• Home
  • JFrog Xray vs. Tenable Nessus

JFrog Xray vs Tenable Nessus comparison

Cancel
You must select at least 2 products to compare!
JFrog Logo
JFrog Xray
Read 7 JFrog Xray reviews
278 views|202 comparisons
100% willing to recommend
Tenable Logo
Tenable Nessus
Read 75 Tenable Nessus reviews
11,521 views|8,491 comparisons
98% willing to recommend
Comparison Buyer's Guide
Download the complete report
Buyer's Guide
JFrog Xray vs. Tenable Nessus
May 2024
Executive Summary

We performed a comparison between JFrog Xray and Tenable Nessus based on real PeerSpot user reviews.

Find out in this report how the two Vulnerability Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
To learn more, read our detailed JFrog Xray vs. Tenable Nessus Report (Updated: May 2024).
Download the complete report
771,212 professionals have used our research since 2012.
Featured Review
Sai Pradeep Koneti
Goes deep into the docker files and find out vulnerabilities
Previously, we used Checkmarx, but we didn't have a tool to scan artifacts before or after getting published in Artifactory. JFrog Xray fitted... Read more →
AmardeepSingh
Quick new vulnerabilities support, reliable, but security assessment could improve
Tenable Nessus has helped us with better visibility of the current security posture of our infrastructure and helped us be proactive about... Read more →
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"The solution is stable and reliable.""JFrog Xray shows us a list of vulnerabilities that can impact our code.""I would say that this solution has helped our organization by allowing us to automate a lot of the processes.""JFrog Xray's reporting feature has a lot of options in it, including scanning.""If multiple dependencies and vulnerabilities are found in a project, JFrog Xray is intelligent enough to tell you which vulnerability to target first.""The most valuable feature of JFrog Xray is the display of the entire internal dependencies hierarchy.""Good reporting functionalities."

More JFrog Xray Pros →

"The vulnerability scanner is the most valuable feature.""The most valuable aspect of this solution is that you receive the entire report, which details the breakdown, especially in terms of critical, high, low, and mediums.""Nessus is good at finding out what nodes you have in place. It will then provide you a report, by node, of what the vulnerabilities are. It does it quickly and stealthfully.""The most valuable feature is the breadth of vulnerabilities that it finds. It's able to find across a lot of different platforms and operating systems. It's also able to combine local testing with network-based testing.""The results are not that bad, but the key selling point is that it is an affordable tool set.""Once you get past the initial implementation, the solution is very stable.""The most valuable features of Tenable Nessus are the scanning option. Advanced scanning is highly useful. The offline config audits and application assessments are useful.""Nessus' most valuable feature is vulnerability management because it helps to discover vulnerabilities proactively and integrates with patch management solutions so you can push patches."

More Tenable Nessus Pros →

Cons
"I think that the user interface should be expanded to provide customers with a better dashboard for reviewing their feedback regarding their images and the vulnerabilities that are associated with the images.""JFrog Xray does not have a dashboard.""Since we have been using the solution via APIs, there are some limitations in the APIs.""The speed of JFrog Xray should improve. Other solutions have better performance.""Reporting is crucial, but it is lacking in the current tool. Every organization seeks specific data points rather than general information. Therefore, we require customized reports from the Xray tool.""Lacks deeper reporting, the ability to compare things.""JFrog Xray's documentation and error logging could be improved."

More JFrog Xray Cons →

"The solution could improve by having better integration with different vendors' IPS solutions. The ACLs and IPS policies signatures should be enabled based on the results of Tenable Nessus automatically, we currently have to do it manually which is very time-consuming. It has done a good job integrating with Fortinet but we would like it to be better integrated with other solutions that we have.""We'd like to see more integration potential within the solution.""This is still a maturing product. Tenable is only a scanner for one ability, while other solutions like Rapid7 have more tools for verification. We still have to manually verify to see if the vulnerability is a false positive or not.""Pricing is one of the most important features, and it is something that they can improve on.""Vulnerability recommendations are outdated and not in line with industry standards.""Tenable Nessus could improve the reporting.""There is room for improvement in finishing the transition to the cloud. We'd like to see them keep on improving the Tenable.io product, so that we can migrate to it entirely, instead of having to keep the Tenable.sc on-prem product.""The interface is a little bit clunky, and the reporting is not marvelous. There should be better integration of reporting between instances. Currently, the instance stands alone, and it produces a report. Being able to amalgamate those reports with another instance will be useful."

