Lacework FortiCNAPP vs Tenable Nessus comparison

Fortinet and Tenable are both solutions in the Vulnerability Management category. Fortinet is ranked #17 with an average rating of 8.2, while Tenable is ranked #3 with an average rating of 8.2. Additionally, 90% of Fortinet users are willing to recommend the solution, compared to 98% of Tenable users who would recommend it.

Comparison Buyer's Guide

Download the report

Executive SummaryUpdated on Mar 16, 2025

Tenable Nessus and Lacework FortiCNAPP are prominent contenders in the vulnerability management and cloud security sectors. Tenable Nessus stands out due to its robust vulnerability scanning and threat prioritization, making it a leader in traditional IT environments. In contrast, Lacework FortiCNAPP excels in cloud security with its anomaly detection and continuous monitoring, making it superior in cloud-oriented tasks.

Features: Tenable Nessus offers comprehensive vulnerability scanning capabilities, quick and effective automated processes, and in-depth reporting with threat prioritization. Lacework FortiCNAPP focuses on anomaly detection, extensive compliance checks against various security standards, and real-time insights for cloud environments.

Room for Improvement: Tenable Nessus could improve its reporting capabilities, integrations, and dashboard customization. Lacework FortiCNAPP requires enhancements in remediation features, communication about updates, and comprehensive permission management for IAM security controls.

Ease of Deployment and Customer Service: Tenable Nessus supports flexible deployment in on-premises and hybrid cloud environments, though customer service can occasionally be delayed. Lacework FortiCNAPP offers simple deployment for public clouds but faces challenges with on-premises integration, though its responsive customer service is efficient in issue resolution.

Pricing and ROI: Tenable Nessus is deemed affordable with high ROI for small to medium enterprises, though its pricing might be high for larger deployments. Lacework FortiCNAPP's pricing reflects its advanced cloud capabilities and may be seen as high but offers justified investment benefits for cloud-centric security needs.

To learn more, read our detailed Lacework FortiCNAPP vs. Tenable Nessus Report (Updated: March 2025).

Buyer's Guide

Lacework FortiCNAPP vs. Tenable Nessus

March 2025

Download the complete report

Helped 844,944 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

Zafran Security

Featured Reviews

Israel Cavazos Landini

Associate Director IT Security Operations at Novartis

Weekly insights and risk analysis facilitate informed security decisions

I appreciate the weekly insights Zafran provides, which include critical topics for networks and IT security, allowing us to evaluate which insights apply to our environment. The organization score feature is valuable to keep the leadership team updated on how our infrastructure fares security-wise. The applicable risk level versus base risk level feature is beneficial because prior to Zafran, we only used the base risk level, but now understand that risk depends on the asset itself. Zafran is an excellent tool.

Read full review

Carlos Vitrano

Cloud security director at Medallia

Provides quick visibility and significantly reduces alerts

Its integrations with third-party SIEMs can be better. That is one of the things that we discussed with them. We have integrations, for instance, with Splunk. The data that we are receiving in Splunk is huge, and it is valid because Lacework has a bunch of data that they can provide to you. However, to be able to import the data and create alerts, we needed to do some work, so integration is one of the things that they can improve. For container security, how they scan images and how they provide results is something that they need to continue improving in terms of visibility. We already have visibility to several artifacts, but they can take that to the next level and see what else they can do. There can be better integrations with CI/CD pipelines. There can be improvements in terms of how we can take action or how we can report from the number of inventories they are providing to us.

Read full review

HarshBhardiya

SOC Engineer at Just Dial Limited

Provided increased visibility across the organization's servers

The user interface of Tenable Nessus feels outdated and could be more user-friendly. Additionally, the documentation is not well-organized, which can be confusing when searching for solutions or specific information related to Tenable Nessus Professional. The reporting feature could be improved by allowing users to create their own templates instead of relying on predefined ones.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"Zafran is an excellent tool."

