Tenable the Gold Standard
What do you like best about the product?
Incredible robust, informative and easy to understand reports. Versatile in the best ways.
What do you dislike about the product?
Sometimes it is a bit complex, especially when refining reports.
What problems is the product solving and how is that benefiting you?
Information Security Program
Have maintained accurate vulnerability scans and gained actionable remediation insights across thousands of servers
What is our primary use case?
We usually use
Tenable Vulnerability Management for vulnerability scannings, and we get the reports from Tenable to resolve any vulnerability. We have about 2,000 plus servers where we have installed the agent on those servers to check and scan the vulnerabilities. That is the main key aspect of what we use
Tenable Vulnerability Management for.
Regarding the continuous monitoring feature of Tenable Vulnerability Management, it is not exactly continuous monitoring we get from Tenable. It is used only on the market, where we scan it. We have a scheduled scan for all the servers, so we are not using it for any monitoring at present.
Tenable's advanced analytics and reporting features give very detailed reports where we get most of the information about vulnerabilities. That is one plus point. For example, with 2,000 servers, when we want to calculate the percentage of vulnerabilities that have appeared, it gives us very useful insights. While analyzing, it is one of the greatest tools because the results it produces as outputs scan the networks and each device in an organization.
We have purchased Tenable Vulnerability Management via AWS Marketplace.
What is most valuable?
Tenable Vulnerability Management agents are very lightweight, and the results we get are very accurate. The solutions they provide to us, assuming if one vulnerability exists, there will be a solution. The resolution they give us in wording will be the best solution. The exploit rates and the reports we get provide a lot of information, making it very easy for us to verify.
The main benefit of integration with Tenable Vulnerability Management is that there will be no lack of missing vulnerabilities when it comes to the patching environment. That is one of the key aspects of why we have integrated Tenable to our patching tools. It has a vast capacity of pushing the data to our tools due to its capability and compatibility. That is also one of the reasons why we are using Tenable Vulnerability Management.
What needs improvement?
Tenable Vulnerability Management is not very effective for real-time risk prioritization for our organization's security strategy. It is only used for scheduled tasks, not for real-time execution.
While the agents are very lightweight, when it comes to real-time analysis, there will be significant lagging on the servers and too much traffic on the network. When any server detects vulnerability while scanning, the reports take time to analyze by itself. That is one of the drawbacks of Tenable Vulnerability Management.
For how long have I used the solution?
We have been using Tenable Vulnerability Management for the past eight years.
What do I think about the stability of the solution?
The stability of Tenable Vulnerability Management is highly reliable. Having used Tenable for the past seven to eight years, I have never experienced any glitches or bugs affecting our environment. I can guarantee it is highly stable.
What do I think about the scalability of the solution?
Tenable Vulnerability Management is highly scalable. Mid and larger enterprises can definitely move on to Tenable Vulnerability Management.
Scalability is very important for us because of the lightweight agents. That is the main key feature where for installing, they have many options for scaling to multiple servers. If we need to install it on 500 machines tomorrow, we can push it in different ways. It is highly scalable and very user-friendly when it comes to scalability.
How are customer service and support?
Communication with Tenable Vulnerability Management support occurs on average two to three times monthly because our environment is very small.
The technical support of Tenable Vulnerability Management is available 24/7, and whenever we require support, we can get it within five minutes. Regarding technicality, they deserve a nine out of ten. They are highly technical people. I have communicated with more than 20 to 25 technical engineers. They take every question seriously and help us resolve issues. They have a very strong technical team to support customers.
How would you rate customer service and support?
Which solution did I use previously and why did I switch?
Before Tenable Vulnerability Management, we used Qualys initially. We moved to Tenable due to pricing considerations. The customer requirement was to reduce the cost. When compared to Qualys, it was much more cost-effective.
How was the initial setup?
I did not participate in the initial setup of Tenable Vulnerability Management as it was already set up and ready to work on.
What about the implementation team?
We have SCCM integrated with Tenable Vulnerability Management to patch the servers, and it has also been integrated with
BigFix where we scan the results from Tenable and push the data to these tools. For endpoints, we use SCCM, and for servers, we use
BigFix. It has been integrated into these two particular patching tools where it analyzes and pushes the patches.
What was our ROI?
