Tenable Security Center Reviews

The primary use case for Tenable Security Center among my clients is risk-based vulnerability management. It involves not just a one-time scan but a continuous workflow that integrates with management and auditing processes.

The most valuable features of Tenable Security Center for my clients are Vulnerability Priority Rating (VPR) and Asset Criticality Scoring. The tool also excels in data correlation and reporting, providing crucial insights into security performance, and aiding in measuring service level agreements (SLA).

Our primary use case is compliance for our audits, for our customers. We were exposed in that we were not meeting contractual obligations.

We are monitoring our infrastructure: servers, switches, storage, routers, SAN storage, operating systems, and applications to the extent that the tool is able to see into them. We use it to hit the high ones like Adobe or Microsoft Office and the like. Some of the more niche products that we use may not be in their inventory of vulnerabilities.

It helps us prioritize based on risk and it also helps us prioritize manpower, to show we are getting the most value from the limited number of man-hours that all organizations face. We have the same problems: Where do we need to focus? Where do we need to focus money? And where do we need to focus additional expertise that we don't have or didn't think we needed.

Overall, we use it as a third-party — I don't want to say settle arguments — but as an expert opinion as to what is a true vulnerability is, versus what is something that isn't as high of a priority. It takes opinion — if two cybersecurity people are arguing or discussing if this thing is more important than that thing — and, since Tenable is not invested in our company, gives the best practice. It is very valuable in that sense.

In terms of cyber exposure, it allows us to centralize both vulnerability management and visibility. We have one place to look instead of going through: Okay, we're using the Microsoft tool, and now we're going to go use the Cisco tool, and now we're going to go use the Red Hat tool. It allows us to centralize and easily correlate all data together, and then use the prioritization or just understand where the gaps in our security posture lie. That's more valuable than saying, "Okay, here's this report for Microsoft, and now we're going to print out a report from Red Hat, and we're going to print out a report from Cisco, and we're going to print out a report from NetApp, and we're going to put them all together and then we're going to discuss it." Having it in a single view is very valuable to us in that it saves us a lot of time.

Tenable also helps us to focus resources on the vulnerabilities that are most likely to be exploited. And since it is continuously updated, it allows us to reevaluate quickly if there are new vulnerabilities found, versus ones that we're already working off and are already known to us.

And since cybersecurity and IT security are not a fix-it-and-forget-it scenario — it's a continuous process — having a tool like this, especially one that is continuously monitoring our environment, is very valuable. It's not that we're not doing this once a year, we're not doing this once a quarter. We're doing this every day.

Finally, the solution has reduced the number of critical and high vulnerabilities we need to patch first.

In my previous job, Tenable Security Center was used for a financial institution covering approximately eight thousand assets including servers, computers, network devices, and web applications. The scope was to scan every device within the IT environment. It is a robust solution with numerous plugins that streamline the scanning process, providing powerful results.

Tenable Security Center provides an overall score of vulnerabilities, comparing an organization with others in the same industry. For example, it allows financial institutions to compare their vulnerability management to others in the same sector. This provides a comprehensive view of the organization's vulnerability status.

We are a reseller and Tenable SC is one of the products that we implement for our clients.

The primary use case is to check for compliance against a specific framework, like NIST, CIS, or something similar. Tenable will check compliance on the assets against that specific framework and give that visibility to the technical staff, top management, and the risk management team. In turn, this will enable them to evaluate the risk that they are facing for non-compliance issues.

The second use case is helping the technical staff that handles updates and upgrades to the operating system. It means that they have the most urgent upgrades that they need to cover the high-risk vulnerabilities that can be found and exploited.

Beyond this, Tenable SC assists with malware detection and similar functionality.

The most valuable features are the dashboards and reporting. They have multiple dashboards and reports for different types of details that can be used for different levels of reporting.  This means that by using a high-level report, the top rank in the company can understand what the risk is, as well as how it is violating policy. Similarly, technical people can use a more detailed report to understand what they have to cover and what the criticality of it is.

This product has the best results in terms of the lowest number of false-positives and false-negatives.

There are multiple types of engines that cover almost any necessity that the company can have for vulnerability and compliance.

We use Tenable Security Center for vulnerability assessment purposes within our security infrastructure. The solution helps identify management-related issues and automatically forwards the ticket to our stakeholders, as well as an auto-alert mechanism. Additionally, we have integrated it with our SI solution.

The primary use case involves automated scheduled scans. We have established an asset inventory, and there is a scheduled quarterly automated scan. This process sends the results, thereby reducing manual tasks. The more automation we implement, the fewer errors occur, resulting in a faster and more efficient process.