"Zafran has become an indispensable tool in our cybersecurity arsenal."

"Lacework is helping a lot in reducing the noise of the alerts. Usually, whenever you have a tool in place, you have a lot of noise in terms of alerts, but the time for an engineer to look into those alerts is limited. Lacework is helping us to consolidate the information that we are getting from the agents and other sources. We are able to focus only on the things that matter, which is the most valuable thing for us. It saves time, and for investigations, we have the right context to take action."

"The most valuable feature, from a compliance perspective, is the ability to use Lacework as a platform for multiple compliance standards. We have to meet multiple standards like PCI, SOC 2, CIS, and whatever else is out there. The ability to have reports generated, per security standard, is one of the best features for me."

"I find the cloud configuration compliance scanning mature. It generates a lot of data and supports major frameworks like ISO 27001 or SOC 2, providing reports and datasets. Another feature I appreciate is setting custom alerts for specific events. Additionally, I value the agent-based monitoring and scanning for compute nodes. It gives us deeper insights into our workloads and helps identify vulnerabilities across our deployed assets."

"The most valuable aspects are identifying vulnerabilities—things that are out there that we aren't aware of—as well as finding what path of access attackers could use, and being able to see open SSL or S3 buckets and the like."

"The compliance reports are definitely most valuable because they save time and are accurate. So, instead of relying on a human going through and checking or providing me with a report, I could just log into Lacework and see for myself."

"The best feature, in my opinion, is the ease of use."

"There are many valuable features that I use in my daily work. The first are alerts and the event dossier that it generates, based on the severity. That is very insightful and helps me to have a security cap in our infrastructure. The second thing I like is the agent-based vulnerability management, which is the most accurate information."

"For the most part, out-of-the-box, it tells you right away about the things you need to work on. I like the fact that it prioritizes alerts based on severity, so that you can focus your efforts on anything that would be critical/high first, moderate second, and work your way down, trying to continue to improve your security posture."

More Lacework FortiCNAPP pros

"Nessus' most valuable feature is vulnerability management because it helps to discover vulnerabilities proactively and integrates with patch management solutions so you can push patches."

"My favorite part about Nessus is that you can customize the tool to scan exactly what you want. Microsoft releases new patches monthly on Patch Tuesday, and a lot of companies track that date. I set up Nessus for the day after Patch Tuesday to see which devices have already pushed those updates from Microsoft, so we can stay updated."

"The most valuable features are that it's fast, it's easy to use and it provides good reports."

"It does exactly what you expect it to do, and its pricing is great. We couldn't really ask for a better deal."

"A valuable feature of the solution is that it is easy to understand."

"The most valuable feature of Tenable Nessus is vulnerability detection."

"It provides multiple recommendations towards the remedy of vulnerabilities."

"The vulnerability scanner is the most valuable feature."

More Tenable Nessus pros

Cons

"Initially, we were somewhat concerned about the scalability of Zafran due to our large asset count and the substantial amount of information we needed to process."

"The biggest thing I would like to see improved is for them to pursue and obtain a FedRAMP moderate authorization... I don't believe they have any immediate plans to get FedRAMP moderate authorized, which is a bit of a challenge for us because we can only use Lacework in our commercial environment."

"Lacework has not reduced the number of alerts we get. We've actually had to add resources as a result of using it because the application requires a lot of people to understand it to get the value out of it properly."

"Its integrations with third-party SIEMs can be better. That is one of the things that we discussed with them."

"The configuration and setup of alerts should be easier. They should make it easier to integrate with systems like Slack and Datadog. I didn't spend too much time on it, but to me, it wasn't as simple as the alerting that I've seen on other systems."

"A feature that I have requested from them is the ability to sort alerts and policies based on a security framework. Right now, when you go into alerts, you have hundreds and hundreds of them that you have to manually pick. It would be useful to have categories for CIS Benchmark or SOC 2 and be able to display all the alerts and policies for one security framework."

