a single thread for ease of management
[click
for screenshot]
Not available
Not available
Security Configuration Assessment/Audit (SCA)
Pre-built compliance and configuration assessment templates
700+ compliance and configuration templates (CIS, DISA STIG, HIPAA, PCI DSS, USGCB, FDCC, and more) – at no extra cost
Very limited set of configuration templates included. No support for CIS, DISA STIG, USGCB, or FDCC audits.
Limited set of configuration templates included. CIS, USGCB, FDCC, and custom policies available for an additional cost (Policy Manager license).
Reporting and User Interface
Flexible report creation
Pre-built report templates simplify report creation. Reports can be tailored based on customized views by
team or client.
[click for screenshot]
Limited report templates and filtering capabilities
Pre-built report templates. Reports can be created and tailored based on customized views.
Report export formats
HTML, CSV, PDF, .Nessus XML, and Nessus DB
HTML, PDF, XML, and text
HTML, CSV, PDF, XML, and RTF/text
Branded reports
Option to add personal branding (name/logo)
Not available
Not available
Automatic email distribution of reports after scans finish
Included
Not available
Not available
Quality of user interface
Modern user interface
[click for screenshot]
Outdated user interface
Modern user interface
Security Research
Expert security research
Tenable Research provides essential vulnerability and threat intelligence and has discovered hundreds of new vulnerabilities
None
Rapid7 maintains a respected security research team
Platform Support
Supported operating systems
Debian / Kali Linux (several versions), Red Hat EL (several), CentOS (several), Oracle Linux (several), FreeBSD (several), Fedora (several), SUSE Linux Enterprise (several), Ubuntu (several), Windows Server (2008, 2008 R2, 2012, 2012 R2, 2016), Windows (7, 8, 10)
Users must build their own OpenVAS binaries from source code or use non-supported community
packages.
Does not run on Windows.
Red Hat EL (several), CentOS (v7 only), Oracle Linux (v7 only), Ubuntu (several), Windows Server (2008 R2, 2012 R2, 2016), Windows (7, 8.1, 10)
Deployment options
Live USB drive, cloud, or traditional install
Traditional install
Cloud or traditional install
Total Cost of Ownership (TCO)
Cost of acquiring, operating, and supporting product
Nessus Professional subscription: <$3,000/year for unlimited IPs.
Extensive pre-built capabilities,
automation, and vendor support minimize manual effort.
Free to download.2
Significant manual work required to deploy, operate, and self-support.
Nexpose subscription:
500-IP license starts at >$10,000/year and increases significantly with
IPs.
Extra cost for Policy Manager.
Limited pre-built capabilities, automation, and vendor support.
Product Viability
Product investment
Tenable is investing heavily in Nessus – with 1 major release, 2 minor releases, and 9 “dot” releases in 2018 alone
OpenVAS has issued just 2 releases in the last 4 years
Rapid7 appears to be phasing out Nexpose
Industry Adoption
Paid customers
30,000+3
N/A
<7,1004
Cumulative downloads
Nearly 2 million
Not published
Not published
1Approximately 0.32 defects per 1 million scans
2Greenbone offers a supported version of OpenVAS which starts at $6,200 for one year, for up to 300
IPs. Greenbone for 6,000 IPs costs $37,500 for one year.
3Source: https://www.tenable.com/about-tenable/about-us.
Virtually all Tenable customers are using Nessus or a product built on Nessus technology.
4Source: https://www.rapid7.com/about/customers. Not all of Rapid7’s
customers are using Nexpose (or InsightVM).
5According to Cybersecurity Insiders survey, August 2018: https://www.tenable.com/whitepapers/cybersecurity-insiders-2018-application-security-report
All product names, logos, and brands are property of their respective owners.
Looking for a comprehensive vulnerability management solution?
Consider Tenable.sc (on-premises) or Tenable.io (cloud-based) for complete vulnerability management – including extensive security and compliance dashboards, agents, multi-scanner support, cloud and container scanning, and more.