For evaluating the effectiveness of Tenable Vulnerability Management in our IT environment, we have our own ratings with integrated multiple metrics that automatically calculate. It has been integrated into our
ServiceNow. Based on that, all the overall metrics are automatically calculated based on AI and ML technology, where we get complete reports.
Which other solutions did I evaluate?
We have not validated other options before choosing Tenable Vulnerability Management. We have already worked with multiple tools, and the customer was very interested in Tenable Vulnerability Management specifically.
What other advice do I have?
We use Tenable Vulnerability Management and are currently using its latest version.
I rate Tenable Vulnerability Management nine out of ten based on my experience. This rating is due to its stability and high scalability. The best part is the solutions they provide for any vulnerability.
Which deployment model are you using for this solution?
Public Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Vulnerability management streamlines decision-making and enhances security assessment
What is our primary use case?
My experience is with Tenable Vulnerability Management, specifically regarding vulnerability management.
My particular use case for Tenable Vulnerability Management is vulnerability management, benchmark scanning, and I'm somewhat familiar with their product line, utilizing the CIS benchmarks and DISA STIG benchmarks.
Tenable Vulnerability Management is the backbone of our vulnerability management and has affected my organization positively.
What is most valuable?
The best features of Tenable Vulnerability Management are flexibility, breadth and scope, and the fact that their current vulnerabilities come out, and they have tests for them within a day or two.
Operationally, Tenable Vulnerability Management finds issues that would otherwise be missed, but I don't have an ROI.
The impact of Tenable's analytic capabilities shows that our other programs are working in our prioritization process.
What needs improvement?
I don't think I have any additional features to add for improvement, as Tenable Vulnerability Management does a pretty good job of what it does.
My pain points would have been on the internal side of lining assets up to owners, and that's not something that Tenable Vulnerability Management can help me with.
I have no suggestions for where they could do better.
For how long have I used the solution?
I have one year of experience with Tenable Vulnerability Management.
What do I think about the stability of the solution?
Tenable Vulnerability Management is stable.
What do I think about the scalability of the solution?
Tenable Vulnerability Management's scalability is fantastic.
How are customer service and support?
I would evaluate Tenable Vulnerability Management's customer service and technical support as average.
I would rate them a seven on a scale from 1 to 10, with 10 being the best and 1 the worst.
How would you rate customer service and support?
Which solution did I use previously and why did I switch?
I have not personally used a different vulnerability management solution.
How was the initial setup?
The initial setup was pretty straightforward.
What about the implementation team?
I made it my own, and the initial setup was done by Address Block, which I tied to elements in the CMDB.
What was our ROI?
I wasn't party to the comparison or purchasing, so I'm not completely sure.
What's my experience with pricing, setup cost, and licensing?
I am unaware of the pricing, setup costs, or licensing details for Tenable Vulnerability Management.
Which other solutions did I evaluate?
I don't know why we switched to Tenable Vulnerability Management for vulnerability management, but my assumption is that it is the first solution they tried and we've been happy with it since.
What other advice do I have?
I have used Tenable Vulnerability Management's reporting features to a lesser degree.
The metrics I track for decision-making include what systems need upgrading, what software needs replacing, and whether or not we can hold off on things, accept some risks, and get other risks resolved.
They have cloud scanners that are effectively point and click, and although I'm not sure if it's an extra licensing, we also have an on-prem scanner, which is a virtual appliance that I can download and put in place.
The data that we pull from Tenable Vulnerability Management is the data that we drive and use for decision-making, although we don't use that visibility extensively. I don't utilize the real-time visibility with Tenable Vulnerability Management.
On a scale of 1-10, I rate Tenable Vulnerability Management a 9.
Which deployment model are you using for this solution?
On-premises
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Other
Streamlines vulnerability management with excellent reporting and potential AI integration
What is our primary use case?
I use Tenable Vulnerability Management to scan the network, including servers and endpoints, to identify risks in our environment and provide mitigation and solutions. I also use it to assess our security posture through asset discovery and risk identification.
What is most valuable?
Tenable is user-friendly and excels in reporting. It allows me to easily fetch and schedule reports. The software's discovery feature aids in strengthening our security posture. The single-sensor installation process on various operating systems is smooth, unlike Rapid7, which requires different versions for separate systems. Furthermore, Tenable enables vulnerability management through potential AI integration that consolidates efforts and resolves multiple vulnerabilities simultaneously.
