Nessus
Nessus is one of the most popular and capable vulnerability scanners, particularly for UNIX systems. It was initially free and open source, but they closed the source code in 2005 and removed the free "Registered Feed" version in 2008. It now costs $2,190 per year, which still beats many of its competitors. A free “Nessus Home” version is also available, though it is limited and only licensed for home network use.
Nessus is constantly updated, with more than 70,000 plugins. Key features include remote and local (authenticated) security checks, a client/server architecture with a web-based interface, and an embedded scripting language for writing your own plugins or understanding the existing ones. For downloads and more information, visit the Nessus homepage.
- Popularity
- #3, 2
- Latest release
- 6.3.3
- March 16, 2015 (9 years, 8 months ago)
- Links
- Rating
- ★★★ (14)
★★★★★29% ★★★★14% ★★★0% ★★29% ★29%
Nessus changed the free version from Home to Essentials, and it's available for home and business. It will scan up to 16 devices for free: https://www.tenable.com/products/nessus/nessus-essentials
Found the link for the home version of Nessus: https://www.tenable.com/products/nessus-home
Nessus is no longer available via the Home feed, nor are there any other free offerings.
If we opt for the cloud version of Nessus does it support ADFS so that IT staff can login transparently. I see that it supports SAML This is for our on site testing so SSO will be a boon
Nessus Professional 7 will not have the restful API we're used to.
Tenable explanation do not pass any intellectual tests, beside forcing customers to they cloud platform.
Unlike me, I'm all their customers will be very happy to share their scan results with some corporate entity they have no control over.
I don't know what's the hot fuzz about nessus. I use nessus in a vm-image (kali) to scan my own network (win 8).. for this reason it's okay I guess.It's a free version so with the feeds.. For the commercial I wouldn't pay
For those looking for a commercial-grade vulnerability scanner, it's worth looking at Rapid7 Nexpose. Easy to use, flexible dashboards, and feeds intelligence from Metasploit.
To expensive and there are free and low cost alternatives. Start with kali toolkit, and nmap+plugins can be leveraged.
For small businesses that are tech savvy, I was looking forward to using this scanner. However the price hike this year makes it unattainable. 1200 a year was something that our business could cut here or there to have the self assurance. However the current price is ridiculous. I loved using the scanner for home testing, guess I'll be switching back to openvas
Nessus was one of the best FREE vuln scanners on the World...know they want a big amount of money , the support does nothing else then send you default messages and they takes 1-5 months to fix a bug or problem...to school security and make it stronger , this kind of tools no longer must be pay...FREE THE INTERNET , FUCK MONEY !
Been using Nessus since it was released, even paid for it for many years. NO MORE they cranked the price up 700 dollars in one year and their support sucks! Spend the money on anything else and their reporting still SUCKS!
This is one of the best NGVM solutions out there after OpenVAS. Qualys is a ripoff. I have been using Vulnerbaility scanners since both Nessus and SAINT were free. Tenable has done a good job improving the core functionalities of the product. I still use nmap for basic reconnaissance and host dicovery and use Nessus home edition and OpenVAs for VM.
Great software. I especially love how everything is automated.
We've been using the commercial version, which has been a bit slow. But lately the plugins have become unreliable. detecting a problem one scan that is ignored on the next with no changes done to the server tested. Currently looking for something better.
Not sure what some of the other reviews are talking about. I just installed the Home Feed, and was able to scan IPs off my local network (over the Internet), and had no licensing issues. Great product. Kicked out some nice reports that I can use.
Works alright for scheduled scans; but alternations are clunky and upgrades are painful. We use the enterprise edition. The world needs an easy to use stand-alone desktop edition again for one-off scans.
Apparently Tenable has recently stopped providing trial versions (even though their license agreement still states that they do) and minimal pre-purchase sales support because it was apparently taking up too much of their time. Still, when I queried about IOS XR support, I got a lot of run around and misdirection. IOS XR is not supported in case that matters to you. Even more disconcerting, for their plugins that indicate were for IOS XR, I checked the code of two of them and they do not obtain IOS XR version info or contains the affected versions in the matching statement. Finally, support from the sales organization was less than helpful and let us with a very bad impression. The only good thing I can say about Nessus is it's current lack of pricing per IP, which separates it from other functionality equivalent products, which greatly affects us because of our particular market.
Used Nessus for many years, usually the home feed. Lately, they changed the rules on the homefeed that makes it impossible to scan systems not on a LAN. Only private networks are allowed now. This made the program useless to me. Too bad, it was wonderful. Am moving to something else now.
Nessus is still the best, but since it became commercial We moved to OpenVAS
This is and awesome product. We use it all the time a great up to date vulnerability database.