We performed a comparison between Tenable Nessus and Acunetix based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Comparison results: Based on the parameters we compared, Tenable Nessus comes out ahead of Acunetix. Even though both solutions offer beneficial vulnerability scanning and a proactive approach, Acunetix’s two-year licensing plan is less flexible than that of its competitor, and its need for manual resolution of false positives leaves room for improvement.
"The tool's most valuable feature is scan configurations. We use it for external physical applications. The scanning time depends on the application's code."
"I haven't seen reporting of that level in any other tool."
"We use the solution for the scanning of vulnerabilities like SQL injections."
"Our developers can run the attacks directly from their environments, desktops."
"The most important feature is that it's a web-based graphical user interface. That is a great addition. Also, the ability to schedule scans is great."
"We are able to create a report which shows the PCI DSS scoring and share it with the application teams. Then, they can correlate and see exactly what they need to fix, and why."
"Acunetix is the best service in the world. It is easy to manage. It gives a lot of information to the users to see and identify problems in their site or applications. It works very well."
"It comes equipped with an internal applicator, which automatically identifies and addresses vulnerabilities within the program."
"User friendly and good dashboards."
"The most valuable feature is the installation of Tenable which is incredibly easy."
"The initial setup is very straightforward."
"The most valuable feature is how it scanned and detected through its database to let us know exactly what fixes we needed to put in place for the vulnerabilities. It detects and it also gives you the way to fix it."
"My favorite part about Nessus is that you can customize the tool to scan exactly what you want. Microsoft releases new patches monthly on Patch Tuesday, and a lot of companies track that date. I set up Nessus for the day after Patch Tuesday to see which devices have already pushed those updates from Microsoft, so we can stay updated."
"Tenable Nessus is an absolutely stable and fantastic product."
"Nessus gives me a good preview of vulnerabilities and good suggestions for remediation. It's easy to find a description of a given vulnerability and solutions for it."
"It is easy to deploy and easy to use. Its reporting is good. From this reporting, you can see the pain point in your network, which makes it easy to fix them. It is easy to understand the reports and export them."
"While we do have it integrated with other solutions, it could still offer more integrations."
"It would be nice to have a feature to "retest" only a single vulnerability that the customer reports as patched, and delete it from the next scans since it has already been patched."
"Acunetix needs to be dynamic with JavaScript code, unlike Netsparker which can scan complex agents."
"Integration into other tools is very limited for Acunetix. While we're trying to incorporate a CI/CD process where we're integrating with JIRA and we're integrating with Jenkins and Chef, it becomes problematic. Other tools give you a high integration capability to connect into different solutions that you may already have, like JIRA."
"The solution's pricing could be better."
"Acunetix needs to improve its cost."
"Acunetix needs to include agent analysis."
"Tools that would allow us to work more efficiently with the mobile environment, with Android and iOS."
"Multiple user access would be an area for improvement from a user-access perspective. A role-based access control feature would be great because at present, there is a limitation with only one account. If that account gets compromised or gets locked, then we will encounter problems."
"I would like to see an improvement in the ranking of high, medium and low vulnerability."
"This is still a maturing product. Tenable is only a scanner for one ability, while other solutions like Rapid7 have more tools for verification. We still have to manually verify to see if the vulnerability is a false positive or not."
"Tenable Nessus could improve the reporting."
"They should improve the I/O reporting and the customized spreadsheet export feature."
"The solution could improve security updates."
"Remediation needs improvement."
"We use credentialed scans. They need more permissions and more changes or settings on Windows and Linux."
Acunetix is ranked 15th in Vulnerability Management with 26 reviews while Tenable Nessus is ranked 3rd in Vulnerability Management with 75 reviews. Acunetix is rated 7.6, while Tenable Nessus is rated 8.4. The top reviewer of Acunetix writes "Fantastic reporting features hindered by slow scanning ". On the other hand, the top reviewer of Tenable Nessus writes "Unlimited assets for one price and quick, agentless results". Acunetix is most compared with OWASP Zap, Tenable.io Web Application Scanning, PortSwigger Burp Suite Professional, HCL AppScan and Qualys Web Application Scanning, whereas Tenable Nessus is most compared with Qualys VMDR, Rapid7 InsightVM, Tenable Security Center, Tenable Vulnerability Management and Snyk. See our Acunetix vs. Tenable Nessus report.
See our list of best Vulnerability Management vendors.
We monitor all Vulnerability Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.