Try our new research platform with insights from 80,000+ expert users

Tenable.io Container Security vs Trivy comparison

Sponsored
 

Comparison Buyer's Guide

Executive Summary
 

Categories and Ranking

SentinelOne Singularity Clo...
Sponsored
Ranking in Container Security
3rd
Average Rating
8.6
Reviews Sentiment
8.0
Number of Reviews
99
Ranking in other categories
Vulnerability Management (6th), Cloud and Data Center Security (5th), Cloud Workload Protection Platforms (CWPP) (4th), Cloud Security Posture Management (CSPM) (4th), Cloud-Native Application Protection Platforms (CNAPP) (3rd), Compliance Management (3rd)
Tenable.io Container Security
Ranking in Container Security
23rd
Average Rating
8.0
Reviews Sentiment
7.2
Number of Reviews
8
Ranking in other categories
No ranking in other categories
Trivy
Ranking in Container Security
30th
Average Rating
8.0
Reviews Sentiment
7.1
Number of Reviews
2
Ranking in other categories
No ranking in other categories
 

Featured Reviews

Andrew W - PeerSpot reviewer
Tells us about vulnerabilities as well as their impact and helps to focus on real issues
Looking at all the different pieces, it has got everything we need. Some of the pieces we do not even use. For example, we do not have Kubernetes Security. We are not running any K8 clusters, so it is good for us. Overall, we find the solution to be fantastic. There can be additional education components. This may not be truly fair to them because of what the product is going for, but it would be great to see additional education for compliance. It is not a criticism of the tool per se, but anything to help non-development resources understand some of the complexities of the cloud is always appreciated. Any additional educational resources are always helpful for security teams, especially those without a development background.
Amit Goyal - PeerSpot reviewer
A great solution for identifying vulnerabilities, and it has helped us secure our organization
The best part about Tenable.io Container Security is that they have well-prepared guidebooks for their deployment. Initially, we had queries and questions about deployment, but after we completed it for one or two clients, it was easier for us. The amount of people needed for deployment depends on the engagement and the number of applications. It is usually a consultant on one application, but an entire application security team is involved. On average, deployment takes around one or two weeks. No maintenance is required, but we need to ensure connectivity with the Tenable Portal. This ensures it updates whenever there are new updates or patches from the back end. Tenable.io Container Security is suitable for all companies.
reviewer2599524 - PeerSpot reviewer
Seamlessly integrates with CI/CD pipeline for effective security and malware testing
The most valuable feature of Trivy is its easy integration with the CI/CD pipeline. It allows for seamless scanning of the entire code base in GitHub, making it very scalable based on how it is deployed in conjunction with CI. It has greatly facilitated our security testing and analysis processes.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"PingSafe offers an intuitive user interface that lets us navigate quickly and easily."
"Cloud Native Security offers attack path analysis."
"It used to guide me about an alert. There is something called an alert guide. I used to click on the alert guide, and I could read everything. I could read about the alert and how to resolve it. I used to love that feature."
"PingSafe offers comprehensive security posture management."
"Cloud Native Security offers a valuable tool called an offensive search engine."
"We're monitoring several cloud accounts with Singularity. It is convenient to identify issues or security failures in any account. It's nice to have all the details we need to solve these issues."
"Our organization is growing steadily, so our infrastructure is expanding, and we're managing more technical resources. Singularity Cloud Security helps us track our resources so that we don't get lost in the overwhelming volume of things and ensures we follow best practices. The solution gives us better visibility into our resources and enables faster resolution."
"The most valuable features of PingSafe are the asset inventory and issue indexing."
"It is a scalable solution. Scalability-wise, it is a good solution."
"It helps us secure our applications from the build phase and identify the weaknesses from scratch."
"The solution shows you the exploitable vulnerabilities and helps you prioritize."
"Currently, I haven't implemented the solution due to its deprecation by the site. However, I can highlight some benefits of Tenable Cloud Security, a cybersecurity solution with various features for scanning vulnerabilities in both cloud environments and on-premises container security."
"The strong security provided by the product in the container environment is its most valuable feature."
"The tool's most valuable feature is scanning, reporting, and troubleshooting."
"Nessus scanner is very effective for internal penetration testing."
"Tenable.io detects misconfiguration when you deploy a Docker or Kubernetes container. It's much better to remedy these issues during deployment instead of waiting until the container is already in the production environment."
"It's customizable, allowing me to add any rules and format HTML templates as I wish."
"The most valuable feature of Trivy is its easy integration with the CI/CD pipeline."
"The most valuable feature of Trivy is its easy integration with the CI/CD pipeline."
"One of the great features of Trivy is that it helps me scan items such as AWS credentials and GCP service accounts."
 