What needs improvement?
AI integration for reporting in Tenable would be beneficial. The response time of Tenable's customer support needs improvement. They should also accelerate the process of implementing new features upon request.
For how long have I used the solution?
I have used Tenable Vulnerability Management for almost six to eight years.
What do I think about the stability of the solution?
I have faced no stability issues with Tenable. In comparison, Rapid7 encountered challenges with data transfer to the cloud, requiring us to compress packets to manage network hiccups.
What do I think about the scalability of the solution?
Both Tenable and Rapid7 are cloud-based solutions, which ensures excellent scalability. They can seamlessly scale the number of endpoints from 100 to 1,000,000 in a day.
How are customer service and support?
Technical support from Tenable is rated six out of ten. It needs improvement in response time and addressing feature requests promptly. Other services like Rapid7 are more responsive.
How would you rate customer service and support?
Which solution did I use previously and why did I switch?
I used Rapid7, which is less expensive than Tenable. My preference now aligns with Tenable due to its superior user-friendliness and reporting capabilities, although some issues persist with installation complexity in various environments.
How was the initial setup?
The setup experience for Tenable Vulnerability Management is rated nine out of ten, indicating that it is relatively easy.
What about the implementation team?
Implementation involves coordination with internal network teams due to environmental complexities.
What's my experience with pricing, setup cost, and licensing?
Tenable is costly, priced significantly higher than Rapid7. For instance, Tenable charges around $40 per device, while Rapid7 costs $10 to $15 per device.
Which other solutions did I evaluate?
I evaluated Rapid7 alongside Tenable. Although Tenable has a higher cost, its user-friendly interface and robust reporting made it a preferred choice.
What other advice do I have?
I recommend Tenable Vulnerability Management for its comprehensive security capabilities and effective risk identification. However, potential users should be prepared for the higher expense compared to alternatives like Rapid7.
My rating is eight out of ten, mainly due to the support aspect needing improvement.
Which deployment model are you using for this solution?
Hybrid Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Other
Efficient risk management enhances asset visibility and security
What is our primary use case?
I use it to scan assets to evaluate vulnerabilities, define the risk, and create a resolution process for vulnerability management.
How has it helped my organization?
It has greatly impacted us by providing asset visibility, allowing us to know which assets have higher vulnerabilities and to calculate the risk for them.
The return on investments is adequate since we need this vulnerability management, and without Tenable, visibility was not possible. It saved us time and improved our security.
What is most valuable?
The most useful feature in managing vulnerabilities is risk management.
What needs improvement?
It needs additional reporting and intelligence features, as well as enhancements in AI-driven detection, which is still in its early stages.
For how long have I used the solution?
I have been working with Tenable Vulnerability Management for six years.
How are customer service and support?
The technical support is fast and efficient, and I am satisfied with it. I would rate their support nine out of ten.
How would you rate customer service and support?
Which solution did I use previously and why did I switch?
I worked with Qualys before Tenable. I find Tenable to be better due to its broader system coverage, better efficiency on discovery, and better capabilities of analysis.
How was the initial setup?
If you have knowledge of networking and security, the initial setup is easy. If you don't, it can be difficult and you might make dangerous mistakes.
What was our ROI?
The return of investments is good enough as vulnerability management is crucial for us.
What's my experience with pricing, setup cost, and licensing?
The pricing is expensive, and the cost depends on the number of assets. However, the cost is not the most important thing due to the value it provides.
Which other solutions did I evaluate?
I evaluated Qualys before using Tenable.
What other advice do I have?
Small companies might find it difficult because of the knowledge required to drive vulnerability management successfully. If you lack that knowledge, you should contract the service.
I'd rate the solution eight out of ten.
Which deployment model are you using for this solution?
Public Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Other
Great interface and plugins w/ only minor issues
What do you like best about the product?
The easy to use interface makes exploring known and discovered vulnerabilities fairly painless. The fact that the solution to exploits is listed right next to the vulnerability overview, it makes remediation a lot easier.
The number of plugins covers a wide variety of systems and possible exploits.
SAML / SCIM integration is another plus and was fairly easy to setup.
Implementation of scanning via its Nessus agents was a breeze.
What do you dislike about the product?
