My main use case for Tenable Cloud Security is managing our security compliance and security posture.

I use Tenable Cloud Security for managing compliance and security posture, and we rely on the compliance reports and findings of our cloud configuration.

I don't have anything else to add about my use case or how I use Tenable Cloud Security day-to-day.

The best features Tenable Cloud Security offers in my experience are automatic scanning, frequent scanning, and automatic finding, which I find valuable.

Tenable Cloud Security has positively impacted my organization with risk reduction and compliance.

We weren't previously measuring compliance, so that's completely new to our organization regarding risk reduction and compliance improvements.

I think Tenable Cloud Security could be improved with more clear licensing.

What I would like to see improved with licensing is how they're used in the product.

The calculations of what is considered a license between virtual machines, containers, Kubernetes clusters, and similar components should be made more clear.

I will add more about the needed improvements.

I have been using Tenable Cloud Security for about a year and a half.

In my experience, Tenable Cloud Security is not very stable. There are no downtime, no outages, and a few support tickets, but nothing out of the ordinary.

Customer support for Tenable Cloud Security is recommended, with no problems and very responsive.

Positive

We haven't had a tool like Tenable Cloud Security in our organization in the past.

We don't have metrics for a return on investment from using Tenable Cloud Security because this was a new product, a new deployment.

I wasn't involved with the pricing, setup cost and licensing for Tenable Cloud Security.

I wasn't involved in evaluating other options before choosing Tenable Cloud Security.

My advice to others looking into using Tenable Cloud Security is to go in with expectations around how to manage findings and criticalities and how to manage exceptions. Have an exception process at the ready.

I don't have any additional thoughts about Tenable Cloud Security before we wrap up.

On a scale of one to ten, I rate Tenable Cloud Security an eight.

They are looking to promote a deeper security strategy with Tenable Cloud Security. Companies are migrating from on-premise to clouds and they must ensure their applications in the cloud will be more safe and secure.

Healthcare is most likely the kind of clients we see migrating to Tenable Cloud Security.

From what I know, though I'm not an expert technically speaking, perhaps the best functionalities are related to promoting a deeper analysis of the environment where applications are running in terms of creating a double armor of security to block threats that may come in the cloud with Tenable Cloud Security.

Companies are looking for cloud security, specifically Tenable Cloud Security, because they know it's a reliable company with long-term presence in the market, and they trust Tenable for their product strategy and support. This is the main reason.

I really don't know to tell the truth because we sell many solutions and don't sell exclusively Tenable, so I'm not in a condition to give a precise definition of what could be improved. My perception is this: when customer A needs Tenable Cloud Security, we introduce and demonstrate it. They POC, they appreciate it. The solution serves in such use cases ABC.

I am very pragmatic and straightforward - as long as they use or want the solution, I am interested. If they don't, my question is what are the main objections? They may discuss pricing, or they may say they thought the solution had certain technical capabilities that they could not find.

It's just recently that these customers asked us to introduce Cloud Security, so I'm still in the process of getting to know this solution in more detail.

Depending on the size of the project, it takes perhaps 15 days or a week or something similar.

We have a technical person that helps with the setup or the implementation, and either the distributor or the vendor always assists us.

We resell Tenable and other cybersecurity companies in Brazil.

Companies are migrating from on-premise to clouds and they must ensure their applications in the cloud will be more safe and secure.

Customers will be more secure in terms of knowing that their applications are running in a safe environment protected by Tenable Cloud Security, so they can promote and extend the migration process to either GCP, AWS, or Azure.

The analytical and reporting capabilities are pretty straightforward and show every transaction and major attempt to attack the application in the cloud. These analytical tools are very complete.

This solution can help organizations adhere to and comply with regulatory requirements such as HIPAA.

On a scale of 1-10, I rate this solution an 8.

Right now, I use Tenable as CNAPP, and it is good for the product as it offers enhanced security to users. We did use the tool on the cloud. I am not sure if some models, like CIEM, are available as a feature for users. When it comes to a module in CNAPP, I think it is fairly good for using and monitoring on the cloud while also being easy to deploy.

I am not sure how the tool is used in my company because I got transferred to another team that is involved only in monitoring. I use the reporting part on CNAPP. I only use the tool for customized reports. The tool had a fairly easy way to get customized reports.

Another team uses the tool. Tenable acquired Ermetic. I think Tenable has features, stays up to date, and upgrades every few months. I am not sure of the tool's use case, as another team uses it. I think another team in my company wants to use the tool for use cases associated with patching and testing. For use cases, Tenable needs to offer a patch-based solution since it is an area where the tool lacks a bit.

I have experience with Tenable Cloud Security.

There are no stability or bug-related issues in the tool.

The product's deployment phase is easy.

The tool is cost-effective.

The tool's price is good compared to other brands. The tool's subscription is for a year.

The tool can be used in the area of vulnerability management to improve our company's security.

I saw some impacts on our finances, especially on the banking side. In our company, we forecast the point for maturity and performance through assessments and security vulnerabilities in the cloud. Before I bought Tenable, I compared it with another band. The tool has been a really good point for the price.

One of the teams in my company would like to use the tool and integrate it with other products used for patching and vulnerability assessment tools.

The tool is a good product that is flexible and on the cloud.

I rate the tool an eight out of ten.