"Lacework lacks remediation features, but I believe they're working on that. They're focused on the reporting aspect, but other features need to improve. They're also adding some compliance features, so it's not worth saying they need to get better at it."

"I would like to see a remote access assistance feature. And the threat-hunting platform could be better."

"Visibility is lacking, and both compliance-related metrics and IAM security control could be improved."

More Lacework FortiCNAPP cons

"Pricing is one of the most important features, and it is something that they can improve on."

"Tenable Nessus application device assessment is one of the top tools. However, in the application security assessment, there are other tools that provide better, and more accurate findings."

"EQA's and dashboards should be addressed in the next release."

"We'd like to see more integration potential within the solution."

"The user interface of Tenable Nessus feels outdated and could be more user-friendly."

"I would like to see an improvement in the ranking of high, medium and low vulnerability."

"The price could be reduced."

"There is room for improvement in finishing the transition to the cloud. We'd like to see them keep on improving the Tenable.io product, so that we can migrate to it entirely, instead of having to keep the Tenable.sc on-prem product."

More Tenable Nessus cons

Pricing and Cost Advice

Information not available

"The pricing has gotten better. That scenario was somewhat unstable. They have a rather interesting licensing structure. I believe you get 200 resources per "Lacework unit." It was difficult, in the beginning, to figure out exactly what a "resource" was... That was a problem until about a year or so ago. They have improved it and it has stabilized quite a bit."

"The licensing fee was approximately $80,000 USD, per year."

"It is slightly expensive. It depends on how big your environment is, but it is expensive. Right now, we are spending a lot of money. We have covered all of the cloud providers and most of our colocation facilities as well, so we cannot complain, but it is slightly expensive. It is not super expensive."

"My smaller deployments cost around 200,000 a year, which is probably not as expensive as Wiz."

"While Tenable Nessus is a good enterprise solution, the high price would likely make it prohibitive to smaller organizations."

"When comparing the price of Tenable Nessus to other similar solutions, such as Acunetix, Tenable Nessus is not as expensive. It is averagely priced in the market. We pay for the solution annually."

"We have a subscription, the licensing fees are paid yearly, and I am using the latest version."

"Nessus Manager is not an expensive product. It has its limitations, but the pricing reflects that. We have a yearly subscription."

"The price of Tenable Nessus is much more competitive versus other solutions on the market."

"I think the price is fairly affordable. It provides a license that is fair."

"We pay approximately $2,500 on a yearly basis."

"There is an annual license required to use this solution."

More Tenable Nessus pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Vulnerability Management solutions are best for your needs.

See recommendations

844,944 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Computer Software Company

14%

Financial Services Firm

11%

University

Retailer

Computer Software Company

18%

Financial Services Firm

13%

Manufacturing Company

Healthcare Company

Educational Organization

41%

Computer Software Company

Financial Services Firm

Government

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

No data available

Questions from the Community

What is your experience regarding pricing and costs for Zafran Security?

Pricing for Zafran Security is not expensive. We have a contract for five years, and the cost is lower than other too...

See all answers

What needs improvement with Zafran Security?

I would like to see an integration with Check Point firewalls. It's essential for us and they are currently working o...

See all answers

What is your primary use case for Zafran Security?

We use Zafran Security for threat prioritization. We establish priority to understand which risks should be patched o...

See all answers

What do you like most about Lacework?

Polygraph compliance is a valuable feature. In our perspective, it delivers significant benefits. The clarity it offe...

See all answers

What is your experience regarding pricing and costs for Lacework?

My smaller deployments cost around 200,000 a year, which is probably not as expensive as Wiz.

See all answers

What needs improvement with Lacework?

The solution lacks a cohesive data model, making extracting the necessary data from the platform challenging. It uses...

See all answers

How would you choose between Rapid7 InsightVM and Tenable Nessus?

You have full visibility across cloud, network, virtual, and containerized infrastructures with Rapid7 Insight VM. Yo...

