I’m curious what tools, SaaS, or other solutions are being used for vulnerability assessments?

DOD calls it ACAS, which is just an acronym for required assessment program of record they currently fullfil with Nessus scanner and related vender solutions.

Anyone have Nessus experience that can compare to another vendor? Good, bad, etc?