We use the Tenable Vulnerability Management solution for internal web applications, asset management, and remediation. It helps us transfer and leverage the remediation of websites, effectively addressing vulnerabilities.
Tenable Vulnerability Management
Tenable, Inc.External reviews
125 reviews
from
and
External reviews are not included in the AWS star rating for the product.
Provides seamlessness, a perfect UI, and identity management for office operations
What is our primary use case?
How has it helped my organization?
We need to deploy this on internal assets. It resides within the internal infrastructure and communication.
It encompasses everything at some point. From development to deployment, it receives the necessary attention.
What is most valuable?
The solution provides seamlessness, a perfect UI, and identity management for office operations. We are most vulnerable to users. Therefore, it is crucial to implement the right solution to ensure proper user access and resource management.
For how long have I used the solution?
I have been using Tenable Vulnerability Management for 4 years.
What do I think about the scalability of the solution?
200 users are using this solution.
Which solution did I use previously and why did I switch?
We have used Qualys. It is tricky and expensive.
How was the initial setup?
The initial setup is seamless and takes three days to complete. Two people are required for the deployment but one person can do as well.
What other advice do I have?
This process is seamless because checks are scheduled at different intervals, typically every ten minutes. Once a log is generated, we attend to it immediately. Also, the maintenance is straightforward.
Overall, I rate the solution an eight out of ten.
Which deployment model are you using for this solution?
Public Cloud
Discovers vulnerabilities and integrates well with other solutions
How has it helped my organization?
Before, we built the assets on Tenable.sc and scanned them for asset discovery. Now, we are deploying Nessus Agent into all the machines. We have written the script, which is automatically deployed on the VM or the cloud. Previously, we could not identify the workstations that were offline for a certain period. With Nessus Agent, we don't have that problem. It increases our efficiency.
What is most valuable?
Nessus Agent is the best feature. When we scan the environment, the vulnerabilities are discovered. The integration of Tenable into our security ecosystem was very good. There were no complications. We integrated it with different tools like ServiceNow and SharePoint.
What needs improvement?
I'm not satisfied with the reporting structure. We cannot do much customization. We can do it in Tenable.sc. We need to maintain two different solutions. We need the on-premise tool for reporting purposes. We would like to have it all as a SaaS-based solution.
If we need to check for a zero-day vulnerability, we must run the scans manually to get the information. It is time-consuming. We need to do a traditional scan regularly to get zero-day information. It would be great if the zero-day vulnerabilities were published.
The reporting capabilities for compliance are bad. I can get the compliance reporting on certain cases, but it is not detailed. We do not have a clear understanding of the Cyber Exposure Score. I am unable to drill down and understand the Cyber Exposure Score.
What do I think about the stability of the solution?
I rate the tool’s stability an eight out of ten.
What do I think about the scalability of the solution?
I rate the tool’s scalability a seven out of ten.
How are customer service and support?
The customer service is good. The support team is very responsive.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
Previously, we used Qualys for vulnerability scanning. However, we switched to Tenable because we felt that Tenable was the best solution for our organization’s requirements. We also use Tenable.sc, Tenable.io, and Tenable’s Cloud Security Posture Management.
How was the initial setup?
The setup is not straightforward. We need to apply the filters. We can get the Cyber Exposure Score displayed on the document. However, we cannot get a deeper understanding of what makes the score high or low.
What's my experience with pricing, setup cost, and licensing?
The product costs us around $137,000 annually for 4000 to 5000 assets.
What other advice do I have?
We use a third-party tool to initiate scans. I don't know whether there is a way to monitor it in real-time. I will recommend the tool to others. Overall, I rate the product an eight out of ten.
Tenable Tool Review
What do you like best about the product?
It is very easy to use and the user interface is really good. the best part is there is a feature called exclusion and inclusion in the tool where we can exclude or inculde selected targets.
What do you dislike about the product?
It is generating a lot of false positives for example blind sql injection
What problems is the product solving and how is that benefiting you?
It helped me to find vulnerbilities quicker and efficient when compared to other tools
An easy-to-manage solution to gain visibility into all IPs
What is our primary use case?
