Tenable Core + OT Security Enterprise Manager (OL8)

I am using it for Asset Discovery, vulnerability management and threat intel. 

Tenable OT Security  is for asset management, vulnerability management as continuous threat detection for OT ICS environments in manufacturing and critical Infrastructure. It serves the same use case as Claroty.

The key features include asset visibility, threat detection, and the vulnerability identification process.

The biggest advantage is that with good infrastructure, you can utilize asset planning when using Nessus along with Tenable OT Security . Nessus is a widely recognized tool for IT vulnerability management that comes bundled. Additionally, if you get Tenable.sc , you have many formats available to generate reports.

If your IT and OT environment is convergent, then Tenable OT Security might be the preferred choice. It is also quite cheaper than Claroty.

The time it takes to train itself is a concern. Initially, it will not identify many assets, as it needs time to read the information before finding the assets. Some detections can go wrong, and it may not understand certain industrial protocols.

While installation and deployment are easy, upgrading from one version to another can be challenging. When you assure clients they will receive minus two upgrades, sometimes upgrading through the cloud becomes difficult, requiring on-site upgrades. During upgrades, the previous configuration may be lost, creating support issues.

I have been using these tools for around three to four years.

There are not glitches but some delays in detection. It might not detect every asset properly.

It is quite scalable.

They generally do not have regional people available for support. Users need to procure a gold model to get support from their Singapore team. The FAQ portal designed for partners and clients may not provide correct answers even when queries are raised.

Neutral

I have only installed Tenable OT Security. I have not worked with Nessus and other Tenable solutions.

Considering the cost and that it is affordable, I would rate it at seven.

Installation and deployment are easy. However, upgrading from one version to another can be challenging when clients are promised minus two upgrades. Cloud upgrades may become difficult, requiring on-site visits, and previous configurations might be lost during upgrades.

The solution is easy to maintain.

At the time of installation, there were no AI-related features, and I do not think AI is required for this solution.

I rate Tenable OT Security a six out of ten.

I went to a client to deploy Tenable OT based on their mixed network infrastructure, which was not segmented correctly. By deploying Tenable OT, I helped with the segmentation process, ensuring that OT environments such as HVAC systems, camera systems, and industrial control systems are segregated and secured.

The clear distinction between IT and OT that Tenable OT provides is its most valuable feature. The user interface clearly differentiates between vulnerabilities and action items from IT environments, making it easier to explain these differences to customers. This clarity allows me to sell the value of the solution to clients and helps them understand it better.

As an IT security professional, I would like to see automation improvements in the response part of Tenable OT Security . However, I understand that implementing automation in OT environments can be quite challenging.

It is pretty standard, however, the scalability depends on the endpoint size. Once configurations are complete, the asset discovery is quite simple.

For local support, I would rate it as an eight, and for global support, I would rate it as a nine out of ten. 

Positive

I have had a small amount of experience with Darktrace . The main difference is Darktrace  has response capabilities incorporated from their inception through other products, which gives them an edge in response capabilities. Other than that, they are pretty similar.

The initial setup was very easy, and I would rate it a ten out of ten.

The deployment was carried out by the same three to five professionals I mentioned before.

The return on investment in terms of vulnerability management is feasible, particularly in instant response and business impact analysis. This information is essential before presenting value in services.

The pricing of Tenable OT Security  is standard and comparable to market prices. It is not as expensive as most products in the similar line.

I would recommend this platform due to its valuable features and benefits. 

Overall, I rate Tenable OT Security a nine out of ten.

We use the solution in manufacturing, critical infrastructure, and virtual centers.

The active query inventory is the most valuable feature.

The solution could detect changes in reading variables. The support of IoT devices can be improved.

I have been using Tenable OT Security as a vendor for five years.

I rate the solution's stability a ten out of ten.

The tool is monitoring thousands of assets. It's for all, but it's mainly for the enterprise. It scales very well. I haven't had any issues with that.

Technical support could improve its response time.

Positive

The initial setup is easy and takes an hour to complete.

It is affordable, but it depends on the number of assets. It costs around 50K.

Intrusion detection, configuration change detection, and inventory are the most compelling features for monitoring the OT environment.

The main benefit is that it discovers vulnerabilities in the environment and network elements, such as switches, firewalls, and Windows and Linux servers.

They have to look for a tool that covers the whole plant and can be integrated into the rest of the company's security systems.

It reduces the risk of the ping attack and uncovers the vulnerabilities and misconfigurations present in the cell network.

It's built in several parts. One is vulnerabilities, and the other is analyzing the attack path. 

Overall, I rate the solution a nine out of ten.

I like Tenable OT Security for two main reasons. Firstly, it helps identify vulnerabilities and risks for IT and OT assets, which is crucial for our operations. Secondly, it performs external port scanning, including vulnerability scans for open ports. Compared to the Claroty Platform, the tool offers detailed asset discovery capabilities. 

Tenable OT Security is fine, but I find it more language-based rather than structured. It feels like something is on a web page, and the dashboards and data representations are not cool. First of all, I said that the tool view should be improved. It looks pretty old. Second, the details Tenable OT Security provides regarding the metadata they work with should be more in-depth. Its main focus is vulnerability management, which is fine, but what about threat actors? What about attack vectors and OT vulnerabilities? There are major areas, baselines, etc. that need attention.

I have been working with the product for two years. 

I have no issues with the solution's stability. 

The support team is the same as others. There are delays. If I find a bug, they say they already know and are working on it. This applies to OT solution providers. The consistent response is that they are working on it and will get back to me. We don't know how long it will take. The customer asked us where we were and if we should switch providers.

Neutral

The tool's pricing is fair enough. 

I rate the overall solution an eight out of ten. I recommend it. If clients need a solution for both IT and OT, I recommend Tenable OT Security. I suggest proceeding with Tenable OT Security if the client is small and needs IT and OT. However, I'll recommend Claroty Platform if the plant size is large and they need a more rigorous and detailed solution, including deep packet inspection.

Our clients use the solution for identifying attacks in the OT environment.

Most solutions in the market offer similar features. The product’s price is its most valuable feature.

The solution should provide more features to prevent attacks. Currently, it only provides detection features. There is no prevention at all. Other solutions are providing such features.

I have been using the solution for two years.

I rate the tool’s stability an eight out of ten.

The tool doesn’t have much scalability. It’s the same system. It’s not an issue. Our clients are SMBs and enterprises.

I use Trend Micro and Kaspersky to prevent threats.

The initial setup was not straightforward. I rate the ease of setup a six out of ten. The tool is deployed on-premises and connected to the OT network. The deployment takes a few days. Reducing the false positives may take two weeks.

The list price is expensive, but we get good discounts.

I am a consultant. People wanting to use the product must check it before they buy. Overall, I rate the solution an eight out of ten.