Pentera Reviews

Name: Pentera
Brand: Pentera
Rating: 3.9 (9 reviews)

3.9 out of 5

9 reviews
100% willing to recommend

What is Pentera?

Pentera is the category leader for Automated Security Validation, allowing every organization to evaluate its security readiness, to know its real security risk at any given moment. Test all cybersecurity layers across the attack surface – inside and out – by safely emulating attacks & prioritize patching with a risk-based remediation roadmap.

Thousands of security professionals and service providers around the world use Pentera to guide remediation and close security gaps before they are exploited. For more info visit: pentera.io

Get the Breach and Attack Simulation (BAS) Buyer's Guide and find out what your peers are saying about Pentera, Akamai Guardicore Segmentation, Cymulate and more!

Pentera is the #1 ranked solution in top Penetration Testing Services and Breach and Attack Simulation vendors. PeerSpot users give Pentera an average rating of 7.8 out of 10. Pentera is most commonly compared to Akamai Guardicore Segmentation: Pentera vs Akamai Guardicore Segmentation. Pentera is popular among the large enterprise segment, accounting for 59% of users researching this solution on PeerSpot. The top industry researching this solution are professionals from a computer software company, accounting for 14% of all views.

Buyer's Guide

Breach and Attack Simulation (BAS)

January 2025

Get the category report

Helped 838,640 peers since 2012

Featured reviews

Richard Marlow

Vulnerability Testing Manager at Frasers Group

The tool is quite scalable. There's a one-to-one relationship between the engine and how many scans we can do. We can only do one scan with one engine. We had some issues around the password assessments because we added a lot of users. It took a long time. I rate the scalability a seven out of ten. We have three users in our organization.

Read full review

Jon Medvenics

Chief Hacker at Heretek

One of the big issues we have is that the tool has an additional license for compromised credentials. Suppose compromised credentials for any of your domains appear in leaks, dumps, or are being sold. In that case, they try to aggregate that data and highlight that, for example, ten users appeared in recent dumps as compromised credentials. However, they don't provide much information about where those compromises came from or their source information, probably to protect their sources. Also, if you have credentials and want to check if they're still valid or can still be used, and you confirm they can't be used (maybe they're from a leak or a twenty-year-old database), there's no way for you to flag that these credentials aren't a problem anymore. The solution has a sort of flat report. It's annoying to go through lots of legwork only to see the same names or credentials still there, and you can't do anything about it in their portal. We've given them feedback, but I think it's probably on their long list of feature requests to address. For me, that would be a greater user configuration of the tests performed on a granular level. As I mentioned with Cymulate, they show you every line of code they will run and what tool is being used, step by step. Pentera is more closed in that regard. If Pentera released a feature that allows you to alter the attack path or change the command, that would be incredibly useful. Pentera might use one or a few different methods to do something, but if none of those work, it will just say everything is fine and secure. If Pentera could adapt or change based on what it finds in the environment, that would be very valuable. As a customer, we understand our environments better than an automated tool, so providing context to help the tool get better results would be valuable.

Read full review

Derek Maraw

Cyber Security Officer at AFC Holdings

Pentera's general dashboards could be improved and made more specific in terms of vulnerabilities that I'm discovering. Also, the solution should accommodate virtual patching. It will be a good idea not to prolong this vulnerability in our network. I've got one issue with Pentera's licensing. Pentera should allow small organizations to subscribe and use the solution. Sometimes, it gets very difficult to get 100,000 approved for a project. Pentera should provide the capacity to allow testing something quickly on a demand basis. Now that we haven't been doing red teaming and blue teaming, it would be good if the solution could give general reports that we can send or communicate to our executive. That would really make our job easy. Sometimes there's a lot of jargon around the dashboard, and if it can be general, we can easily convince our executive management.

Read full review

Pentera mindshare

Product category:

As of February 2025, the mindshare of Pentera in the Breach and Attack Simulation (BAS) category stands at 30.4%, up from 26.6% compared to the previous year, according to calculations based on PeerSpot user engagement data.

