I’ve spent a little time going over some of the data available for Tenable’s Nessus and OpenVAS. It can’t provide all the answers, but hopefully by the end of this post you’ll have a better understanding of similarities and differences between the two vulnerability scanners.
Over the last 10 years the rate at which vulnerabilities are being discovered has been increasing rapidly. In 2010 there were 4,992 CVEs released and over the course of 2020 there were 17,253, over three times the number. As a result, organisations of all sizes now include vulnerability scanners in their suite of tools to help identify and manage vulnerabilities within their infrastructure. With an increasing number of vulnerability scanners available within the market though, a common question for many organisations is – which one?
Two that are most frequently compared are Tenable’s Nessus and Greenbone’s OpenVAS. Perhaps because they’re the most pervasive, or maybe because they have a shared history.