We also use it for continuous network monitoring. We scan network devices such as Cisco routers, load balancers, and WAN devices. If any suspicious network activity arises, the system saves the results.

Our organization also uses Power BI. There are a lot of scripts that are already integrated to check compliance within the organization. We aim for at least 75% of the benchmark. Tenable's solution assists in representing the level of compliance achieved, whether it be 70%, 80%, 90%, or 95%. We have installed agents on various server types, and adding them to the scan does not require manual credential entry each time. The solution provides comprehensive results on the dashboard for each service by simply clicking on the play button.

The most important features are the dashboard and reporting. The dashboard provides statistics with graphs and bar charts for our management. We can be amazed at how much compliance and patch management are followed; everything can be represented in a single interface.

The solution is connected to our network. We can easily track it with the Tenable Security Center. Without the solution, it's very difficult to track whether or not a new asset is added.

The solution’s configuration is vast. There are so many configurations leading to confusion. It varies from organization to organization based on the Center and new compliance. Suppose some organizations follow the ISO Center. If your organization is a financial organization, it may follow PCS standards. If your organization is healthy enough, it may follow HIPAA standards. You can configure it according to the organization’s compliance. Hence, it's very flexible.

I use Tenable Security Center mainly to detect vulnerabilities. One of its core functions is its capability for asset discovery, which aids in improving our security posture.

The most effective feature of Tenable Security Center for detecting vulnerabilities is its capability for critical mapping. 

Additionally, the asset discovery feature significantly aids in enhancing the security posture.

I'm the one who scans and performs assessments on clinical and medical equipment in our environment. I manage the clinical endpoint devices: MRI systems, bedside monitoring, Alaris pumps, fusion pumps, CTUs, EEGs, EKGs, wireless defibrillators, and a lot of IP cameras that are part of operation room labs. My colleague handles all the regular enterprise IT, database servers, etc. From a scanning standpoint, I do everything from discovery scanning to full-credential auditing and anything and everything in between. That's just for the medical space in a 24/7 production medical environment.

We're also using a bit of the Passive Vulnerability Scanner and, eventually, I want to get to using the agents, but we haven't gotten to that stage yet.

My department is not enterprise-managed. We don't use like tools like SCCM to push out patches. Everything is manual updating. I need to be able to track and audit against our devices and know what exactly what Microsoft hotfixes I need to see. I need to identify what specific patches are missing on devices. Or, for example, there was a Microsoft CVE alert that was put out a couple of weeks ago for RDP, Remote Desktop Protocol. I'm using the scanner now to try to identify what devices we actually need to look at to address risk on. Including IP cameras for our different labs, I manage over 40,000 devices. So I really need to know what exactly I need to focus on for a given vulnerability, such as the Microsoft one, as they come about. Tenable really helps with the identification piece, in a way that traditional IT policies and procedures and tools cannot.

It saves me time. When I get into actually identifying impacted assets in my environment - and having to deal with fewer false positives - it could save me up to eight to ten hours a week, for things like the RDP issue we're dealing with now; for the things that really come out as priorities.

Security Center helps to limit our organization's cyber exposure. In our environment there is a lot of stuff we can't deal with in terms of endpoints, but it has definitely helped in identifying the devices we have out there which haven't had Microsoft updates applied in years, potentially. It's really helped identify those, the low-hanging fruit. But then, you get into the devices that are relatively up to date but their vendor application has been the same for however many years. In the least, we're able to identify and understand which devices those are and what the risks are, even if we can't immediately address it.

In terms of reducing the number of critical and high vulnerabilities we need to patch, it has helped me to identify them, and I address them accordingly. As I said, there is stuff we can't address, but at least it helps us identify them, and we are able to address some of them. It's helped us identify vulnerabilities and put in compensating controls and mitigating controls. It has definitely reduced the risk exposure we've had.

Also, rather than rely on high-level communication from vendors about whether or not their products may be impacted, I can use scans to actually identify what is impacted or in scope for a given vulnerability. It used to be, a couple of years ago, if I had to identify systems, I had to know at a high level if some of these devices could be impacted. It would create a lot of false positives. Since we've been using the scanner, I've been able to narrow that down quite a bit. I still get false positives, but I certainly get a lot fewer than I used to. It helps me have a more managed focus with any scope I'm looking at.

I am using Tenable SC to detect vulnerabilities, and we are in the process of testing the solution.

The most valuable features of Tenable SC are the reports and the dashboards.