The product operates on a license-based model, where you purchase a license based on the number of IP addresses you intend to scan. For example, if you purchase a license for 50 IP addresses and your network has 200 users, it will only scan for those 50 IPs. You can gain visibility into all IPs within your environment, including subnets with a full license. Also, you can geographically segment your scanning targets based on the number of IPs allocated for each location.
How has it helped my organization?
The product is very friendly. It is easy to manage. Most of the information the tool provided was correct and helped to further investigate the vulnerability and its impact.
What is most valuable?
The most important feature is network scanning.
What needs improvement?
The solution’s pricing could be improved.
For how long have I used the solution?
I have been using Tenable Vulnerability Management for one year.
What do I think about the stability of the solution?
I rate the solution’s stability an eight out of ten.
What do I think about the scalability of the solution?
The solution is very scalable. It allows you to adjust according to your needs. You can add more features if you wish to purchase additional tools.
How was the initial setup?
The initial setup is very easy. To deploy, run the setup command, and then it can deploy on your Linux and Windows platforms. I did it by myself.
What's my experience with pricing, setup cost, and licensing?
The product is expensive but manageable.
What other advice do I have?
I recommend the solution. Although, it varies from person to person experience. Rapid7 users can use free tools. I'm very satisfied with the product.
Overall, I rate the solution an eight out of ten.
Offers risk prioritization , notification system but support should be bundled with the product cost
What is our primary use case?
We help clients with their overall cybersecurity assessment. Many start with free tools like Nessus, but eventually require more comprehensive solutions. We use Nessus and Tenable.io (formerly Nessus Professional) to scan environments and then convince clients of the value of a full Tenable.
How has it helped my organization?
Integrating Tenable into the workflow has improved our client's response times to critical vulnerabilities.
The notification system, including email and SMS alerts, is helpful. However, the actual response time depends on how closely clients monitor their Tenable systems. If they actively review alerts and notifications, it definitely helps their IT teams act quickly.
What is most valuable?
The risk prioritization is a good feature.
Tenable lets you categorize vulnerabilities based on severity (zero-day, critical, high, medium, low) so clients can focus on patching the most urgent issues first.
I would rate Tenable's dashboards and reporting capabilities for illustrating security posture a nine out of ten, with ten being the best.
Tenable already covers firewalls, web applications, and patch management very well.
What needs improvement?
It's a fantastic product, but there are some things to consider. One is the price. Compared to on-prem solutions, the SaaS model can be expensive.
Price is definitely a concern and needs improvement, especially for the Indian market. While it's a fantastic product, it should be more accessible to small and medium-sized businesses (SMBs).
Currently, only larger enterprises seem to be able to afford and evaluate it thoroughly.
So, pricing can be improved and be more affordable for the Indian market, specifically for SMBs.
Another area of improvement is customer service and support. Tenable needs to include support in the pricing/license. Currently, they push clients to get support from partners or channel distributors, who often charge a lot.
Even for a simple one-time setup, they may charge three to four lakhs, and then additional annual charges for ongoing support. We have the technical skills to handle basic tasks, but relying on Tenable itself often results in just receiving emails or being redirected back to channel partners.
So, support should be bundled with the product cost.
For how long have I used the solution?
We've been using Tenable for a while now.
What do I think about the stability of the solution?
I would rate the stability a seven out of ten.
What do I think about the scalability of the solution?
I would rate the scalability an eight out of ten. We work across all verticals, including enterprises and medium-sized businesses.
How are customer service and support?
Customer support is a challenge. Tenable charges extra for it, which means clients have to buy the license separately and then pay for additional support services like SQ. This creates significant friction.
How would you rate customer service and support?
Negative
How was the initial setup?
I would rate my experience with the initial setup a nine out of ten, with ten being very easy to set up.
We offer both deployment models, cloud as well as on-premises, but the cloud model hasn't been very successful. Because Cloud deployment is a SaaS model, which will likely be expensive.
There are cost concerns with SaaS.
Deployment is quick.
The entire deployment took around one hour.
What was our ROI?
While I can't quantify specific cost savings, Tenable offers a valuable solution.
What's my experience with pricing, setup cost, and licensing?
I would rate the pricing a five out of ten. It is in the middle.
What other advice do I have?
We have many other products available. Tenable can be compared to SOGo vulnerability management, for example.
