Compare Rapid7 Metasploit vs. Tenable Nessus

Cancel
You must select at least 2 products to compare!
Rapid7 Metasploit Logo
6,150 views|3,713 comparisons
Tenable Nessus Logo
18,300 views|14,278 comparisons
Most Helpful Review
Find out what your peers are saying about Rapid7 Metasploit vs. Tenable Nessus and other solutions. Updated: November 2020.
448,290 professionals have used our research since 2012.
Quotes From Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros
"It's not possible to do penetration testing without being very proficient in Metasploit.""The option to generate phishing emails has proven to be very valuable in understanding the behavior of users.""It contains almost all the available exploits and payloads.""The most valuable feature for us is the support for testing Linux-based web server components.""The reporting on the solution is good.""All of the features are great."

More Rapid7 Metasploit Pros »

"We looked at Tenable, Qualys and Rapid7. We found Tenable was the best of all three.""Tenable Nessus streamlines the process of scanning for our organization.""I find the features that are most valuable are the policies that help us identify the vulnerabilities. These policies are then used for scanning instabilities and then identifying the particular vulnerabilities.""The solution is very stable.""The most valuable feature is the breadth of vulnerabilities that it finds. It's able to find across a lot of different platforms and operating systems. It's also able to combine local testing with network-based testing.""Nessus is good at finding out what nodes you have in place. It will then provide you a report, by node, of what the vulnerabilities are. It does it quickly and stealthfully.""It also has an executive report where you don't have to provide the client all the detail for them to sift though. But if they wish to dig through the detail they can.""Among the most valuable features are scanning for vulnerabilities and the reporting. The reporting templates are okay. I like that I can see all the hosts with different vulnerabilities."

More Tenable Nessus Pros »

Cons
"The initial setup was a bit "tweaky" for the open-source version.""Metasploit cannot be installed on a machine with an antivirus.""It is necessary to add some training materials and a tutorial for beginners.""Better automation capabilities would be an improvement.""The solution should improve the responsiveness of its live technical support.""At the time I was using it, the graphical user interface needed some improvements."

More Rapid7 Metasploit Cons »

"From my point of view the solution basically is not for the big enterprise.""This is still a maturing product. Tenable is only a scanner for one ability, while other solutions like Rapid7 have more tools for verification. We still have to manually verify to see if the vulnerability is a false positive or not.""We have had some false positives in the past, which we hope can improve in the future.""I would like to see an improvement in the ranking of high, medium and low vulnerability.""There is room for improvement in finishing the transition to the cloud. We'd like to see them keep on improving the Tenable.io product, so that we can migrate to it entirely, instead of having to keep the Tenable.sc on-prem product.""One area with room for improvement is instead of there just being a PDF format for output, I'd like the option of an Excel spreadsheet, whereby I could better track remediation efforts and provide reporting off of that.""We use credentialed scans. They need more permissions and more changes or settings on Windows and Linux.""There is room, overall, for improvement in the way it groups the workstations and the way it detects, when the vulnerability is scanned. Even when we would run a new scan, if it was an already existing vulnerability, it wouldn't put a new date on it."

More Tenable Nessus Cons »

Pricing and Cost Advice
"I use the open-source version of this product. Pricing is not relevant.""It is expensive. Our license expired, and our company is not thinking to renew because of our budget.""The great advantage with Rapid7 Metasploit, of course, is that it's free."

More Rapid7 Metasploit Pricing and Cost Advice »

"The pricing is much more manageable versus other products.""The price of Tenable Nessus is much more competitive versus other solutions on the market.""I think the price is fairly affordable. It provides a license that is fair."

More Tenable Nessus Pricing and Cost Advice »

report
Use our free recommendation engine to learn which Vulnerability Management solutions are best for your needs.
448,290 professionals have used our research since 2012.
Questions from the Community
Ask a question

Earn 20 points

Top Answer: Qualys is clearly the winner, especially with the new VMDR offering. 
Ranking
7th
Views
6,150
Comparisons
3,713
Reviews
5
Average Words per Review
468
Avg. Rating
7.4
1st
Views
18,300
Comparisons
14,278
Reviews
14
Average Words per Review
653
Avg. Rating
8.5
Popular Comparisons
Compared 12% of the time.
Compared 7% of the time.
Compared 6% of the time.
Compared 20% of the time.
Compared 19% of the time.
Compared 18% of the time.
Compared 4% of the time.
Also Known As
Metasploit
Learn
Rapid7
Tenable Network Security
Overview

Attackers are always developing new exploits and attack methods—Metasploit penetration testing software helps you use their own weapons against them. Utilizing an ever-growing database of exploits, you can safely simulate real-world attacks on your network to train your security team to spot and stop the real thing.

Nessus Professional is the industry’s most widely deployed assessment solution for identifying the vulnerabilities, configuration issues, and malware that attackers use to penetrate your, or your customer's network. With the broadest coverage, the latest intelligence, rapid updates, and an easy-to-use interface, Nessus offers an effective and comprehensive vulnerability scanning package for one low cost.

Offer
Learn more about Rapid7 Metasploit
Learn more about Tenable Nessus
Sample Customers
City of Corpus Christi, Diebold, Lumenate, Nebraska Public Power District, Prairie North Regional Health, Apptio, Automation Direct, Bob's Stores, Cardinal Innovations Healthcare Solutions, Carnegie Mellon UniversityBitbrains, Tesla, Just Eat, Crosskey Banking Solutions, Covenant Health, Youngstown State University
Top Industries
VISITORS READING REVIEWS
Comms Service Provider32%
Computer Software Company26%
K 12 Educational Company Or School4%
Media Company4%
REVIEWERS
Financial Services Firm25%
Healthcare Company17%
Retailer8%
Comms Service Provider8%
VISITORS READING REVIEWS
Computer Software Company30%
Comms Service Provider21%
Government6%
Media Company5%
Company Size
REVIEWERS
Small Business14%
Midsize Enterprise43%
Large Enterprise43%
REVIEWERS
Small Business29%
Midsize Enterprise43%
Large Enterprise29%
Find out what your peers are saying about Rapid7 Metasploit vs. Tenable Nessus and other solutions. Updated: November 2020.
448,290 professionals have used our research since 2012.

Rapid7 Metasploit is ranked 7th in Vulnerability Management with 5 reviews while Tenable Nessus is ranked 1st in Vulnerability Management with 14 reviews. Rapid7 Metasploit is rated 7.4, while Tenable Nessus is rated 8.6. The top reviewer of Rapid7 Metasploit writes "Straightforward to set up, and helpful for moving from development to production". On the other hand, the top reviewer of Tenable Nessus writes "Saves me significant time when putting together reports for compliance agencies". Rapid7 Metasploit is most compared with Wireshark, Rapid7 InsightVM, Qualys VM, Darktrace and Acunetix Vulnerability Scanner, whereas Tenable Nessus is most compared with Tenable.io Vulnerability Management, Rapid7 InsightVM, Qualys VM, Tenable SC and Tripwire IP360. See our Rapid7 Metasploit vs. Tenable Nessus report.

See our list of best Vulnerability Management vendors.

We monitor all Vulnerability Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.