We performed a comparison between SecurityScorecard and Tenable Nessus based on real PeerSpot user reviews.
Find out what your peers are saying about RSA, BitSight, OneTrust and others in IT Vendor Risk Management."With its automated approach, nothing is missed on the IPs your organization is related to."
"One of its most effective features for risk identification is its enterprise-ready automation for third-party risk measurements."
"The solution helps identify our environment's vulnerabilities."
"I rate the product's initial setup phase a nine on a scale of one to ten, where one is a difficult setup phase, and ten is an easy setup process."
"The vulnerability scanner is the most valuable feature."
"Scanners and reports using CIS templates ("de-facto" standard, easy to fix and to locate correction tips at documentation), tests against cloud providers, database profiles, several types of telecom devices, and others highly customizable scans."
"It allows me to prioritize efforts and utilize effective technical resources."
"The solution is great for scanning servers."
"The most valuable feature is the breadth of vulnerabilities that it finds. It's able to find across a lot of different platforms and operating systems. It's also able to combine local testing with network-based testing."
"We have around 500 virtual machines. Therefore, we conduct monthly scans and open tickets for our developers to address identified vulnerabilities. These scans cover the servers, other network equipment, and appliances in our infrastructure."
"The most valuable aspect of this solution is that you receive the entire report, which details the breakdown, especially in terms of critical, high, low, and mediums."
"The features of Tenable Nessus that I have found most valuable are its reliability and its ability to collate a dependable output, where we are able to get the same vulnerability when we test manually. The output is quite reliable."
"The tool needs to have the ability to mitigate vulnerabilities with alternative solutions."
"SecurityScorecard's technical team's response time is an area that my company expects to be made faster."
"They could improve the process with a questionnaire module for the product."
"There could be more information in regards to solving problems like hints on what specifically to look for."
"The features are limited when it comes to scanning network devices for vulnerabilities."
"They should improve the I/O reporting and the customized spreadsheet export feature."
"One area that has room for improvement is the reporting. I'm preparing reports for Windows and Linux machines, etc. Currently, I'm collecting three or four reports and turning them into one report. I don't know if it is possible to combine all of them in one report, but that would be helpful."
"They should try to create an all-in-one solution."
"You can scale Nessus to the extent that you can afford it. You need to have a license for every device you scan. As long as you can afford the increased costs, you won't have a problem scaling it."
"The tool needs to upgrade asset tracking."
"The reporting feature needs to be improved."
"It wasn't very clear how the scripts are running the scans. There's information about the script but it's not straightforward. The script information for each of the plugins should be available, but it doesn't give us straightforward direct information about how it was executed. That needs to be more clear."
SecurityScorecard is ranked 5th in IT Vendor Risk Management with 4 reviews while Tenable Nessus is ranked 3rd in Vulnerability Management with 75 reviews. SecurityScorecard is rated 8.0, while Tenable Nessus is rated 8.4. The top reviewer of SecurityScorecard writes "Easy-to-deploy product with good technical support services ". On the other hand, the top reviewer of Tenable Nessus writes "Unlimited assets for one price and quick, agentless results". SecurityScorecard is most compared with Bitsight Third-Party Risk Management, Recorded Future, RiskRecon, Rapid7 InsightVM and Qualys VMDR, whereas Tenable Nessus is most compared with Qualys VMDR, Rapid7 InsightVM, Tenable Security Center, Tenable Vulnerability Management and Pentera.
We monitor all IT Vendor Risk Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.