• Home
  • Cisco Vulnerability Management (formerly Kenna.VM) vs. Tenable Nessus

Cisco Vulnerability Management (formerly Kenna.VM) vs Tenable Nessus comparison

Cancel
You must select at least 2 products to compare!
Comparison Buyer's Guide
Download the complete report
Buyer's Guide
Risk-Based Vulnerability Management
April 2024
Executive Summary

We performed a comparison between Cisco Vulnerability Management (formerly Kenna.VM) and Tenable Nessus based on real PeerSpot user reviews.

Find out what your peers are saying about Tenable, Qualys, Rapid7 and others in Risk-Based Vulnerability Management.
To learn more, read our detailed Risk-Based Vulnerability Management Report (Updated: April 2024).
Download the complete report
768,578 professionals have used our research since 2012.
Featured Review
AshishPaliwal
Offers contextual prioritization and risk-based remediation of vulnerability
Bryan Evans
Useful vulnerability detection, highly scalable, and good support
Tenable Nessus allows us to keep up on fixing the vulnerabilities that are either being exploited in the wild or the ones that we find most critical.
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"The risk context of any vulnerability is a valuable feature."

More Cisco Vulnerability Management (formerly Kenna.VM) Pros →

"The stability is very good.""It's scalable.""Once you get past the initial implementation, the solution is very stable.""We have around 500 virtual machines. Therefore, we conduct monthly scans and open tickets for our developers to address identified vulnerabilities. These scans cover the servers, other network equipment, and appliances in our infrastructure.""I find the features that are most valuable are the policies that help us identify the vulnerabilities. These policies are then used for scanning instabilities and then identifying the particular vulnerabilities.""Out of the box, the product works well for us, so it's not a tool that we need to customize very much.""I like its ease of use. It has the script that is pre-built in it, and you just got to know which ones you're looking for.""The solution can scale well."

More Tenable Nessus Pros →

Cons
"An improvement would be some sort of an integration with any GRC suite."

More Cisco Vulnerability Management (formerly Kenna.VM) Cons →

"The price could be more reasonable. I used the free Nessus version in my lab with which you can only scan 16 IP addresses. If I wanted to put it in the lab in my network at work, and I'm doing a test project that has over 30 nodes in it, I can't use the free version of Nessus to scan it because there are only 16 IP addresses. I can't get an accurate scan. The biggest thing with all the cybersecurity tools out there nowadays, especially in 2020, is that there's a rush to get a lot of skilled cybersecurity analysts out there. Some of these companies need to realize that a lot of us are working from home and doing proof of concepts, and some of them don't even offer trials, or you get a trial and it is only 16 IP addresses. I can't really do anything with it past 16. I'm either guessing or I'm doing double work to do my scans. Let's say there was a license for 50 users or 50 IP addresses. I would spend about 200 bucks for that license to accomplish my job. This is the biggest complaint I have as of right now with all cybersecurity tools, including Rapid7, out there, especially if I'm in a company that is trying to build its cybersecurity program. How am I going to tell my boss, who has no real budget of what he needs to build his cybersecurity program, to go spend over $100,000 for a tool he has never seen, whereas, it would pack the punch if I could say, "Let me spend 200 bucks for a 50 user IP address license of this product, do a proof of concept to scan 50 nodes, and provide the reason for why we need it." I've been a director, and now I'm an ISO. When I was a director, I had a budget for an IT department, so I know how budgets work. As an ISO, the only thing that's missing from my C-level is I don't have to deal with employees and budgets, but I have everything else. It's hard for me to build the program and say, "Hey, I need these tools." If I can't get a trial, I would scratch that off the list and find something else. I'm trying to set up Tenable.io to do external PCI scans. The documentation says to put in your IP addresses or your external IP addresses. However, if the IP address is not routable, then it says that you have to use an internal agent to scan. This means that you set up a Nessus agent internally and scan, which makes sense. However, it doesn't work because when you use the plugin and tell it that it is a PCI external, it says, "You cannot use an internal agent to scan external." The documentation needs to be a little bit more clear about that. It needs to say if you're using the PCI external plugin, all IP addresses must be external and routable. It should tell the person who's setting it up, "Wait a minute. If you have an MPLS network and you're in a multi-tenant environment and the people who hold the network schema only provide you with the IP addresses just for your tenant, then you are not going to know what the actual true IP address that Tenable needs to do a PCI scan." I've been working on Tenable.io to set up PCI scans for the last ten days. I have been going back and forth to the network thinking I need this or that only to find out that I'm teaching their team, "Hey, you know what, guys? I need you to look past your MPLS network. I need you to go to the edge's edge. Here's who you need to ask to give me the whitelist to allow here." I had the blurb that says the plugin for external PCI must be reachable, and you cannot use an internal agent. I could have cut a few days because I thought I had it, but then when I ran it, it said that you can't run it this way. I wasted a few hours in a day. In terms of new features, it doesn't require new features. It is a tool that has been out there for years. It is used in the cybersecurity community. It has got the CV database in it, and there are other plugins that you could pass through. It has got APIs you can attach to it. They can just improve the database and continue adding to the database and the plugins to make sure those don't have false positives. If you're a restaurant and you focus on fried chicken, you have no business doing hamburgers.""Model OS costs (and its segregation schema for individual modules).""Tenable Nessus is not feasible for a large company.""The price and scalability of the solution could improve.""It would be nice for the professional module to include some of the reports available in the expert module.""In terms of what could be improved, I would say its reporting portion.""There is room, overall, for improvement in the way it groups the workstations and the way it detects, when the vulnerability is scanned. Even when we would run a new scan, if it was an already existing vulnerability, it wouldn't put a new date on it.""You can scale Nessus to the extent that you can afford it. You need to have a license for every device you scan. As long as you can afford the increased costs, you won't have a problem scaling it."

