We performed a comparison between JFrog Xray and Tenable Nessus based on real PeerSpot user reviews.
Find out in this report how the two Vulnerability Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."JFrog Xray's reporting feature has a lot of options in it, including scanning."
"The most valuable feature of JFrog Xray is the display of the entire internal dependencies hierarchy."
"JFrog Xray shows us a list of vulnerabilities that can impact our code."
"I would say that this solution has helped our organization by allowing us to automate a lot of the processes."
"Good reporting functionalities."
"If multiple dependencies and vulnerabilities are found in a project, JFrog Xray is intelligent enough to tell you which vulnerability to target first."
"The solution is stable and reliable."
"I like its ease of use. It has the script that is pre-built in it, and you just got to know which ones you're looking for."
"Tenable Nessus is cheap and flexible."
"It gives a holistic view of your entire environment."
"The vulnerability scanner is the most valuable feature."
"The most valuable feature of Tenable Nessus is the self-updating engine."
"The ease of use is the primary valuable feature. This specific version is very straightforward. I like the ability to modify it and configure it based on the different policies."
"We have around 500 virtual machines. Therefore, we conduct monthly scans and open tickets for our developers to address identified vulnerabilities. These scans cover the servers, other network equipment, and appliances in our infrastructure."
"It is a mature tool."
"Reporting is crucial, but it is lacking in the current tool. Every organization seeks specific data points rather than general information. Therefore, we require customized reports from the Xray tool."
"Since we have been using the solution via APIs, there are some limitations in the APIs."
"Lacks deeper reporting, the ability to compare things."
"The speed of JFrog Xray should improve. Other solutions have better performance."
"JFrog Xray's documentation and error logging could be improved."
"I think that the user interface should be expanded to provide customers with a better dashboard for reviewing their feedback regarding their images and the vulnerabilities that are associated with the images."
"JFrog Xray does not have a dashboard."
"This is still a maturing product. Tenable is only a scanner for one ability, while other solutions like Rapid7 have more tools for verification. We still have to manually verify to see if the vulnerability is a false positive or not."
"The reports should be improved in Tenable Nessus. For example, when you are auditing compliance with CIS standards. It provides very poor reports."
"It would be nice for the professional module to include some of the reports available in the expert module."
"Pricing is one of the most important features, and it is something that they can improve on."
"There could be an integration between Tenable Nessus and other Tenable products. It will help us manage all the solutions using one dashboard."
"From my point of view the solution basically is not for the big enterprise."
"We feel the solution's technical support to be very bad."
"The solution could improve security updates."
JFrog Xray is ranked 17th in Vulnerability Management with 7 reviews while Tenable Nessus is ranked 3rd in Vulnerability Management with 75 reviews. JFrog Xray is rated 8.2, while Tenable Nessus is rated 8.4. The top reviewer of JFrog Xray writes "An intelligent solution that prioritizes which vulnerability to target first in your project". On the other hand, the top reviewer of Tenable Nessus writes "Unlimited assets for one price and quick, agentless results". JFrog Xray is most compared with Black Duck, Snyk, Mend.io, Veracode and Trivy, whereas Tenable Nessus is most compared with Qualys VMDR, Rapid7 InsightVM, Tenable Vulnerability Management, Tenable Security Center and Pentera. See our JFrog Xray vs. Tenable Nessus report.
See our list of best Vulnerability Management vendors.
We monitor all Vulnerability Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.