Tenable Cloud Security is used for CSPM. If you have multi-cloud tenancy using AWS and Azure, you can have a single dashboard where you can onboard all the cloud infrastructure and have visibility into it. It has multiple cover steps of compliance. So, if you are obliged by any compliance, you can use that particular compliance.
Tenable Cloud Security [Private Offer Only]
Tenable, Inc.External reviews
44 reviews
from
and
External reviews are not included in the AWS star rating for the product.
The solution provides a single dashboard to onboard and have visibility into all the cloud infrastructure, but it should offer a complete Cnapp solution
What is most valuable?
What needs improvement?
If Tenable Cloud Security offers a complete Cnapp solution with CWP, CIEM, and Waap security, it will be able to compete with other competitors.
For how long have I used the solution?
I have been using Tenable Cloud Security from the last two to three years.
What do I think about the stability of the solution?
Tenable Cloud Security is a stable solution.
What do I think about the scalability of the solution?
When we talk about the cloud and SaaS model, it is in the hands of these OEMs. Tenable Cloud Security can definitely scale.
How are customer service and support?
Tenable Cloud Security's technical support is good. They can help you out if you get stuck with some issues.
How was the initial setup?
Tenable Cloud Security's initial setup is good and easy to manage.
What about the implementation team?
Tenable Cloud Security's deployment does not take more than two to three days.
If you know CSPM tools, you can configure Tenable Cloud Security yourself. If you lack knowledge about CSPM tools, you will have to go with a consultant.
The deployment steps for Tenable Cloud Security are very easy. First of all, you will have to onboard your account. For that, you should have admin rights. It will create some cloud formation template, or you can go through it directly. Once you have onboarded the account, you will get visibility into what kinds of activities are happening in the account. Then, accordingly, you can enable or disable the compliance policies as well.
What other advice do I have?
I am using the latest version of Tenable Cloud Security.
I don't recommend Tenable because it is premature as of now. When we talk about the detection level, all OEMs have detection nowadays. Tenable will have to focus on the production part.
The solution is deployed on-cloud in our organization.
One or two people are enough to manage Tenable Cloud Security.
Overall, I rate Tenable Cloud Security a six out of ten.
A stable solution providing comprehensive vulnerability scanning for modern web applications
What is our primary use case?
Tenable Cloud Security essentially falls under the umbrella of cloud security.
In cloud security, we have a diverse Tenable portfolio which includes Nessus, Nessus Professional, Nessus Expert, Tenable.io Vulnerability Management, Tenable Security Center, Tenable Cloud Security, Tenable Lumen, Tenable Active Directory, and Tenable One.
What is most valuable?
We're discussing vulnerability management here, and in this realm, it's considered one of the top vendors in the security field. The key benefit lies in having the largest and most up-to-date database. When it comes to using any Tenable product, it excels in finding vulnerabilities and providing analytics. Tenable possesses the biggest vulnerability database, sourcing data from various places including open sources, the dark net, and forums where hackers discuss vulnerabilities. This makes Tenable and its products highly regarded in the realm of vulnerability management.
The concept of a "black box" or a "closed box" in this context involves a solution that provides results and resolutions specifically tailored to your cloud environment's compliance and security needs. In essence, cloud security tools scan your cloud resources and evaluate them to ensure they adhere to policies, have correct configurations, and conduct an analysis to verify the proper functioning of your cloud infrastructure. This encapsulates the core advantages of Tenable Cloud Security.
What needs improvement?
Personally, I don't have any critical concerns about this product. As I mentioned earlier, it's a comprehensive and well-rounded solution that provides results effectively. However, I do think there might be room for more integrations. This could allow for further customization and flexibility, essentially offering different functionality options to accommodate various budgets. It's similar to customizing a wedding package to fit different preferences and budgets. This could be achieved through licensing, enabling users to choose specific functionalities based on their needs. For instance, if someone only requires container-related features and doesn't need in-depth analysis of their entire cloud environment, they could opt for a more tailored solution.
For how long have I used the solution?
I have been using Tenable Cloud Security for the past seven years.
How are customer service and support?
Our vendor is Broadview, and they offer various support levels. In a typical scenario, with the initial level of support, you might expect a relatively simple approach to problem-solving, with an SLA that allows several hours for issue resolution.
When you open a ticket for a problem, that ticket is overseen by a designated support technical specialist and their manager. If the ticket isn't resolved, you have the option to escalate it through another channel, such as your organization's Cabinet. This process works in a similar way to what we consider normal.
To increase the response speed, you simply need to invest more in advanced support. It doesn't work like it might in smaller vendors. In this context, when there are four tiers of support, each comes with different response times. If you require a one-hour response time, you can opt for premium support, and that's about it. Even before purchasing a solution, whether it's Scalable Security, Account Security, Scalable Security Center, or any other, you can review the support SLAs to gauge how long you might have to wait for assistance with various issues.
How would you rate customer service and support?
Positive
What other advice do I have?
In general, when you want to make comparisons, you must consider various factors, and this applies to many other solutions as well. However, this implies that we don't encounter significant issues or problems with the product, whether it's related to its functionality or overall performance. Consequently, it can be rated as a solid ten.