Cons

"While the future roadmap presented by SentinelOne appears promising, I hope the envisioned advancements are realistically achievable and that the gap between current offerings and long-term goals is not too significant."
"We use PingSafe and also SentinelOne. If PingSafe integrated some of the endpoint security features of SentinelOne, it would be the perfect one-stop solution for everything. We wouldn't need to switch between the products. At my organization, I am responsible for endpoint security and vulnerability management. Integrating both functions into one application would be ideal because I could see all the alerts, heat maps, and reports in one console."
"We are getting reports only in a predefined form. I would like to have customized reports so that I can see how many issues are open or closed today or in two weeks."
"We wanted it to provide us with something like Claroty Hub in AWS for lateral movement. For example, if an EC2 instance or a virtual machine is compromised in a public subnet based on a particular vulnerability, such as Log4j, we want it to not be able to reach some of our databases. This kind of feature is not supported in PingSafe."
"PingSafe takes four to five hours to detect and highlight an issue, and that time should be reduced."
"SentinelOne Singularity Cloud Security could be improved with easier integrations to the Singularity Data Lake, particularly for various vendors."
"Currently, we would have to export our vulnerability report to an .xlsx file, and review it in an Excel spreadsheet, and then we sort of compile a list from there. It would be cool if there was a way to actually toggle multiple applications for review and then see those file paths on multiple users rather than only one user at a time or only one application at a time."
"The alerting system of the product is an area that I look at and sometimes get confused about. I feel the alerting feature needs improvement."
"The support is tricky to reach, so we would like better-oriented technical support enabled."
"They need to work on auto-remediation so it's easier for the security team to act quickly when certain assets or resources are deployed. The latest version has a CIS benchmark that you need to meet for containers in the cloud, but more automation is needed."
"The initial setup is highly complex."
"The solution’s pricing could be improved."
"I believe integration plays a crucial role for Tenable, particularly in terms of connecting with other products and various container solutions like Docker or Kubernetes. It seems that in future updates, enhanced integration is something I would appreciate. Currently, there is integration with Docker, but when it comes to Kubernetes or other container solutions, it appears to be a challenge, especially with on-prem scanners."
"The stability and setup phase of the product are areas with shortcomings where improvements are needed."
"Tenable.io Container Security should improve integration modules. It should also improve stability."
"I feel that in certain areas this product has false positives which the company should work on. They should also try to include business logic vulnerabilities in the scanner testing. Finally, the vulnerability assessment feature should be increased to other hardware devices, apart from firewalls."
"The reporting could be a little better. When integrating Trivy with CI, the interpretation of the reports could be improved."
"Trivy can improve by providing an output in PDF format."
"Trivy can improve by providing an output in PDF format. Additionally, it takes longer to scan container images built with many layers."
"The reporting could be a little better."
 

Pricing and Cost Advice

"Its pricing is okay. It is in line with what other providers were providing. It is not cheap. It is not expensive."
"PingSafe's primary advantage is its ability to consolidate multiple tools into a single user interface, but, beyond this convenience, it may not offer significant additional benefits to justify its price."
"SentinelOne offers excellent pricing and licensing options."
"The tool is cost-effective."
"I am personally not taking care of the pricing part, but when we moved from CrowdStrike to PingSafe, there were some savings. The price of CrowdStrike was quite high. Compared to that, the price of PingSafe was low. PingSafe is charging based on the subscription model. If I want to add an AWS subscription, I need to pay more. It should not be based on subscription. It should be based on the number of servers that I am scanning."
"I am not involved in the pricing, but it is cost-effective."
"I would rate the cost a seven out of ten with ten being the most costly."
"PingSafe is not very expensive compared to Prisma Cloud, but it's also not that cheap. However, because of its features, it makes sense to us as a company. It's fairly priced."
"It's best to be an institutional buyer and directly contact the sales team as they can provide over-the-top discounts for bulk orders."
"The solution's pricing is neither cheap nor very expensive."
"The product does not operate on a pay-per-license model."
"I rate the tool's pricing a three out of ten."
"I rate the product’s pricing a six out of ten."
Information not available
report
Use our free recommendation engine to learn which Container Security solutions are best for your needs.
824,053 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
19%
Financial Services Firm
15%
Manufacturing Company
9%
Government
5%
Financial Services Firm
20%
Government
11%
Manufacturing Company
9%
Computer Software Company
9%
Computer Software Company
19%
Financial Services Firm
13%
Manufacturing Company
12%
Government
9%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
 

Questions from the Community

What do you like most about PingSafe?
The dashboard gives me an overview of all the things happening in the product, making it one of the tool's best featu...
What is your experience regarding pricing and costs for PingSafe?
The pricing is somewhat high compared to other market tools. This cost can be particularly prohibitive for small busi...
What needs improvement with PingSafe?
To enhance the notification system's efficiency, resolved issues should be promptly removed from the portal. Currentl...
What do you like most about Tenable.io Container Security?
The tool's most valuable feature is scanning, reporting, and troubleshooting.
Ask a question
Earn 20 points
 

Also Known As

PingSafe
Tenable FlawCheck, FlawCheck
No data available
 

Overview

 

Sample Customers

Information Not Available
ServiceMaster
Information Not Available
Find out what your peers are saying about Palo Alto Networks, Wiz, SentinelOne and others in Container Security. Updated: December 2024.
824,053 professionals have used our research since 2012.