See all answers

What's the difference between Tenable Nessus and Tenable.io Vulnerability Management?

Tenable Nessus is a vulnerability assessment solution that is both easy to deploy and easy to manage. The design of ...

See all answers

What do you like most about Tenable Nessus?

We have around 500 virtual machines. Therefore, we conduct monthly scans and open tickets for our developers to addre...

See all answers

Comparisons

Dazz.io vs Zafran Security

Compared 53% of the time

Vulcan Cyber vs Zafran Security

Compared 21% of the time

ServiceNow Security Operations vs Zafran Security

Compared 17% of the time

Tenable Vulnerability Management vs Zafran Security

Compared 10% of the time

More Zafran Security Competitors

Wiz vs Lacework FortiCNAPP

Compared 24% of the time

Prisma Cloud by Palo Alto Networks vs Lacework FortiCNAPP

Compared 17% of the time

AWS GuardDuty vs Lacework FortiCNAPP

Compared 8% of the time

Aqua Cloud Security Platform vs Lacework FortiCNAPP

Compared 5% of the time

Tenable Cloud Security vs Lacework FortiCNAPP

Compared 5% of the time

More Lacework FortiCNAPP Competitors

Qualys VMDR vs Tenable Nessus

Compared 16% of the time

Tenable Vulnerability Management vs Tenable Nessus

Compared 14% of the time

Rapid7 InsightVM vs Tenable Nessus

Compared 11% of the time

Microsoft Defender Vulnerability Management vs Tenable Nessus

Compared 8% of the time

Pentera vs Tenable Nessus

Compared 7% of the time

More Tenable Nessus Competitors

Product Reports

Buyer's Guide

Continuous Threat Exposure Management (CTEM)

March 2025

Download Zafran Security product report

Buyer's Guide

Lacework FortiCNAPP

March 2025

Download Lacework FortiCNAPP product report

Buyer's Guide

Tenable Nessus

March 2025

Download Tenable Nessus product report

Also Known As

No data available

Polygraph, FortiCNP

No data available

Overview

Zafran Security integrates with existing security tools to identify and mitigate vulnerabilities effectively, proving that most critical vulnerabilities are not exploitable, optimizing threat management.

Zafran Security introduces an innovative operating model for managing security threats and vulnerabilities. By leveraging the threat exposure management platform, it pinpoints and prioritizes exploitable vulnerabilities, reducing risk through immediate remediation. This platform enhances your hybrid cloud security by normalizing vulnerability signals and integrating specific IT context data, such as CVE runtime presence and internet asset reachability, into its analysis. No longer reliant on patch windows, Zafran Security allows you to manage risks actively.

What are the key features of Zafran Security?

Threat Exposure Management: Utilizes existing tools to prioritize vulnerabilities and manage threats.
Integrative Analysis: Combines security data with IT context for precise vulnerability management.
Real-time Risk Reduction: Enables immediate risk management without waiting for patches.
Hybrid Cloud Compatibility: Functions across diverse cloud environments for comprehensive security.

What benefits can users expect from Zafran Security?

Improved Security: Enhances protection by efficiently identifying and mitigating risks.
Cost Efficiency: Reduces unnecessary patching expenses by confirming non-exploitable vulnerabilities.
Time Savings: Frees developers to focus on root causes by handling immediate threats.
Comprehensive Insight: Offers a holistic view of security threats and vulnerabilities.

In industries where security is paramount, such as finance and healthcare, Zafran Security provides invaluable protection by ensuring that only exploitable vulnerabilities are addressed. It allows entities to maintain robust security measures while allocating resources efficiently, fitting seamlessly into existing security strategies.

Zafran Security

Lacework FortiCNAPP provides robust cloud security, combining vulnerability management and multi-cloud insight with user-friendly controls, machine learning detection, and compliance support.

