We performed a comparison between SecurityScorecard and Tenable Nessus based on real PeerSpot user reviews.
Find out what your peers are saying about RSA, OneTrust, BitSight and others in IT Vendor Risk Management."I rate the product's initial setup phase a nine on a scale of one to ten, where one is a difficult setup phase, and ten is an easy setup process."
"The solution helps identify our environment's vulnerabilities."
"One of its most effective features for risk identification is its enterprise-ready automation for third-party risk measurements."
"With its automated approach, nothing is missed on the IPs your organization is related to."
"We have around 500 virtual machines. Therefore, we conduct monthly scans and open tickets for our developers to address identified vulnerabilities. These scans cover the servers, other network equipment, and appliances in our infrastructure."
"Scanners and reports using CIS templates ("de-facto" standard, easy to fix and to locate correction tips at documentation), tests against cloud providers, database profiles, several types of telecom devices, and others highly customizable scans."
"Makes ransomware checking and OS auditing and implementation relatively easy."
"The features of Tenable Nessus that I have found most valuable are its reliability and its ability to collate a dependable output, where we are able to get the same vulnerability when we test manually. The output is quite reliable."
"The automatic scanner and scheduler are pretty cool."
"The plug-in text information is quite useful."
"The initial setup of Tenable Nessus is very easy."
"It is easy to deploy and easy to use. Its reporting is good. From this reporting, you can see the pain point in your network, which makes it easy to fix them. It is easy to understand the reports and export them."
"There could be more information in regards to solving problems like hints on what specifically to look for."
"SecurityScorecard's technical team's response time is an area that my company expects to be made faster."
"They could improve the process with a questionnaire module for the product."
"The tool needs to have the ability to mitigate vulnerabilities with alternative solutions."
"Technically, it is an excellent and the best solution available in Libya. My only concern is related to its pricing. They are an emerging company in Libya, and they need to put in some effort to provide us with very good prices so that customers can go with the best solution. Chinese companies are getting into the market here, and they're providing very cheap solutions."
"The price and scalability of the solution could improve."
"The solution should be able to support more devices."
"It would be nice for the professional module to include some of the reports available in the expert module."
"The reporting is a bit cumbersome."
"It would be better if they had application-level support for mobile devices. They don't have anything to scan mobile devices. Tenable Nessus doesn't have a mobile application vulnerability assessment. I also have issues with the false positive rates. The product has limited features."
"I think the reporting templates could be improved with Tenable Nessus."
"We have had some false positives in the past, which we hope can improve in the future."
SecurityScorecard is ranked 5th in IT Vendor Risk Management with 4 reviews while Tenable Nessus is ranked 3rd in Vulnerability Management with 75 reviews. SecurityScorecard is rated 8.0, while Tenable Nessus is rated 8.4. The top reviewer of SecurityScorecard writes "Easy-to-deploy product with good technical support services ". On the other hand, the top reviewer of Tenable Nessus writes "Unlimited assets for one price and quick, agentless results". SecurityScorecard is most compared with Bitsight Third-Party Risk Management, Recorded Future, RiskRecon, Rapid7 InsightVM and Black Kite, whereas Tenable Nessus is most compared with Qualys VMDR, Rapid7 InsightVM, Tenable Vulnerability Management, Tenable Security Center and Pentera.
We monitor all IT Vendor Risk Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.