Tenable Security Center Reviews

The product is useful for vulnerability management. The Auto-Remediate feature is good. The tool enables centralized vulnerability management.

The product should provide risk-based vulnerability management. It is a popular feature. Large environments can have a lot of vulnerabilities. We need to prioritize them for remediation. So, risk-based vulnerability management is useful for large enterprises.

I have been using the solution for almost ten years.

We don't face many challenges with the product’s stability. We have two or three issues in a year.

The tool is easy to scale. Almost 1,800 users are using the tool in our organization.

The technical support is good. When we raise the issues to Tenable’s support persons, they respond well.

The initial setup was easy. One engineer is required to deploy the solution in two hours. We do not face challenges in maintaining the product.

The tool provides competitive pricing. We pay a yearly license fee. There are no additional costs associated with the tool.

We explored other products, but Tenable was more user-friendly. Tenable has better accuracy, too.

We are satisfied with the solution. Overall, I rate the product a nine out of ten.

My company uses Tenable Security Center to detect and manage our environment's vulnerabilities.

Feature-wise, Tenable Security Center is a very fast tool with many dashboards and reports, and it covers all our systems.

The solution's user interface has some issues. Sometimes, when it comes to a table's interface, shortening a column which in general should be enabled for every column, is not possible. The aforementioned details can be considered for improvement.

I have been using Tenable Security Center for a year. I am using the solution's latest version.

The stability of Tenable Security Center can be described as a straightforward one.

Stability-wise, I rate the solution a ten out of ten.

It is a very scalable solution. Scalability-wise, I rate the solution a ten out of ten.

In my company, we have 20 users of the solution.

The solution is extensively used in our company.

I don't plan to increase the solution's usage since it is used by the security department only.

The technical support is good and provides a quick response whenever contacted by us.

Previously, I have used Tripwire IP360.

My company started using Tenable Security Center because of its reporting capabilities, including the number of reports and dashboards.

The initial setup was straightforward.

The deployment took place in a week.

During the deployment process, we first define your network zones, then we define your organization, define the scan policies, and then finally, we schedule the scanning.

The installation phase can be done in-house, but we chose to seek the help of a consultant.

My company needs to make yearly payments towards the licensing costs. The pricing of the solution falls in the mid-range level, so it is not too expensive.

Overall, I rate the solution a nine out of ten.

I primarily use Tenable SC for vulnerability management i.e. to detect vulnerabilities in servers, workstations, and some IoT, produce, prioritize, and validate a mitigation strategy, and keep the mitigation on track so the CISO can detect changes in the posture. 

Tenable SC's most valuable features are the low number of false positives and the strong capability of providing prioritization for the vulnerabilities detected.

Tenable SC could be improved with additional connectivity to external company postures and the capability of managing and sustaining agents in the systems directly without additional platforms in the middle.

I've been working with Tenable SC for seven years. 

In seven years, we haven't had any problems with Tenable SC's stability. Sometimes a specific update doesn't feed exactly as expected, but the problem is always covered quickly by Tenable, and with a stable version, it's very, very stable.

Tenable SC's system can be multiplied by different installations and have on-top management and a single pane of glass. So it can scale with only one system - almost to half a million assets. And with multiple systems, we can have more than a million assets without problems.

Tenable's American technical support is excellent, though the European version is not quite as good as it takes longer to provide the right information.

Positive

The initial setup is very, very easy, even with the on-prem version, and depending on the customer's size and the complexity of the infrastructure, it can be done in one day.

Tenable SC can cut manpower costs on manual scans and analysis by more than half within one or two years.

Tenable SC is priced per asset, with the basic solution starting around US$12,000 for 500 assets. There's an additional cost for advanced support.

Tenable SC is suitable for medium and large companies, but it's not feasible for small ones. If you're in the US, I advise buying services from Tenable to implement the system instead of trying to implement it yourself. There are always some tricks that come with knowledge of the product that will make for a faster and better installation. Similarly, if you're in EMEA or Asia, please choose a good integrator. I would give Tenable SC a rating of nine out of ten.

It's a management tool. We are more scalable with the Tenable.io product. They are a security vendor with more than one cloud level. Now there are multiple products in my area.

It adheres to advanced security standards. It's mostly geared towards on-premise solutions rather than cloud-based ones. Many enterprises create views solely for internal units and prefer using internal tools without relying on external ones. It is chosen for its comprehensive system-wide solution. It continuously updates its sources to maintain current solutions. Security and confidentiality are top priorities; they avoid external leaks of information. Despite the misconception that such tools are primarily for cloud environments, Tenable manages its systems internally. This makes it a highly valuable asset in the field of data centers and database security, leveraging its own data centers effectively.

They have their own servers and prioritize trust. They address every compliance concern and offer options for automated and manual assessments. Tenable Security Center supports a wide range of applications and servers, capable of comprehensive scanning and handling of vulnerabilities. It can scan against the CI benchmark and provides standard dashboards for general product monitoring and scanning.

They are not currently handling call flows properly. Some call flows are being deleted from the registry but still show as active. Support is also lacking in onboarding properly in this area. This issue causes confusion and reflects poorly on their service. 

I have been using Tenable Security Center since 2014.

The solution is stable.

It is scalable for management in the market, compared to other products.

The initial setup is not easy because everything is on-premise. We need to enable specific ports for the engineering product, which are critical for internal purposes and cannot be easily changed. This complexity remains confined to the client side, where applications may require reboots.

Another issue arises with scanning and agent communication. While some agents communicate effectively with the Security Center, delays occur when numerous users access the service simultaneously, impacting real-time updates.

Managing involves two scanners and one dedicated server, requiring a week for proper setup and two personnel to maintain the system effectively.

