Try our new research platform with insights from 80,000+ expert users

Amazon Inspector vs Tenable Cloud Security comparison

Sponsored
 

Comparison Buyer's Guide

Executive Summary

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Zafran Security
Sponsored
Average Rating
9.6
Reviews Sentiment
8.1
Number of Reviews
2
Ranking in other categories
Vulnerability Management (32nd), Continuous Threat Exposure Management (CTEM) (4th)
Amazon Inspector
Average Rating
8.2
Reviews Sentiment
7.6
Number of Reviews
7
Ranking in other categories
Vulnerability Management (20th), IT Vendor Risk Management (6th)
Tenable Cloud Security
Average Rating
8.4
Reviews Sentiment
7.1
Number of Reviews
9
Ranking in other categories
Identity and Access Management as a Service (IDaaS) (IAMaaS) (13th), Cloud Workload Protection Platforms (CWPP) (17th), Cloud Security Posture Management (CSPM) (19th), Cloud-Native Application Protection Platforms (CNAPP) (15th), Cloud Infrastructure Entitlement Management (CIEM) (5th)
 

Mindshare comparison

Vulnerability Management
Cloud-Native Application Protection Platforms (CNAPP)
 

Featured Reviews

Israel Cavazos Landini - PeerSpot reviewer
Weekly insights and risk analysis facilitate informed security decisions
I appreciate the weekly insights Zafran provides, which include critical topics for networks and IT security, allowing us to evaluate which insights apply to our environment. The organization score feature is valuable to keep the leadership team updated on how our infrastructure fares security-wise. The applicable risk level versus base risk level feature is beneficial because prior to Zafran, we only used the base risk level, but now understand that risk depends on the asset itself. Zafran is an excellent tool.
John D'Arcy - PeerSpot reviewer
Automated vulnerability assessments continuously enhance security
The most valuable features probably are the ability to do automated vulnerability assessments, which it does with Amazon Inspector version two. It operates continuously, so as soon as resources are created, it scans them for vulnerabilities. This allows me to pinpoint potential security vulnerabilities and provide actionable recommendations relatively quickly. Larger enterprises usually use Inspector to gather all the vulnerabilities, the CVEs, across all accounts in an AWS organization. The enterprises I work for typically have many accounts in their organization, such as thousands of accounts where I am at the moment. It is a way to gather the vulnerabilities that are present on EC2 instances, container images, and Lambda functions.
Ondrej Kováč - PeerSpot reviewer
Has vulnerability detection, software composition analysis and asset management features
Due to its robust nature, the platform's adoption can be overwhelming initially. However, once organizations start using it, they tend to get used to it. I haven't had much direct interaction with the support team, but some partners have reported a desire for better support for the product. Another area needing improvement is the implementation complexity, especially in multi-cloud environments. Tenable Cloud Security's features mean there's a steep learning curve, which can consume significant time and resources to utilize the platform's potential and fully see immediate benefits. It's similar to AI in that you must spend time fine-tuning and training before it truly helps.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Zafran has become an indispensable tool in our cybersecurity arsenal."
"Zafran is an excellent tool."
"The integration of Amazon Inspector with other AWS services has enhanced our security. Security Hub is a major asset because it allows us to centralize data from various AWS services. We can integrate third-party tools as well. It is just a single-click option."
"The scalability of the solution itself is unparalleled."
"I recommend Amazon Inspector because it allows the automation of processes and requires less manual monitoring."
"The automated vulnerability detection aspect is most valuable."
"The vulnerability discovery is valuable, and they also rank those vulnerabilities for you. So, you could rapidly attack some of the higher, severe vulnerabilities as they pop up, if they do pop up."
"The most valuable feature of Amazon Inspector is the categorization of findings, which filters vulnerabilities by instance, container image, container repository, and Lambda function."
"Amazon Inspector is highly stable, rated ten out of ten, and this stability impacts business security and administration positively."
"The findings dashboards are neat and easy to understand, offering clear demarcations for different types of findings and detailed insights into specific vulnerabilities and their associated instances. It is not a place where everything is dumped together. It offers an easy-to-understand layout."
"The tool alerts us on depreciating performance or deficiencies of our web application. It helps us react on time."
"The product's deployment phase is easy."
"Ermetic can provide super visibility for our cloud environment (we are using AWS)."
"If you have multi-cloud tenancy using AWS and Azure, you can have a single dashboard where you can onboard all the cloud infrastructure and have visibility into it."
"Scanning and reporting are the most valuable features of Tenable Cloud Security"
"The solution’s vulnerability management feature has helped us identify and mitigate risks well."
"The product's visibility and remediation work fine for me."
"The key benefit lies in having the largest and most up-to-date database. When it comes to using any Tenable product, it excels in finding vulnerabilities and providing analytics."
 