Lacework FortiCNAPP specializes in cloud security by merging machine learning anomaly detection with agent-based vulnerability management to offer detailed alerts and compliance reports. Its comprehensive approach allows continuous monitoring across AWS and Kubernetes, providing insights from an attacker's perspective. The platform offers automation and seamless Slack integration, facilitating collaborative and efficient cloud security management. Users value its ability to handle multi-cloud environments and scan IAC scripts, configurations, and compute nodes across AWS and GCP.

What are the key features?

Machine Learning Detection: Identifies anomalies effectively.
Compliance Reports: Provides precise compliance documentation.
Vulnerability Management: Supports agent-based vulnerability assessments.
Multi-Cloud Support: Manages and secures across multiple cloud providers.
Automation and Collaboration: Enables integration with Slack for streamlined communication.
Custom Alerts: Allows creation of personalized alerts for better focus.

What benefits do users expect?

Reduced Alert Noise: Minimizes distractions with filtered alerts.
Efficient Cloud Security: Automates processes for enhanced security management.
Collaboration Support: Integrates with tools like Slack.
Insightful Perspective: Provides insight from an attacker's viewpoint.

Organizations across sectors leverage Lacework FortiCNAPP for cloud security, focusing on compliance, security posture, and vulnerability management. It is widely used for monitoring AWS and Kubernetes environments, scanning IAC scripts, configurations, and securing compute nodes. It supports multi-cloud security posture management and log ingestion, enabling companies to maintain strong cloud infrastructures without dedicated security layers.

Fortinet

Tenable Nessus provides an efficient vulnerability management system with swift deployment and comprehensive scanning capabilities, making it an ideal choice for organizations seeking to enhance their security posture through effective threat detection and mitigation strategies.

Renowned for its top-tier vulnerability detection, Tenable Nessus offers a robust platform that integrates effortlessly across systems, enhancing threat management through automation, real-time monitoring, and customizable scanning options. Its broad asset coverage, including network devices and applications, coupled with ease of deployment, positions it as a go-to option for risk assessment and compliance. Organizations value its extensive reporting features and database, although they suggest enhancements in reporting formats and false positive detection. A more intuitive interface, improved cloud support, and competitive pricing models are sought after to cater to evolving enterprise needs.

What are the key features of Tenable Nessus?

Comprehensive Vulnerability Detection: Identifies security gaps across systems and platforms.
Remedy Recommendations: Provides actionable insights for vulnerability fixes.
Predictive Prioritization: Helps in focusing on critical vulnerabilities first.
Seamless Integration: Compatible with diverse platforms for cohesive threat management.
Automation Capabilities: Streamlines routine scans and reports.

What benefits and ROI should users look for?

Fast Setup: Quick deployment that saves time and resources.
Cost-Effective: Affordable pricing supports budget-conscious cyber strategies.
Real-Time Monitoring: Offers continuous oversight of system health.
Extensive Reports: Detailed insights enhance decision-making processes.

In industries such as finance, healthcare, and tech, Tenable Nessus is implemented for scanning internal and external networks, identifying risks, and ensuring data protection compliance. Organizations conduct regular scans to detect security vulnerabilities in servers and databases, leveraging its capabilities to strengthen their security frameworks while managing cloud infrastructures and enterprise networks efficiently.

Tenable

Sample Customers

Information Not Available

J.Crew, AdRoll, Snowflake, VMWare, Iterable, Pure Storage, TrueCar, NerdWallet, and more.

Bitbrains, Tesla, Just Eat, Crosskey Banking Solutions, Covenant Health, Youngstown State University

Buyer's Guide

Lacework FortiCNAPP vs. Tenable Nessus

March 2025

Free Report: Lacework FortiCNAPP vs. Tenable Nessus

Find out what your peers are saying about Lacework FortiCNAPP vs. Tenable Nessus and other solutions. Updated: March 2025.

DOWNLOAD NOW

844,944 professionals have used our research since 2012.

See our Lacework FortiCNAPP vs. Tenable Nessus report.

See our list of best Vulnerability Management vendors.

We monitor all Vulnerability Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.