Breach and Attack Simulation (BAS)

Key learnings from peers

Last updated Jan 11, 2025

Valuable Features

Pentera's most valuable features include continuous vulnerability assessment, automated cybersecurity activities, and easy usability. Users appreciate the platform's attack surface mapping, evidence-based remediation guidance, and fast retesting capabilities. The tool's credential and vulnerability management, password strength assessments, and ransomware protection testing are highly valued. Organizations can efficiently handle repetitive tests in-house and automate processes, validating system vulnerabilities effectively. Pentera demonstrates real exploitation impacts, providing significant value to security teams.

"Pentera has many authentic features."
"Pentera has many authentic features."
"The platform's most valuable features are credential management and vulnerability management."

Room for Improvement

Pentera's dashboards and virtualization compatibility require enhancement. Users express the need for support for new graphic cards and improved licensing options for smaller organizations. Automating red and blue teaming reports for executives and reducing jargon in dashboards are requested. Scalability and price adjustments are suggested. Compatibility issues with virtual servers and limited vendor support are noted. Improvements in testing customization, user configuration, and dashboard functionalities for multiple branches are desired, alongside addressing compromised credentials and licensing issues with IP management.

"The licensing and IP management need improvement. When the IP is imported into a system, we cannot withdraw or revoke the license."
"The licensing and IP management need improvement."
"One area for product improvement could be the inclusion of a dashboard to cover multiple branches and subsidiaries, allowing for centralized monitoring."

Pricing

Enterprise buyers report mixed experiences with Pentera's pricing structure. Some describe the yearly licensing cost as reasonable yet feel it could be more cost-effective. Others find the tool relatively inexpensive and worth the investment, especially for its value in identifying vulnerabilities. Conversely, a few perceive it as expensive, though adequately priced for the insights it provides. Overall, feedback suggests varying levels of satisfaction with Pentera's pricing.

"The product's cost is reasonable. I rate the pricing a three out of ten."
"The tool is relatively cheap."
"It's not that expensive, but it could be more cost-effective."

Popular Use Cases

Organizations primarily use Pentera for automated penetration testing, enhancing compliance, simulating test scenarios, identifying vulnerabilities, and strengthening password security. Its adoption supports vulnerability management programs and regular pentesting automation. Customers utilize it for ensuring network security, including testing scenarios like VMware and ransomware scanning. Pentera serves both external clients and internal environments, focusing on closing compliance findings and validating security infrastructures.

Service and Support

Pentera's technical support is responsive and helpful, often providing quick recommendations. While some users have not yet interacted with support, others rate it highly. Support responses vary, with some documentation being outdated. Experience levels among team members differ, affecting assistance quality. Code updates have been slower for some, with occasional feedback suggesting improved contract terms for enhanced features and support.

Deployment

Pentera's initial setup is straightforward and user-friendly to deploy. It typically requires basic networking knowledge and can be completed within a day or two. Users find the instructions clear and the process accessible, similar to deploying other vulnerability scanners. Teams usually involve two or three individuals, and while it may demand some understanding of network permissions and security policies, it generally rates highly for ease of installation and integration.

Scalability

Pentera's scalability is highly rated, often receiving scores between seven and ten out of ten. Multiple entities utilize it, with maintenance handled by small technical teams, indicating easy operation. Users note a direct relationship between the engine count and scan capacity but mention challenges with large user additions affecting speed. Many technical users find it easy to scale with aligned minimum requirements, showcasing Pentera's adaptability across various environments.

Stability

Pentera receives high marks for stability, frequently rated between nine and ten. Users report it does not impact network services and is generally stable, though some noted occasional issues. Initial bugs were quickly addressed, and the stability is appreciated by most who rarely encounter problems. While a few users experienced issues with core servers during setup, they didn’t attribute these to Pentera directly, maintaining confidence in its stability.

These insights are based on the in-depth reviews provided by peers to help you make a better buying decision.

Download our Breach and Attack Simulation (BAS) Buyer's Guide for additional reliable information.