Cons

"Initially, we were somewhat concerned about the scalability of Zafran due to our large asset count and the substantial amount of information we needed to process."
"It has a limited scope. So, AWS Inspector primarily focuses on the security of the EC2 instance. So, if your architecture includes other AWS services, then you may need to use additional tools for your comprehensive security assessment. So that is one con. Another is, like, we have a dependency on agents."
"It has automated vulnerability assessment, yet I seek more flexibility in defining custom vulnerability checks tailored to my needs, which is more difficult."
"There are challenges associated with the interdependencies in AWS services, like requiring an Active Directory for other services, resulting in additional charges."
"The other point is that the reporting features of Inspector need improvement. For example, I am in an organization with millions of CVEs, and getting an overview of all this is challenging."
"There is room for improvement in the scanning capabilities. I'd like to see broader coverage in terms of the vulnerabilities detected."
"There isn't too much to improve right now. Scanning on demand or as a part of the pipeline versus a post pipeline solution would be good, but it is not a deal breaker by any means."
"One major area for improvement is remediation. My team works on remediating findings over time, likely using available patches. However, easier integration with Amazon's patching services would be very helpful."
"One area for improvement in Amazon Inspector is the automation aspect."
"Tenable needs to offer a patch-based solution since it is an area where the tool lacks a bit."
"Due to its robust nature, the platform's adoption can be overwhelming initially. However, once organizations start using it, they tend to get used to it. I haven't had much direct interaction with the support team, but some partners have reported a desire for better support for the product."
"I didn't find anything that wasn't useful or needed to be added."
"There is a need for the support team to improve their response time since it is one of the areas where the product's technical team has certain shortcomings."
"Ermetic needs to improve its security scanning. I would like to see more dynamic graphical forms."
"I have faced several bug incidents with the solution"
"If Tenable Cloud Security offers a complete Cnapp solution with CWP, CIEM, and Waap security, it will be able to compete with other competitors."
"The product must provide more features."
 

Pricing and Cost Advice

Information not available
"It is scaled as you go. There are probably a certain number of scans per month, and there are tiers. If you're under a certain tier, it is free. The second level is pennies, and then all the way up to like a million. So, it has a tiered pricing program. They're pretty good with your initial scanning, and there is room to scale based on being affordable, but it is fairly cheap. There are no additional costs. They pretty much think about it as a pay-per-scan type model."
"The lowest cost would be around $10 for a few small accounts, however, for thousands of accounts, it could be around $5000 to $6000 dollars per month."
"It's priced according to market standards for its services."
"The pricing is very transparent and clear."
"The tool's price is good compared to other brands. The tool's subscription is for a year."
"The tool's pricing is fair."
"There is a need to opt for a subscription-based pricing model to use Tenable Cloud Security. I rate the product price an eight on a scale of one to ten, where one is low price and ten is high price."
report
Use our free recommendation engine to learn which Vulnerability Management solutions are best for your needs.
842,651 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
14%
Financial Services Firm
12%
University
6%
Retailer
6%
Computer Software Company
14%
Financial Services Firm
12%
Government
7%
Manufacturing Company
6%
Computer Software Company
15%
Financial Services Firm
11%
Government
11%
Manufacturing Company
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
 

Questions from the Community

What is your experience regarding pricing and costs for Zafran Security?
Pricing for Zafran Security is not expensive. We have a contract for five years, and the cost is lower than other too...
What needs improvement with Zafran Security?
I would like to see an integration with Check Point firewalls. It's essential for us and they are currently working o...
What is your primary use case for Zafran Security?
We use Zafran Security for threat prioritization. We establish priority to understand which risks should be patched o...
What do you like most about Amazon Inspector?
The integration of Amazon Inspector with other AWS services has enhanced our security. Security Hub is a major asset...
What is your experience regarding pricing and costs for Amazon Inspector?
I manage pricing and purchase reserved instances, yet face challenges due to dependencies and lack of options for res...
What needs improvement with Amazon Inspector?
There are challenges associated with the interdependencies in AWS services, like requiring an Active Directory for ot...
What do you like most about Tenable Cloud Security?
The solution’s vulnerability management feature has helped us identify and mitigate risks well.
What needs improvement with Tenable Cloud Security?
Another team uses the tool. Tenable acquired Ermetic. I think Tenable has features, stays up to date, and upgrades ev...
What is your primary use case for Tenable Cloud Security?
Right now, I use Tenable as CNAPP, and it is good for the product as it offers enhanced security to users. We did use...
 

Also Known As

No data available
No data available
Ermetic, Ermetic Identity Governance for AWS
 

Overview

 

Sample Customers

Information Not Available
betterment, caplinked, flatiron, university of nutri dame
Tyler Technologies, Bilfinger, BarkBox, MongoDB, airSlate, Adama, Latch, Cloudinary, Riskified, AppsFlyer, IntelyCare, Aidoc, 42Dot, and more.
Find out what your peers are saying about Wiz, Palo Alto Networks, Qualys and others in Vulnerability Management. Updated: March 2025.
842,651 professionals have used our research since 2012.