I currently use Nessus Pro for vulnerability scanning and management and I'm looking to add additional reporting and tracking of the history of my hosts to the setup. I've noticed that Nessus Pro greatly lacks any form of reporting and dashboard creation. The two solutions to this appear to be Security Center(on-prem) or Tenable.IO Vulnerability Management (cloud). I'm looking to get some opinions from those that use or have looked into using these two products what seem to be the pros and cons of each.
I am using Nessus Pro as well and fully agree with you, lacking reporting and snap-ins.
We are looking at moving towards Nessus Manager which have much better reporting and snap-ip.
If you need to inspiration, i suggest you to look at the Tenable education site. There are a tons of videos, very well made.
You have video for Nessus pro, manager, Security center and IO ( i think)
Security Center is the more matured and functional product at this point. IO does look to be the future of their products though as they are pressing hard to convert people to it (and to subscription based liscensing...). We started with SC and recently looked at going IO but from a liscensing an functionality standpoint it wasn’t a good fit for us. I’m sure over more time they will shore up some of the functionality gaps between IO and SC but that may be moot if IO would work for you as is today.
Yeah I think we are leaning towards Tenable.IO over Security Center. SC does appear to be more feature filled then IO. We are looking into pricing for both right now to see where they stack up. That and a good POC will validate that IO can meet the reporting requirements we are looking for.
Thanks for your input.
I know this thread is a little dated, but I'll give you the rundown of both.
Currently, SC is the more mature product. With SecurityCenter, you have over 350 dashboards and reports, dynamic asset lists, automated events, RBAC, etc. It's downfall is that it's an IP-based model, so if you have DHCP or transient assets then SC will think the asset is a different machine every time it changes IP addresses.
Tenable.IO will one day have most of the functional parity from SC, but it's not there yet. The big advantage is that it uses an Asset based model instead of IP. Every unique asset gets assigned a GUID so it's tracked as the same asset no matter what changes. Tenable.IO also lets you expand into the Container and WAS markets with it's additional modules. If you are coming from Nessus Pro and don't mind your data being in the cloud, Tenable.IO would be my recommendation. I wouldn't send a SC user to T.IO until it's done some more maturing though.
Much appreciated feed back from everyone in this thread. Just to close the loop we did end up going with Security Center over IO specifically because the product is more mature and fits the needs (and cost) we were looking for. After speaking with the rep. it should be semi easy to migrate into IO once it gains more features but SC solved our use cases quite well.
Agreed Pro feels stripped down since the last maybe two major releases only to expose the flaws in both Pro and .IO in general.
Keep in mind, if not watch a video or two, creating a scanning and reporting routine is first divided into two phases: Object creation and reporting. No longer a one step configuration as happened in the past. The latest reporting is truly worth the effort and cost if your so inclined but setup may take longer than initially expected.
I did break one process with Golden Gate in the
Network Vulnerability Analyzer (NVA) allows users of the Nessus scanner to combine multiple .nessus files into Composite Scans.
Scans can be composed of .nessus files that are produced from multiple scanner runs.
Fulfilling the needs of an organization to run scans on numerous devices can be very time consuming.
Composite Scans allow an organization to scan subsets of all their devices and start the analysis immediately, while the rest of the devices continue to be scanned.
Each .nessus file produced by scanning a subset of devices can be later added to the Composite Scan.
NVA allows individual Composite Scans to be analyzed and compared.
Scan comparison allows an organization to determine and prove whether security measures are implemented promptly and efficiently, resulting in reducing the number of vulnerabilities.
Reports can be analyzed in tabular and graphic format and can also be exported to various file formats (.xls, .csv, .xml) for further analysis.
To get a quick idea of whether the NVA would benefit your company's needs, create a Demo Account.
This gives you 15 days to play around with the tool and get familiar with its capabilities.
Demo Accounts provide example Composite Scans, Scan Comparisons, and an Admin and non-Admin user.
Demo Accounts are Read-Only.
The content of the .nessuss files are encrypted on load, and resides encrypted in our DB which is running in the Amazon Cloud.
Licensing is based on the number of users that can access NVA at the same time.
There is no limit on the number of devices being scanned.
Monthly and Yearly Subscriptions are available.
Subscription can be canceled at any time and a prorated refund will be issued for the unused portion.