More Tenable Nessus Cons →

Pricing and Cost Advice
Information Not Available
  • "The pricing is much more manageable versus other products."
  • "The price of Tenable Nessus is much more competitive versus other solutions on the market."
  • "I think the price is fairly affordable. It provides a license that is fair."
  • "Nowadays, your vulnerability applications are going to be kind of pricey because lots of them, including Rapid7, are based upon a base price, but then they add in the nodes. That's where they get you. If you're a big network, obviously, you need to scan everything. Therefore, it's going to be costly. The risk and insurance money associated with having ransomware on my networks is going to cost me more money, time, and marketing than the price of the tool. That's why I'm speaking only as an information security officer to security operations. This is the tool that is there in my toolbox to say whether we vulnerable or not. At this point, I don't care about how much it costs my company to have it because if I wasn't able to report it and we got ransomware, then who cares? I'm probably going to be out of business because it happened. That's why I don't care about the price. I have it, and I could use it effectively and do my report. At the end of the day, even if we get ransomware, as long as I reported it, followed my protocol, and put in the change, irrespective of whether it was ignored or denied, I did my job."
  • "We pay approximately $2,500 on a yearly basis."
  • "We have a subscription, the licensing fees are paid yearly, and I am using the latest version."
  • "We incurred a single cost for a perpetual license, although I cannot comment on the price as this is above my management level."
  • "The price is reasonable."

    • More Tenable Nessus Pricing and Cost Advice →

    report
    See Which Vendors Are Best For You
    Use our free recommendation engine to learn which Vulnerability Management solutions are best for your needs.
    See Recommendations
    771,212 professionals have used our research since 2012.
    Questions from the Community
    What do you like most about JFrog Xray?
    Top Answer:JFrog Xray shows us a list of vulnerabilities that can impact our code.
    Read all 5 answers   →
    What needs improvement with JFrog Xray?
    Top Answer:There is a tool called DefectDojo for reporting. Reporting is crucial, but it is lacking in the current tool. Every organization seeks specific data points rather than general information. Therefore… more »
    Read all 5 answers   →
    What is your primary use case for JFrog Xray?
    Top Answer:We use this solution to identify vulnerabilities in the dependency file. We have the Artifactory package which integrates with Xray-like plugins. We can automatically plug this tool into Xray to… more »
    Read all 5 answers   →
    How would you choose between Rapid7 InsightVM and Tenable Nessus?
    Top Answer:You have full visibility across cloud, network, virtual, and containerized infrastructures with Rapid7 Insight VM. You can easily prioritize vulnerabilities using attacker analytics. Overall, Rapid7… more »
    Read all 2 answers   →
    What's the difference between Tenable Nessus and Tenable.io Vulnerability...
    Top Answer: Tenable Nessus is a vulnerability assessment solution that is both easy to deploy and easy to manage. The design of the program is such that if a company should desire to handle the installation… more »
    Read all 2 answers   →
    What do you like most about Tenable Nessus?
    Top Answer:We have around 500 virtual machines. Therefore, we conduct monthly scans and open tickets for our developers to address identified vulnerabilities. These scans cover the servers, other network… more »
    Read all 53 answers   →
    Ranking
    17th
    out of 111 in Vulnerability Management
    Views
    278
    Comparisons
    202
    Reviews
    6
    Average Words per Review
    495
    Rating
    8.2
    3rd
    out of 111 in Vulnerability Management
    Views
    11,521
    Comparisons
    8,491
    Reviews
    29
    Average Words per Review
    429
    Rating
    8.4
    Comparisons
    Black Duck logo
    Black Duck vs. JFrog Xray
    Compared 29% of the time.
    Snyk logo
    Snyk vs. JFrog Xray
    Compared 10% of the time.
    Mend.io logo
    Mend.io vs. JFrog Xray
    Compared 8% of the time.
    Veracode logo
    Veracode vs. JFrog Xray
    Compared 8% of the time.
    Trivy logo
    Trivy vs. JFrog Xray
    Compared 6% of the time.
    More JFrog Xray Competitors   →
    Qualys VMDR logo
    Qualys VMDR vs. Tenable Nessus
    Compared 29% of the time.
    Rapid7 InsightVM logo
    Rapid7 InsightVM vs. Tenable Nessus
    Compared 14% of the time.
    Pentera logo
    Pentera vs. Tenable Nessus
    Compared 7% of the time.
    More Tenable Nessus Competitors   →
    Also Known As
    JFrog Security Essentials
    Learn More
    JFrog
    Tenable
    Overview

    JFrog is on a mission to enable continuous updates through Liquid Software, empowering developers to code high-quality applications that securely flow to end-users with zero downtime. The world’s top brands such as Amazon, Facebook, Google, Netflix, Uber, VMware, and Spotify are among the 4500 companies that already depend on JFrog to manage binaries for their mission-critical applications. JFrog is a privately-held, global company, and is a proud sponsor of the Cloud Native Computing Foundation [CNCF].

    If you are a team player and you care and you play to WIN, we have just the job you're looking for.

    As we say at JFrog: "Once You Leap Forward You Won't Go Back!"​

    Tenable Nessus is a vulnerability management solution that aims to empower organizations to be aware of threats that both they and their customers face. It is the most deployed scanner in the vulnerability management industry. Organizations that use this product have access to the largest continuously updated global library of vulnerability and configuration checks. They can stay ahead of threats that Tenable Nessus’s competitors may be unable to spot. Additionally, Tenable Nessus supports a greater number of technologies than its competitors.

