Try our new research platform with insights from 80,000+ expert users

Check Point CloudGuard CNAPP vs Tenable Security Center comparison

Sponsored
 

Comparison Buyer's Guide

Executive SummaryUpdated on Mar 30, 2025

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Zafran Security
Sponsored
Ranking in Vulnerability Management
27th
Average Rating
9.6
Reviews Sentiment
8.1
Number of Reviews
2
Ranking in other categories
Continuous Threat Exposure Management (CTEM) (6th)
Check Point CloudGuard CNAPP
Ranking in Vulnerability Management
9th
Average Rating
8.6
Reviews Sentiment
7.4
Number of Reviews
71
Ranking in other categories
Cloud and Data Center Security (9th), Container Security (7th), Cloud Workload Protection Platforms (CWPP) (6th), Cloud Security Posture Management (CSPM) (5th), Cloud-Native Application Protection Platforms (CNAPP) (5th), Data Security Posture Management (DSPM) (4th), Compliance Management (6th)
Tenable Security Center
Ranking in Vulnerability Management
4th
Average Rating
8.2
Reviews Sentiment
7.3
Number of Reviews
54
Ranking in other categories
Cloud Security Posture Management (CSPM) (11th), Risk-Based Vulnerability Management (1st)
 

Featured Reviews

Israel Cavazos Landini - PeerSpot reviewer
Weekly insights and risk analysis facilitate informed security decisions
I appreciate the weekly insights Zafran provides, which include critical topics for networks and IT security, allowing us to evaluate which insights apply to our environment. The organization score feature is valuable to keep the leadership team updated on how our infrastructure fares security-wise. The applicable risk level versus base risk level feature is beneficial because prior to Zafran, we only used the base risk level, but now understand that risk depends on the asset itself. Zafran is an excellent tool.
Bart Coddens - PeerSpot reviewer
Evolved cloud security with active monitoring but needs interface consistency
The user interface needs work. Sometimes, it is a transition from the old tool to the new CNAPP Two that I currently have, and remnants of the old environment can still be detected. I require consistency in the user interface to ensure everything is streamlined into the same look and feel. More work is needed in fine-tuning the threat data towards your CSPM and activity logs, aligning them with business intelligence, which requires a cohesive console interface. My assessment of CloudGuard CDRs in intrusion detection and threat hunting capabilities is that it still needs some work. All the threat data that comes in, you need to fine tune it a bit.
OndrejKOVAC - PeerSpot reviewer
Empower clients with risk-based vulnerability management through continuous workflow and valuable insights
Tenable Security Center could improve by implementing more dynamic data displays and translating reports into European languages. This is especially relevant in Central Eastern Europe, where clients often require reports in local languages. Additionally, the licensing model could be more flexible for managed security providers, similar to a pay-as-you-go model.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Zafran is an excellent tool."
"Zafran has become an indispensable tool in our cybersecurity arsenal."
"It presents a real-time database that is always updated."
"The most valuable feature is the ability to work with the APIs to integrate into our own backend systems."
"It offers security insights and recommendations to assist organizations in acting and remediating issues swiftly."
"It has an analytics service that does research for us."
"It has great scalability."
"The Compliance engine has helped put our auditors and senior executives at ease, as we can quickly and accurately measure ourselves against hundreds of compliance checks to include CIS benchmarks, PCI, and other best practices."
"It provides complete visibility of workload hosted on different cloud platforms including AWS and Azure, along with multiple tenants."
"Gives us centralized firewall management for both Windows and Linux distros. Also provides a clear view of the security configurations and connections across environments (DMZ, external and internal networks)."
"Overall, I rate the solution 9.8 out of 10."
"The scanning part, the agent part – that's the valuable aspect."
"Initial setup was pretty straightforward."
"Tenable Security Center scans networks and gives reports."
"Tenable is the leading product for vulnerability scanning."
"Very customizable with a lot of templates."
"The most valuable features in Tenable SC are scanning and analysis."
"Tenable.sc is user-friendly."
 