While some clients focus solely on developing large-scale software solutions, the industrial sector is vast. Industries such as manufacturing and green technologies prioritize systematic design, maintenance of accounts, blueprints, and business identities—all of which necessitate robust data security. The investment in securing their data is crucial, ensuring that sensitive information remains protected from potential threats. Monitoring and documenting activities through systems like gateway or dedicated servers help management stay informed about ongoing operations and potential risks.

For enterprise customers, it's acceptable. However, for smaller enterprises or businesses, the budget may be too restrictive to consider such extensive solutions. When proposing to small-scale industries, they often show disinterest even when we offer a POC or trial. This reluctance is primarily due to cost considerations, which larger enterprises can manage more easily.

Tenable supports integrations with tools like Jira and Symantec, which are relatively easy to implement. However, when it comes to other cloud services beyond AWS and Azure, such as Oracle, support is less robust. Personal or niche cloud platforms may not receive adequate support.

There's a significant distinction between agent-based and non-agent-based approaches in Tenable's solutions. Agent-based scanning requires installation akin to antivirus software on servers, whereas non-agent-based methods operate differently. This difference impacts reporting and usability, particularly evident in Google Cloud environments where agent-based scanning is mandated.

Accessing and managing Tenable is straightforward for administrators, but specialist knowledge may be necessary for certain configurations or troubleshooting. Small-scale businesses implementing Tenable Security Center may find it cost-prohibitive compared to Tenable.io for cloud solutions, which offers more affordable options and promotions.

Overall, I rate the solution a nine out of ten.

We use the product to scan threats and conduct risk assessments for NCA. 

Tenable Security Center scans networks and gives reports. 

The solution is expensive. 

I haven't contacted the support team yet. 

Tenable Security Center's deployment is easy. 

The tool costs around 15,000 Saudi riyals monthly. 

I rate Tenable Security Center a five out of ten. 

Tenable Security Center is aimed at IT environments. It can receive vulnerability information from Tenable OT and integrate it into a unified report covering both IT and OT environments.

The BPR prioritizes vulnerabilities. The ARCs and compliance reports are very helpful in complying with regulations and standards.

The valauble feature is compliance reporting system.

It does not natively support industrial protocols needed for OT environments. The reporting system is very powerful, though it could be more user-friendly for creating custom reports.

I have been using Tenable Security Center as a partner for five years.

It's very stable.

I rate the solution's stability an eight out of ten.

We cater the solution to medium and enterprise. We haven't seen issues with scalability.

I rate the solution's scalability an eight out of ten.

Deployment takes probably a couple of days. it can either be done for one person.

It requires the installation of its tools and console server, which can be either virtual or physical. You need to activate the licenses and update the tool for the latest plugins. Typical deployments may involve multiple scanners linked to the main console, depending on the customer's network. Additionally, customers might need to deploy agents which require a separate Center manager machine. While, there is a lot to set up, it can be done within a couple of days.

I rate the initial setup an eight out of ten.

It's very affordable.

Continuous monitoring is essential because new vulnerabilities are discovered every day, and even existing vulnerabilities can evolve. As new malware emerges, a vulnerability that seemed minor today might become critical tomorrow. The malware, and malicious activities are constantly changing. 

We cannot rely solely on the hardware or servers required to run Tenable Security Center because it is an on-premise solution.

It provides essential tools for vulnerability management and operates on-premises. This allows customers with requirements or audio restrictions to run Security Center on their premises. Additionally, the reporting system is highly advanced, and the compliance dashboards are extremely useful for meeting regulatory requirements. For example, banks and financial institutions prefer Security Center due to its robust reporting capabilities and on-premises operation.

I advise them to look into Tenable Security Center instead because it not only provides vulnerability management but also include other modules of Tenable, such as Tenable Identity, Tenable Cloud, etc. This allows for a single pane of view for the entire company, covering more than vulnerabilities and offering a comprehensive.

Overall, I rate the solution a nine out of ten.

We use the product as a security tool for VMs and web applications.

The product could be user-friendly, and they could enhance the web application's security features.

We have been using Tenable Security Center for a year.

It is a stable product. Our customers utilize just one security center due to the scope of the budget. It doesn't have any adverse effect on the business.

Tenable Security Center on the cloud side is preferred in larger enterprises, but Nexpose might be a suitable option in smaller organizations. The POC implementation for the banking sector is lengthy. I prefer cloud-based scanning for its ease and scalability.

The tickets are passed quickly. Their support manager works proactively in scheduling meetings and solving the issues with the team. They provide the best support care for the customers.

We used Netsparker and Nexpose before. We switched to Tenable SC for better pricing and efficient scanning features. Additionally, it provides features for data security and cloud usage for clients who want to avoid sending information through the cloud.

The initial setup process is simple. If the customers do not have scanners, we can complete it quickly within an hour.

Tenable SC helps us save about 20% of the price compared to Nexpose, which involves buying three different licenses.

The product helps with web application security. I advise others to use Tenable IO and NAS, especially in regions with specific data protection regulations like GDPR and PDPA.

I rate it a nine out of ten.

We use the solution for creating passwords and security scanning purposes.

The solution has been beneficial for our organization.

The solution serves as a good tool and is very user-friendly as well. It has many features. We are able to identify vulnerabilities in our systems, and ways to fix them with the solution’s help.

The solution is expensive. They should work on its pricing. 

We have been using the solution for six months.

It is a stable solution.

It is a scalable solution. We have eleven users using the solution in our company that include Associates and Engineers. I rate the solution’s scalability as a ten.

The solution’s tech support team is very helpful.

Positive

We have an in-house team for installation.

I recommend the solution as it is a very good and user-friendly product. I rate it as a nine.