More Tenable Nessus Cons →

Pricing and Cost Advice
  • "I think the pricing is based on the number of endpoints, so it's more subscription-based."

    • More Cisco Vulnerability Management (formerly Kenna.VM) Pricing and Cost Advice →

  • "The pricing is much more manageable versus other products."
  • "The price of Tenable Nessus is much more competitive versus other solutions on the market."
  • "I think the price is fairly affordable. It provides a license that is fair."
  • "Nowadays, your vulnerability applications are going to be kind of pricey because lots of them, including Rapid7, are based upon a base price, but then they add in the nodes. That's where they get you. If you're a big network, obviously, you need to scan everything. Therefore, it's going to be costly. The risk and insurance money associated with having ransomware on my networks is going to cost me more money, time, and marketing than the price of the tool. That's why I'm speaking only as an information security officer to security operations. This is the tool that is there in my toolbox to say whether we vulnerable or not. At this point, I don't care about how much it costs my company to have it because if I wasn't able to report it and we got ransomware, then who cares? I'm probably going to be out of business because it happened. That's why I don't care about the price. I have it, and I could use it effectively and do my report. At the end of the day, even if we get ransomware, as long as I reported it, followed my protocol, and put in the change, irrespective of whether it was ignored or denied, I did my job."
  • "We pay approximately $2,500 on a yearly basis."
  • "We have a subscription, the licensing fees are paid yearly, and I am using the latest version."
  • "We incurred a single cost for a perpetual license, although I cannot comment on the price as this is above my management level."
  • "The price is reasonable."

    • More Tenable Nessus Pricing and Cost Advice →

    report
    See Which Vendors Are Best For You
    Use our free recommendation engine to learn which Risk-Based Vulnerability Management solutions are best for your needs.
    See Recommendations
    768,578 professionals have used our research since 2012.
    Questions from the Community
    What do you like most about Kenna.VM?
    Top Answer:The risk context of any vulnerability is a valuable feature.
    What is your experience regarding pricing and costs for Kenna.VM?
    Top Answer:I think the pricing is based on the number of endpoints, so it's more subscription-based. If you have 10 computers versus a million computers, obviously the pricing will change.
    What needs improvement with Kenna.VM?
    Top Answer:An improvement would be some sort of an integration with any GRC suite. There are a lot of GRC suites available, like Archer, MetricStream, Rsam, Protiviti, for example. So how would a solution like… more »
    How would you choose between Rapid7 InsightVM and Tenable Nessus?
    Top Answer:You have full visibility across cloud, network, virtual, and containerized infrastructures with Rapid7 Insight VM. You can easily prioritize vulnerabilities using attacker analytics. Overall, Rapid7… more »
    Read all 2 answers   →
    What's the difference between Tenable Nessus and Tenable.io Vulnerability...
    Top Answer: Tenable Nessus is a vulnerability assessment solution that is both easy to deploy and easy to manage. The design of the program is such that if a company should desire to handle the installation… more »
    Read all 2 answers   →
    What do you like most about Tenable Nessus?
    Top Answer:We have around 500 virtual machines. Therefore, we conduct monthly scans and open tickets for our developers to address identified vulnerabilities. These scans cover the servers, other network… more »
    Read all 53 answers   →
    Ranking
    10th
    out of 37 in Risk-Based Vulnerability Management
    Views
    684
    Comparisons
    473
    Reviews
    1
    Average Words per Review
    498
    Rating
    8.0
    3rd
    out of 110 in Vulnerability Management
    Views
    11,726
    Comparisons
    8,496
    Reviews
    30
    Average Words per Review
    422
    Rating
    8.4
    Comparisons
    Also Known As
    Kenna.VM, Kenna Security, Kenna, Kenna Security Platform
    Learn More
    Cisco
    Tenable
    Overview

    Cisco Vulnerability Management equips you with the contextual insight and threat intelligence needed to intercept the next exploit and respond with precision.

    Prioritization is no longer a dark art—it's data science. Advanced algorithms, combined with rich internal and external intel, offer recommended fixes that will lower risk in as few moves as possible.

    Track vulnerability fluctuations and forecast weaponization with up to 94% accuracy, giving you the chance to remediate high-risk vulnerabilities before bad actors can mount an attack.

    With more than 19 threat intelligence feeds at your fingertips, you gain a comprehensive view of emerging threats, shifting trends, and your own risk profile.