The most popular use cases include vulnerability detection, cloud security posture management, software composition analysis (comparing code), and supporting cloud-native application protection in runtime environments.

Tenable Cloud Security excels in vulnerability detection, one of its strongest features. Another valuable feature is software composition analysis, which highlights and automates the detection of security flaws. Additionally, their knowledge base is excellent; if anything goes wrong, they provide clear guidance on what needs to be done to address specific vulnerabilities.

The asset management is also really good, with effective discovery and categorization of assets. The DevOps integration is also strong, supporting Shift-Left Security practices with integration into pipeline tools.

Due to its robust nature, the platform's adoption can be overwhelming initially. However, once organizations start using it, they tend to get used to it. I haven't had much direct interaction with the support team, but some partners have reported a desire for better support for the product.

Another area needing improvement is the implementation complexity, especially in multi-cloud environments. Tenable Cloud Security's features mean there's a steep learning curve, which can consume significant time and resources to utilize the platform's potential and fully see immediate benefits. It's similar to AI in that you must spend time fine-tuning and training before it truly helps.

I have been working with the product for three years. 

The solution is stable. 

I rate the solution's scalability a ten out of ten. Managing many assets (e.g., 500 or 5,000+) can become overwhelming in a multi-cloud environment. However, for smaller environments with fewer than 5,000 assets, it should be pretty straightforward and manageable.

My partners complain that support is not consistent and replies come late. It is small company and to offer worldwide support will be a challenge. 

The solution's integration and configuration can be overwhelming. If you have a simple environment, I'd rate Tenable Cloud Security's deployment ease very close to ten out of ten. It's easy to deploy, run the first discovery, and manage the assets. Its strength lies in covering the environment thoroughly, discovering assets, and categorizing them.

I rate the overall solution a ten out of ten. I think it's the best on the market right now. Other solutions, like Trend Micro, provide incident response across multiple security layers. However, Tenable Cloud Security is not primarily a threat protection tool. Even though it deploys malware detection and removal in the code, it is not like real-time incident response such as Trend Micro.

Tenable Cloud Security is used for scanning purposes, including vulnerabilities and remediation. The graphs provided by the solution are unsatisfactory and frequent updates are needed.

For instance, suppose you have a specific kernel version of 4.5, and you updated it to version 5.0; the solution still suggests that the older version needs to be fetched and even, in some instances, suggests upgrading to version 5.1.

Once the solution implements scans, the records are saved, and a bit of fine-tuning is required for remediation, I have to check manually in a few cases to decrease the number for a few metrics. Sometimes I need to contact the support team to fix bugs. 

Scanning and reporting are the most valuable features of Tenable Cloud Security. 

I have faced several bug incidents with the solution. Tenable Cloud Security's operational speed also needs to be improved. For instance, I have ten servers that got patched, and only this set of servers is required due to an incident. If I need to run a script on only those aforementioned ten servers and generate a report, it will be highly time-consuming with Tenable Cloud Security.

Even if I need a single ad hoc command, the solutions process a whole script for all Linux servers, which takes massive time. Often, our company's management team inquires about a two-day ticket as a live update report couldn't be obtained from Tenable Cloud Security.

The product should include ad hoc command implementation and live update-providing features rather than waiting for the scheduled script to run at a specific time each week. The solution's admins don't receive updates within a day; they're obtained when the script runs, and a huge number of servers cannot be run daily. Every server has an off-peak time, and the dependable needs to work out and retrieve the performance graphs.  

I have been using Tenable Cloud Security for a year. 

I would rate the stability a seven out of ten. 

I would rate the scalability a six out of ten. In our company, there are multiple nodes being used with the solution. Tenable Cloud Security should be able to pick up the correct node irrespective of the server's location.

For instance, if I pick the wrong node in the server, the script hangs, and this can happen often as in our company, we can't remember where the CMDB and data entries are present. The solution lacks an automated node selection feature. If a wrong node is picked with the tool to send in the box, the scanning procedure will run for 45 minutes and then it will fail. 

The solution is most suitable for medium-sized businesses. Our company uses the solution in a mid-sized environment comprising 1500 Windows and Linux servers. 

I would rate the tech support a five out of ten. Our company has raised multiple tickets with issues in graphs, but the support team was unable to help. The dashboard of Tenable Cloud Security provides the total number of vulnerabilities instead of segregating them for each day and mentioning how many have been resolved, but there are no useful graphs provided. 

Neutral

The initial setup process is extremely complex; in our company, it has been over a year, and the solution is still being set up. During the setup process in our organization, the tool acquired several vulnerabilities, and I am personally exhausted from managing them.

I am personally learning about the competitor solution, HashiCorp Vault, through webinars and trying to compare it with Tenable Cloud Security. A few of my friends are using HashiCorp Vault, and they are comparatively satisfied with the product. 

The solution functions in a multi-cloud environment. In our company, Tenable Cloud Security is implemented in a cloud, but it's connected to the bare-metal data centers. 20% of the solution has been shifted to the cloud environment in our organization, but the tool can still pick data from cloud environments, including OCI and Azure.  

The product efficiently detects vulnerabilities across the entire environment, provides insights, and seeks remediation. Overall, I would rate Tenable Cloud Security a seven out of ten. The solution's vulnerability display interface needs to improve. I recommend others try other competitor solutions and implement a POC before onboarding Tenable Cloud Security.