    Tenable Nessus Benefits

    Some of the ways that organizations can benefit by deploying Tenable Nessus include:

    • Ease of use. Tenable Nessus is designed with security administrators in mind. It is built so that users can manipulate it intuitively without having to undergo special systems training. Users can create security policies with the greatest level of ease and can initiate scans of their entire networks with only a few clicks.
    • Support and resources. Tenable Nessus has both a support system of clarification resources and technical support for users to rely on. The solution has a resource center that contains guides and tips that can clarify things that confuse users and can aid them in gaining the maximum level of value. Additionally, users can reach out to Tenable Nessus’s technical support team, which is available around the clock and is reachable via a number of methods. This makes it simple for users to get help if they need it.
    • Reduction of threat vectors. Tenable Nessus provides users with the ability to reduce the number of potential threat vectors that a hacker can exploit. It enables users to find where the vulnerabilities in their networks are so their security won’t be compromised. They can then quickly address those weak points and head off issues before any have the chance to arise.

    Tenable Nessus Features

    • Report customization. Tenable Nessus enables users to customize the security reports that their system produces. They are able to set Tenable Nessus to generate reports that contain the information that is most relevant to their business objectives. Users can also utilize these report customization capabilities to customize the formats of their reports.
    • Vulnerability triage capability. Included in the Tenable Nessus security suite is a feature that enables users to conduct a triage of their vulnerabilities. The solution can apply one of five ratings to vulnerabilities that it detects. This makes it possible for organizations to work on addressing issues by order of severity.
    • Scaling. Tenable Nessus can scale to meet an organization’s needs by migrating the network that it is connected to, to other Tenable solutions. Users can scale up their systems as their security demands increase. It is capable of reaching hundreds of thousands of systems.

    Reviews from Real Users

    Tenable Nessus is a solution that stands out when compared to many of its competitors. Two major advantages it offers are its ease of use and its vulnerability scanning feature.

    Rallis F., the principal security architect at a technology vendor, writes, “The ease of use is the primary valuable feature. This specific version is very straightforward. I like the ability to modify it and configure it based on the different policies.”

    Sandip D., a cyber security expert at Birlasoft India Ltd, writes, “The vulnerability scanner is the most valuable feature. It's an important feature for us. We use the plugin output for that. It shows us the exact version of Nessus and what is needed for remediation. Based on that, we decide what should be remediated first to get the best result for security.”

    Sample Customers
    google, amazon, cisco, netflix, oracle, vmware, facebook
    Bitbrains, Tesla, Just Eat, Crosskey Banking Solutions, Covenant Health, Youngstown State University
    Top Industries
    VISITORS READING REVIEWS
    Financial Services Firm24%
    Manufacturing Company15%
    Computer Software Company12%
    Insurance Company5%
    REVIEWERS
    Financial Services Firm14%
    Computer Software Company14%
    Security Firm9%
    Manufacturing Company9%
    VISITORS READING REVIEWS
    Educational Organization35%
    Computer Software Company11%
    Government7%
    Financial Services Firm7%
    Company Size
    REVIEWERS
    Midsize Enterprise29%
    Large Enterprise71%
    VISITORS READING REVIEWS
    Small Business14%
    Midsize Enterprise10%
    Large Enterprise76%
    REVIEWERS
    Small Business40%
    Midsize Enterprise22%
    Large Enterprise38%
    VISITORS READING REVIEWS
    Small Business16%
    Midsize Enterprise43%
    Large Enterprise41%
    Buyer's Guide
    JFrog Xray vs. Tenable Nessus
    May 2024
    Free Report: JFrog Xray vs. Tenable Nessus
    Find out what your peers are saying about JFrog Xray vs. Tenable Nessus and other solutions. Updated: May 2024.
    DOWNLOAD NOW
    771,212 professionals have used our research since 2012.

    JFrog Xray is ranked 17th in Vulnerability Management with 7 reviews while Tenable Nessus is ranked 3rd in Vulnerability Management with 75 reviews. JFrog Xray is rated 8.2, while Tenable Nessus is rated 8.4. The top reviewer of JFrog Xray writes "An intelligent solution that prioritizes which vulnerability to target first in your project". On the other hand, the top reviewer of Tenable Nessus writes "Unlimited assets for one price and quick, agentless results". JFrog Xray is most compared with Black Duck, Snyk, Mend.io, Veracode and Trivy, whereas Tenable Nessus is most compared with Qualys VMDR, Rapid7 InsightVM, Tenable Security Center, Tenable Vulnerability Management and Pentera. See our JFrog Xray vs. Tenable Nessus report.

    See our list of best Vulnerability Management vendors.

    We monitor all Vulnerability Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.