    A single source of data-verified truth aligns security and IT, eliminating friction and freeing up resources. And intuitive, simplified risk scores help you generate reports anyone can understand.

    Tenable Nessus is a vulnerability management solution that aims to empower organizations to be aware of threats that both they and their customers face. It is the most deployed scanner in the vulnerability management industry. Organizations that use this product have access to the largest continuously updated global library of vulnerability and configuration checks. They can stay ahead of threats that Tenable Nessus’s competitors may be unable to spot. Additionally, Tenable Nessus supports a greater number of technologies than its competitors.

    Tenable Nessus Benefits

    Some of the ways that organizations can benefit by deploying Tenable Nessus include:

    • Ease of use. Tenable Nessus is designed with security administrators in mind. It is built so that users can manipulate it intuitively without having to undergo special systems training. Users can create security policies with the greatest level of ease and can initiate scans of their entire networks with only a few clicks.
    • Support and resources. Tenable Nessus has both a support system of clarification resources and technical support for users to rely on. The solution has a resource center that contains guides and tips that can clarify things that confuse users and can aid them in gaining the maximum level of value. Additionally, users can reach out to Tenable Nessus’s technical support team, which is available around the clock and is reachable via a number of methods. This makes it simple for users to get help if they need it.
    • Reduction of threat vectors. Tenable Nessus provides users with the ability to reduce the number of potential threat vectors that a hacker can exploit. It enables users to find where the vulnerabilities in their networks are so their security won’t be compromised. They can then quickly address those weak points and head off issues before any have the chance to arise.

    Tenable Nessus Features

    • Report customization. Tenable Nessus enables users to customize the security reports that their system produces. They are able to set Tenable Nessus to generate reports that contain the information that is most relevant to their business objectives. Users can also utilize these report customization capabilities to customize the formats of their reports.
    • Vulnerability triage capability. Included in the Tenable Nessus security suite is a feature that enables users to conduct a triage of their vulnerabilities. The solution can apply one of five ratings to vulnerabilities that it detects. This makes it possible for organizations to work on addressing issues by order of severity.
    • Scaling. Tenable Nessus can scale to meet an organization’s needs by migrating the network that it is connected to, to other Tenable solutions. Users can scale up their systems as their security demands increase. It is capable of reaching hundreds of thousands of systems.

    Reviews from Real Users

    Tenable Nessus is a solution that stands out when compared to many of its competitors. Two major advantages it offers are its ease of use and its vulnerability scanning feature.

    Rallis F., the principal security architect at a technology vendor, writes, “The ease of use is the primary valuable feature. This specific version is very straightforward. I like the ability to modify it and configure it based on the different policies.”

    Sandip D., a cyber security expert at Birlasoft India Ltd, writes, “The vulnerability scanner is the most valuable feature. It's an important feature for us. We use the plugin output for that. It shows us the exact version of Nessus and what is needed for remediation. Based on that, we decide what should be remediated first to get the best result for security.”

    Sample Customers
    TransUnion
    Bitbrains, Tesla, Just Eat, Crosskey Banking Solutions, Covenant Health, Youngstown State University
    Top Industries
    VISITORS READING REVIEWS
    Computer Software Company22%
    Financial Services Firm13%
    Insurance Company7%
    Retailer7%
    REVIEWERS
    Computer Software Company14%
    Financial Services Firm12%
    Security Firm9%
    Manufacturing Company9%
    VISITORS READING REVIEWS
    Educational Organization34%
    Computer Software Company11%
    Government7%
    Financial Services Firm7%
    Company Size
    VISITORS READING REVIEWS
    Small Business13%
    Midsize Enterprise20%
    Large Enterprise67%
    REVIEWERS
    Small Business40%
    Midsize Enterprise22%
    Large Enterprise38%
    VISITORS READING REVIEWS
    Small Business16%
    Midsize Enterprise43%
    Large Enterprise41%
    Buyer's Guide
    Risk-Based Vulnerability Management
    April 2024
    Download Free Report
    Find out what your peers are saying about Tenable, Qualys, Rapid7 and others in Risk-Based Vulnerability Management. Updated: April 2024.
    DOWNLOAD NOW
    768,578 professionals have used our research since 2012.

    Cisco Vulnerability Management (formerly Kenna.VM) is ranked 10th in Risk-Based Vulnerability Management with 1 review while Tenable Nessus is ranked 3rd in Vulnerability Management with 75 reviews. Cisco Vulnerability Management (formerly Kenna.VM) is rated 8.0, while Tenable Nessus is rated 8.4. The top reviewer of Cisco Vulnerability Management (formerly Kenna.VM) writes "Offers contextual prioritization and risk-based remediation of vulnerability". On the other hand, the top reviewer of Tenable Nessus writes "Unlimited assets for one price and quick, agentless results". Cisco Vulnerability Management (formerly Kenna.VM) is most compared with Rapid7 InsightVM, Qualys VMDR, Tenable Security Center, Ivanti Neurons for RBVM and Avalor, whereas Tenable Nessus is most compared with Qualys VMDR, Rapid7 InsightVM, Tenable Security Center, Tenable Vulnerability Management and Pentera.

    We monitor all Risk-Based Vulnerability Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.