The plugin manager could use some work. There are often several plugins that do the same thing or just plugins that do not provide the functionality that they claim.
Additionally, some of the exploits that are not exploitable and can cause false positives. For example if I have a HTTPS exploit on a version of a router / switches firmware, but HTTPS management is turned off and only SSH management is used, then that exploit does not need to be listed as high.
What problems is the product solving and how is that benefiting you?
Provides vulnerability insights for servers and user endpoints with a fairly lightweight agent.
The ability to do very targeted scans of specific vulnerabilities throughout an organizaiton or on just one specific machine is very helpful.
Product overview
What do you like best about the product?
the robust cuantity of options the high speed when it comes to find vulnerabilities
What do you dislike about the product?
the price and also sometimes as little companies I can feel a bit overprices. learning curve is a bit high also
What problems is the product solving and how is that benefiting you?
Detecting industry vulnerability all in one, while usually cloud providers offer beneficial benefits, I believe that when t comes to benefits Tenable Vulnerability Management wins, nonetheless false positive detection could improve
A baseline for cyber security
What do you like best about the product?
Scheduleling the scans is very helpful in that you can then have those results sent to your email. Report fatigue and email fatigue are real things but with the simplified email at a quick glance you can tell if you need to dive deeper or just review at the standard time.
What do you dislike about the product?
They could be better about some of the mitigation information, I understand that it must be a huge task but would be really helpful to have.
What problems is the product solving and how is that benefiting you?
Staying ahead of issues that I have public facing before they become an issue.
Assesses vulnerabilities and finds anomalies and has an easy-to-use interface
What is our primary use case?
The solution is used for the vulnerability assessment of the network infrastructure.
What is most valuable?
The solution finds vulnerabilities, anomalies, and threats. Tenable has basic and ad hoc scanning features. The tool schedules scans for continuous monitoring. The main advantage of the solution is that it assesses the vulnerabilities and provides a CVE score. Reporting is very easy. The management dashboard is very easy. The tool has an easy-to-use interface. It is easy to implement the product.
What needs improvement?
The product is a bit expensive.
For how long have I used the solution?
I have been using the solution for 7 years.
What do I think about the stability of the solution?
What do I think about the scalability of the solution?
The solution is scalable up to a certain point. I rate the scalability a seven to eight out of ten. Our customers are medium to large businesses.
How are customer service and support?
The support is very good.
How would you rate customer service and support?
How was the initial setup?
The configuration is easy. My engineers can work on it seamlessly. The deployment of the basic solution does not take more than four to eight hours. We need one or two persons to deploy and maintain the product. There are no other challenges if we have the network and can access the IPs.
What was our ROI?
The product impacts our client's operational cost related to vulnerability management in a good way. It automates a few things and saves the engineers' costs.
What's my experience with pricing, setup cost, and licensing?
I rate the pricing a seven out of ten.
What other advice do I have?
We are resellers. The solution is easy to implement. It has an easy-to-use interface, enabling organizations to go faster to market. Overall, I rate the product a nine out of ten.
Provides seamlessness, a perfect UI, and identity management for office operations
What is our primary use case?
We use the Tenable Vulnerability Management solution for internal web applications, asset management, and remediation. It helps us transfer and leverage the remediation of websites, effectively addressing vulnerabilities.
How has it helped my organization?
We need to deploy this on internal assets. It resides within the internal infrastructure and communication.
It encompasses everything at some point. From development to deployment, it receives the necessary attention.
What is most valuable?
The solution provides seamlessness, a perfect UI, and identity management for office operations. We are most vulnerable to users. Therefore, it is crucial to implement the right solution to ensure proper user access and resource management.
For how long have I used the solution?
I have been using Tenable Vulnerability Management for 4 years.
What do I think about the scalability of the solution?
200 users are using this solution.
Which solution did I use previously and why did I switch?
We have used Qualys. It is tricky and expensive.
How was the initial setup?
The initial setup is seamless and takes three days to complete. Two people are required for the deployment but one person can do as well.
What other advice do I have?
This process is seamless because checks are scheduled at different intervals, typically every ten minutes. Once a log is generated, we attend to it immediately. Also, the maintenance is straightforward.
Overall, I rate the solution an eight out of ten.
Which deployment model are you using for this solution?
Public Cloud