Tenable is an advanced solution. If you're looking for a high level of threat protection, it provides clear visibility and gives you insights into what needs to be done next. However, general vulnerability management, especially for small and medium-sized businesses (SMBs), SOGo might be a more suitable option.SOGo offers flexible subscription models like monthly or yearly, and it caters to smaller user bases like 50 or 200 users. Tenable, on the other hand, recommends a minimum of 150 licenses, which might be overkill for smaller organizations.
Overall, I would rate the solution a seven out of ten.
Tenable for Vulnerability Management
What do you like best about the product?
Pre-configured dashboards are good enough and also it offers various plugins if you wish to configure with visualyzing tools like Kibana and graphana
What do you dislike about the product?
As said its pre-configured dashboards are good but could be better. In some point of time it didn't fulfill the requirement which was simple
Dashboard are not realtime it take its own sweet time to fetch data
POV of zero trust policy - Data is stored in public cloud
Dashboard are not realtime it take its own sweet time to fetch data
POV of zero trust policy - Data is stored in public cloud
What problems is the product solving and how is that benefiting you?
Basic purpose was scanning for vulnerabilities. It helped me to schedule scans on periodic basis.
Transforming Traditional Vulnerability Management
What do you like best about the product?
Ease of solution deployment
Accuracy of scanning results
Flexibility of plugins and customization
Rich Feature Set
Affordable
Great Account Team support and partnership for day to day administration and product enhancement requests
Accuracy of scanning results
Flexibility of plugins and customization
Rich Feature Set
Affordable
Great Account Team support and partnership for day to day administration and product enhancement requests
What do you dislike about the product?
Some additional data around scan failures would assist troubleshooting more
ASM product requires more development time to fully mature
ASM product requires more development time to fully mature
What problems is the product solving and how is that benefiting you?
Tenable is helping us manage Cybersecurity and IT risk in a massive and complex environment allowing a strategic convergence of data for risk based decision making
Great tool and easy to use
What do you like best about the product?
Flexibility of the tool, for both internal and external scans. Provides good reporting capabilities.
Easy to establish role based access.
Very receptive to customer requests.
Customer support team is great.
Easy to establish role based access.
Very receptive to customer requests.
Customer support team is great.
What do you dislike about the product?
Things that I have disliked with the tool have been addressed and corrected.
What problems is the product solving and how is that benefiting you?
Identifies risk to the environment, and provides means to remeidate these risks and vulnerabilities.
Be vulnerable free with tenable
What do you like best about the product?
We can schedule the scanning. We can install agent in case of air gapped network. The vulnerability database is update regularly.
What do you dislike about the product?
It doesn't have Realtime scanning. The result/report will be destroyed after some months. There is no audit log. which may be useful for audit purposes.
What problems is the product solving and how is that benefiting you?
Tenable is a good product. We were using Nessus, since we like the product, we migrated to tenable cloud solution. Which will reduce our overhead.
A stable and easy-to-use solution that scans vulnerabilities in assets and provides suggestions for remediation
What is our primary use case?
The solution scans vulnerabilities in assets like workstations, network devices, desktops, or laptops. The product indicates vulnerabilities based on severity levels. There are high, critical, medium, low, and informational levels of severity.
What is most valuable?
The product can scan assets and web applications. It provides remediation for each vulnerability it scans. We get to know the actions we have to take to remediate the vulnerabilities. The solution is very simple to use. It also has cloud scanners. We can integrate Tenable and Nessus Scanner. It is easier to use.
What needs improvement?
The solution must provide penetration testing.
For how long have I used the solution?
I have been using the solution since 2022.
What do I think about the stability of the solution?
The tool is very stable.
What do I think about the scalability of the solution?
The tool is scalable.
How are customer service and support?
We don't have many issues.
How would you rate customer service and support?
Positive
How was the initial setup?
The initial setup is very easy.
What other advice do I have?
The tool is easy to use and deploy. It's easy for customers to go through the documentation, see how it works, and scan their assets. Everything is straightforward, including the creation of users and enabling 2FA. Overall, I rate the tool a nine out of ten.
Which deployment model are you using for this solution?
Public Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Microsoft Azure
showing 21 - 30