Compare Rapid7 Metasploit vs. Tenable Nessus

Rapid7 Metasploit is ranked 6th in Vulnerability Management with 2 reviews while Tenable Nessus is ranked 1st in Vulnerability Management with 11 reviews. Rapid7 Metasploit is rated 7.0, while Tenable Nessus is rated 8.6. The top reviewer of Rapid7 Metasploit writes "The integration between Nmap, the database and Metasploit saves a lot of time. The initial setup was a bit tricky". On the other hand, the top reviewer of Tenable Nessus writes "Saves me significant time when putting together reports for compliance agencies". Rapid7 Metasploit is most compared with Tenable Nessus, Wireshark and Rapid7 InsightVM, whereas Tenable Nessus is most compared with Qualys VM, Rapid7 InsightVM and Rapid7 Metasploit. See our Rapid7 Metasploit vs. Tenable Nessus report.
Cancel
You must select at least 2 products to compare!
Rapid7 Metasploit Logo
5,107 views|3,528 comparisons
Tenable Nessus Logo
10,341 views|8,217 comparisons
Most Helpful Review
Find out what your peers are saying about Rapid7 Metasploit vs. Tenable Nessus and other solutions. Updated: January 2020.
391,932 professionals have used our research since 2012.
Quotes From Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros
The option to generate phishing emails has proven to be very valuable in understanding the behavior of users.It contains almost all the available exploits and payloads.It's not possible to do penetration testing without being very proficient in Metasploit.

Read more »

Nessus gives me a good preview of vulnerabilities and good suggestions for remediation. It's easy to find a description of a given vulnerability and solutions for it.The most valuable feature is how it scanned and detected through its database to let us know exactly what fixes we needed to put in place for the vulnerabilities. It detects and it also gives you the way to fix it.Among the most valuable features are scanning for vulnerabilities and the reporting. The reporting templates are okay. I like that I can see all the hosts with different vulnerabilities.The most valuable feature is the breadth of vulnerabilities that it finds. It's able to find across a lot of different platforms and operating systems. It's also able to combine local testing with network-based testing.Nessus is good at finding out what nodes you have in place. It will then provide you a report, by node, of what the vulnerabilities are. It does it quickly and stealthfully.It also has an executive report where you don't have to provide the client all the detail for them to sift though. But if they wish to dig through the detail they can.The solution is very stable.I find the features that are most valuable are the policies that help us identify the vulnerabilities. These policies are then used for scanning instabilities and then identifying the particular vulnerabilities.

Read more »

Cons
Metasploit cannot be installed on a machine with an antivirus.It is necessary to add some training materials and a tutorial for beginners.The initial setup was a bit "tweaky" for the open-source version.

Read more »

One area that has room for improvement is the reporting. I'm preparing reports for Windows and Linux machines, etc. Currently, I'm collecting three or four reports and turning them into one report. I don't know if it is possible to combine all of them in one report, but that would be helpful.There is room, overall, for improvement in the way it groups the workstations and the way it detects, when the vulnerability is scanned. Even when we would run a new scan, if it was an already existing vulnerability, it wouldn't put a new date on it.We use credentialed scans. They need more permissions and more changes or settings on Windows and Linux.There is room for improvement in finishing the transition to the cloud. We'd like to see them keep on improving the Tenable.io product, so that we can migrate to it entirely, instead of having to keep the Tenable.sc on-prem product.One area with room for improvement is instead of there just being a PDF format for output, I'd like the option of an Excel spreadsheet, whereby I could better track remediation efforts and provide reporting off of that.I would like to see an improvement in the ranking of high, medium and low vulnerability.We have had some false positives in the past, which we hope can improve in the future.This is still a maturing product. Tenable is only a scanner for one ability, while other solutions like Rapid7 have more tools for verification. We still have to manually verify to see if the vulnerability is a false positive or not.

Read more »

Pricing and Cost Advice
It is expensive. Our license expired, and our company is not thinking to renew because of our budget.I use the open-source version of this product. Pricing is not relevant.

Read more »

I think the price is fairly affordable. It provides a license that is fair.The price of Tenable Nessus is much more competitive versus other solutions on the market.The pricing is much more manageable versus other products.

Read more »

report
Use our free recommendation engine to learn which Vulnerability Management solutions are best for your needs.
391,932 professionals have used our research since 2012.
Ranking
6th
Views
5,107
Comparisons
3,528
Reviews
2
Average Words per Review
314
Avg. Rating
7.0
1st
Views
10,341
Comparisons
8,217
Reviews
11
Average Words per Review
664
Avg. Rating
8.5
Top Comparisons
Compared 62% of the time.
Compared 11% of the time.
Compared 27% of the time.
Compared 20% of the time.
Compared 19% of the time.
Also Known As
Metasploit
Learn
Rapid7
Tenable Network Security
Overview

Attackers are always developing new exploits and attack methods—Metasploit penetration testing software helps you use their own weapons against them. Utilizing an ever-growing database of exploits, you can safely simulate real-world attacks on your network to train your security team to spot and stop the real thing.

Nessus Professional is the industry’s most widely deployed assessment solution for identifying the vulnerabilities, configuration issues, and malware that attackers use to penetrate your, or your customer's network. With the broadest coverage, the latest intelligence, rapid updates, and an easy-to-use interface, Nessus offers an effective and comprehensive vulnerability scanning package for one low cost.

Offer
Learn more about Rapid7 Metasploit
Learn more about Tenable Nessus
Sample Customers
City of Corpus Christi, Diebold, Lumenate, Nebraska Public Power District, Prairie North Regional Health, Apptio, Automation Direct, Bob's Stores, Cardinal Innovations Healthcare Solutions, Carnegie Mellon UniversityBitbrains, Tesla, Just Eat, Crosskey Banking Solutions, Covenant Health, Youngstown State University
Top Industries
VISITORS READING REVIEWS
Software R&D Company28%
Comms Service Provider26%
Media Company8%
Non Profit7%
REVIEWERS
Healthcare Company25%
Comms Service Provider13%
Retailer13%
Logistics Company13%
VISITORS READING REVIEWS
Software R&D Company30%
Comms Service Provider17%
Media Company8%
Insurance Company4%
Find out what your peers are saying about Rapid7 Metasploit vs. Tenable Nessus and other solutions. Updated: January 2020.
391,932 professionals have used our research since 2012.
We monitor all Vulnerability Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.