Intuitive and easy to use, awesome capabilities
What do you like best about the product?
Ermetic is an awesome tool that helps a lot in making the cloud environments secure. It's very intuitive, easy to use, easy to integrate with could environments, ticketing tools and also with IAM tools in order to control user's lyfecicle. It's possible to remediate issues in the clould using Ermetic only, once it has the capability to identify the security risks and also to fix them, if desirible, based in the suggestions that the tool provides to mitigagte the found issues. The interface is very intuitive and provides us vairous ways to identify risks based in standards and regulations like PCI, HIPAA, NIST and others.
What do you dislike about the product?
Few ways to extract data, like user's for example.
What problems is the product solving and how is that benefiting you?
Issues related to IAM security, like overprivileged accesses, roles, inactive users, public resources. This is helping in keep our cloud resources secure and understanding the gaps we have.
Excellent org to work with!
What do you like best about the product?
Ermetic is genuinely concerned with the success of not just our product usage, but that of our organization. They're engaged at the highest levels of their company, actively soliciting feedback and implementing those changes into their product. They listen intently to needs, concerns, and desires to output features and functions that provide the best value to their customers. They proactively review and monitor our account, providing guidance and best practices.
What do you dislike about the product?
There are no downsides that I have to note about doing business with Ermetic.
What problems is the product solving and how is that benefiting you?
Ermetic provides CIEM functionality for all of the major CSP's that we utilize, through a single plane of glass.
easy to use and good for investigating the cloud infrastructure
What do you like best about the product?
the dashboard is very explainable and easy to understand and take action out of it.
What do you dislike about the product?
the deep dive into the new features would give a better visibility
What problems is the product solving and how is that benefiting you?
AWS infrastructure . visibility on our product
Great tool, very easy to implement and integrate
What do you like best about the product?
It is easily integrated with Azure and AWS. It is also easy to deploy and manage, create reports and look for vulnerabilities and remdiations.
What do you dislike about the product?
Probably creating more options to remediate vulnerabilities within identities.
What problems is the product solving and how is that benefiting you?
We are monitoring our cloud environments for potential miss configuration and data leakage.
Great product, very responsive
What do you like best about the product?
Their flexibility with suggestions and responsiveness if we have a question.
What do you dislike about the product?
The product seems to be still maturing at times.
What problems is the product solving and how is that benefiting you?
It allows us to have Just in Time access to AWS via audited role assignment.
Ermetic, our solution for CSPM and CNAPP
What do you like best about the product?
Excellent CSPM tool for our AWS use case. Saves us a ton of time drilling done configuration security.
The "if you only have 5 minutes" feature is a great way to ensure you don't get overwhelmed with the amount of tasks to complete. Helps guide you on a clear, daily progression to cloud security
The "if you only have 5 minutes" feature is a great way to ensure you don't get overwhelmed with the amount of tasks to complete. Helps guide you on a clear, daily progression to cloud security
What do you dislike about the product?
The kubernetes aspect is still developing. I know for a fact Ermetic has on the road map to release an agented Kubernetes monitoring solution, but until then you'll just have to wait.
What problems is the product solving and how is that benefiting you?
Ermetic helps us fix over provisioned privledges in AWS, it's replaced our cloud trail log search, and we also utilize it's automated slack alerting for unusual cloud activity.
Fantastic CSPM Tool
What do you like best about the product?
Fantastic CSPM tool for multi-cloud environments. It lets you quickly get the "lay of the land" in your environment, seeing what services and resources are in place.
The IAM permission breakdown is second to none in my experience. Lets you really drill down to see what resources are affected by what policies and is extrememly useful in cracking down on overpriviliged IAM resources.
Add in findings, toxic combos, and the "if you only have 5 minutes" and you can quickly see what you need to pay attention to right away to better secure your environment.
The IAM permission breakdown is second to none in my experience. Lets you really drill down to see what resources are affected by what policies and is extrememly useful in cracking down on overpriviliged IAM resources.
Add in findings, toxic combos, and the "if you only have 5 minutes" and you can quickly see what you need to pay attention to right away to better secure your environment.
What do you dislike about the product?
Theres is still some work to be done with WAFs in place of load balancer when looking at network resource views. However I am confident that they will get to this sooner or later as well.
What problems is the product solving and how is that benefiting you?
Helps us to quickly see the resources we have in our environment, any security concerns with those resources, and how we can remediate quickly. Gives us truly fantastic IAM breakdowns as well.
Great product for having a good insight in the cloud environment.
What do you like best about the product?
The detailed information which Ermetic provides is excellent. The user interface and accessibility to the features are good. A lot of information is provided by Ermetic. Setting up the account is easy. The documentation is excellent and easy to follow. The feature which creates least privilege policy just by selecting the time period is one of the cool feature.
What do you dislike about the product?
I didn't find and disliking factor as per my usage.
What problems is the product solving and how is that benefiting you?
Ermetic is solving our cloud environment issues. It shows us the missed out stuff like permissions, policies and helps us create new and better policies following the principle of least privilege.
showing 21 - 30