Openvas v/s Nessus - Which is more beneficial?
When we compare Openvas v/s Nessus, both appear to have fairly similar features. Why would you choose one over the other, besides the benefit of commercial support (which isn't available for Nessus Home Feed users anyways)?
Recently, a test was carried out between Openvas v/s Nessus. The result showed the benefits of using multiple scanners due to the difference in the signatures: Nessus, OpenVAS, and Nexpose VS Metasploitable (blog post by Peter at HackerTarget) Out of 15 known security holes in the system used for the test, 4 were spotted by all four tested tools (Nessus, OpenVAS, Nexpose, and some Nmap scripts); 7 were only spotted by some, and 4 were missed completely. Tenable responded with an article on The Right Way To Configure Nessus For Comparison.
Openvas v/s Nessus - The Differences Nessus is a vulnerability scanner by Tenable Networks while OpenVAS is an open-source vulnerability scanner, by Greenbone Networks GmbH, under the GNU General Public License. Both of these Vulnerability Assessment Systems (VAS) cover many different CVEs from the database of known vulnerabilities. Nessus is a proprietary tool and obviously is better in some ways than OpenVAS. Both VAS is used for managing vulnerabilities in small to large organizations and enterprises to ensure and keep their security up to date in real-time. Also, Nessus has a trial version which is free of cost for personal use in a non-commercial environment for a limited period of time and their paid packages start from around $2500/year.