Cons

"Initially, we were somewhat concerned about the scalability of Zafran due to our large asset count and the substantial amount of information we needed to process."
"The false positives can be annoying at times."
"The software configurations theory is complicated, and without proper planning and a well-skilled technical team, it cannot perform its tasks properly."
"Scalability, particularly in workload protection, is an area that needs improvement."
"I don't have any notes for improvements."
"One feature of the product that I would like to enhance is the possibility to connect to vulnerability management platforms so that the issues that emerge from the scans can then be ingested directly into the vulnerability management process."
"We're looking for a solution that can incorporate legacy infrastructure for some of our business needs."
"I would like to see improvements in the vulnerability assessments in terms of how the solution discovers vulnerabilities or compromised workloads. Also, customizable reports would be nice."
"CloudGuard CNAPP could be enhanced by increasing the number of components that run natively on Azure."
"The dashboard templates are limited."
"We experienced some difficulties with the solution’s support."
"The solution needs to improve the vulnerability assessment because we have experienced some challenges with accuracy."
"Tenable SC can improve by adding more integrations with HCI-type tools and more accurate vulnerability detection."
"Deploying Tenable.sc is highly complex because it's an on-prem solution, whereas Tenable.io is cloud-based, so you can go live as soon as you log in. Tenable.sc involves significant integration with other on-prem solutions, and the deployment takes about two to three weeks with the help of a system integrator"
"If I want to have a very low-managed scan policy, it's a lot of work to create something which is very basic. If I use a tool like Nmap, all I have to do is download it, install it, type in the command, and it's good to go. In Security Center, I have to go through a lot of work to create a policy that's very basic."
"Additional costs are associated with using the solution, as additional scanners are required for different endpoints connected to the Tenable Security Center. If Tenable Security Center could extract information from these scanners automatically rather than manually, it would enhance user-friendliness for customers."
"It's good at creating information, it's good creating dashboards, it's good at creating reports, but if you want to take that reporting metadata and put it into another tool, that is a little bit lacking."
 

Pricing and Cost Advice

Information not available
"The licensing part still needs some work. The issue that I have is that we do not use all the services in the cloud, but sometimes, CloudGuard identifies them as an asset."
"​They support either annual licensing or hourly. At the time of our last negotiation, it was either one or the other, you could not mix or match. I would have liked to mix/match. ​"
"We have the enterprise-level license and we renew it annually because it is worth the cost."
"From a pricing perspective, they are pretty expensive."
"In the beginning, the price of Dome9 was cheap, whereas now it is not."
"The licensing and costs are straightforward, as they have a baseline of 100 workloads (number of instances) within one license with no additional nor hidden charges. If you want to have 200 workloads under Dome9, then you need to take out two licenses for that. Also, it does not have any impact on cloud billing, as data is shared using the API call. This is well within the limit of free API calls provided by the cloud provider."
"Right now, we have licenses on 500 machines, and they are not cheap."
"It is difficult to contextualize the pricing because we are used to Indian pricing and licensing."
"The tool provides competitive pricing."
"It is a bit expensive. Everything is included in the license."
"My company needs to make yearly payments towards the licensing costs. The pricing of the solution falls in the mid-range level, so it is not too expensive"
"We're able to save because we don't have to employ more staff members to help wit ht he scheduling of the scans, running the reports or sending them out to the systems owners. That alone is a big ROI for us."
"We're happy with the licensing cost and find it affordable."
"The pricing is more than Nexpose."
"The price of Tenable SC is expensive, we pay approximately €70,000 for the license annually. We have to pay for each IP test. The cost of other solutions is far less, such as Nessus Professional, which is €3,000 annually."
"For 500 users the licensing fee is roughly $100,000."
report
Use our free recommendation engine to learn which Vulnerability Management solutions are best for your needs.
845,040 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
14%
Financial Services Firm
12%
Manufacturing Company
6%
Retailer
6%
Computer Software Company
16%
Financial Services Firm
14%
Manufacturing Company
9%
University
6%
Educational Organization
21%
Computer Software Company
11%
Financial Services Firm
11%
Government
10%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
 

Questions from the Community

What is your experience regarding pricing and costs for Zafran Security?
Pricing for Zafran Security is not expensive. We have a contract for five years, and the cost is lower than other too...
What needs improvement with Zafran Security?
I would like to see an integration with Check Point firewalls. It's essential for us and they are currently working o...
What is your primary use case for Zafran Security?
We use Zafran Security for threat prioritization. We establish priority to understand which risks should be patched o...
What do you like most about Tenable SC?
The tool's dashboard and reporting capabilities match our company's needs since we are able to modify the basic view ...
What is your experience regarding pricing and costs for Tenable SC?
Tenable Security Center is quite expensive, particularly for the CEE region, causing us to lose cases due to its pric...
What needs improvement with Tenable SC?
Tenable Security Center could improve by implementing more dynamic data displays and translating reports into Europea...
 

Also Known As

No data available
Check Point CloudGuard Posture Management, Dome9, Check Point CloudGuard Workload Protection, Check Point CloudGuard Intelligence
Tenable.sc, Tenable Unified Security, Tenable SecurityCenter
 

Overview

 

Sample Customers

Information Not Available
Symantec, Citrix, Car and Driver, Virgin, Cloud Technology Partners
IBM, Sempra Energy, Microsoft, Apple, Adidas, Union Pacific
Find out what your peers are saying about Check Point CloudGuard CNAPP vs. Tenable Security Center and other solutions. Updated: February 2025.
845,040 professionals have used our research since 2012.