Tenable Security Center Reviews

Essentially we use the solution to monitor hard devices on a network with it. That includes laptops, desktops, tablets, et cetera. I'm just using that to make sure that all of our patching is up to date.

The UI, the user interface, is really, really good. It's really simple. I started with no prior experience in vulnerability management and picked it up in less than a day, pretty quickly. It's very intuitive.

Their overall cost of service is pretty good. 

I've worked with my CS manager and with them a lot, and I'd say every case I've opened, they've reached out to me within two hours. They're pretty prompt in their responses and overall the company is really easy to get ahold of.

Scaling the solution is very easy.

The stability of the product is pretty good.

The biggest issue I have with the solution is when I'm using the scanning it picks up the original DNS of that device. That means, before we image it and actually change the DNS to something within our company structure, it'll just be random numbers and letters and Tenable will stick to that DNS for a long time. I'll be searching for a gallery or a laptop and I can't find it due to the fact that the DNS when it was scanned went in as something non-sensical, like M P X 23 Z. That's the biggest issue I have with it. it's some sort of strange glitch.

While I started using the solution in January of last year, the company itself has been on the solution for about three years or so.

The stability of the solution has been quite good. I haven't experienced any real problems so far. It's been a rather smooth proess.

Scaling the solution would be pretty simple. The process would require us to reach out to Tenable to get more licenses, however, that's a pretty simple process. Overall, it's pretty easy. Essentially it'd just be adding a list of all the new IPs into any asset groups that they would be involved in. I don't think it would take much longer than a week.

Technical support is excellent. They are extremely responsive and very helpful. We are quite satisfied with the level of support we've received from them.

I would give them a ten out of ten. They are very prompt and very knowledgeable. They are great at answering questions and walking you through anything step-by-step.

When I started, the company was actually in the process of revamping the solution. 

It was a two-day process and the company walked us through the entire thing. I had a Tenable engineer on-call with me for eight hours. It was a long process, however, it was easy as they were walking me through it, step-by-step.

When we did a recent re-vamp, Tenable was on hand to walk us through the entire process. We had a very positive experience with them.

I don't handle the billing and therefore don't have an exact idea of how much the solution costs.

We just renewed the solution and didn't look into any other product on the market before we did.

We are just customers and end-users of the product.

If a company does decide to implement the solution, I'd advise working with Tenable engineers during the process, and even afterward, in order to ensure everything is set up appropriately.

I'd rate the solution at an eight out of ten We've had a largely very positive experience with the solution so far.

The tool helps with vulnerability assessment and vulnerability management.

The tool gives us fewer false positives. Compared to its competitors, the solution’s reports are more accurate.

We experienced some difficulties with the solution’s support.

I have been working with the solution for two years. I use the tool’s latest version.

I would rate the tool’s stability a nine out of ten.

I would rate the tool’s scalability a ten out of ten. You can place sensors for the scanners and easily scale up.

I would rate the tool’s setup an eight out of ten. The tool’s deployment is very straightforward and it took only one day to deploy the solution. The solution’s deployment is simple and efficient.

I would rate the tool an eight out of ten. The tool has community support. From my experience of using the solution, I would recommend it to anyone looking to use it.

Our primary use case for Tenable SC is its vulnerability scanning capability. 

I think the vendor training provided for Tenable SC could be a lower price. It's quite expensive for the training. 

I have been working with Tenable SC for 4 years.

The stability of the Tenable SC product is satisfactory. 

I find Tenable SC to be a very scalable product. 

The initial setup of Tenable SC is not unmanageable. 

With regards to the setup of Tenable SC, I would advise others to spend time using the module, get familiar with the product, and in addition read the manual that is provided. 

We primarily use Tenable SC for vulnerability scanning and did not evaluate other options. This meets our needs.

I would say there are approximately 30 users in our organization using the Tenable SC product. 

I'm a pre-sales engineer and we are resellers of Tenable.

This solution is very customizable compared to everything else I've seen on the market, so you can easily customize it to suit your needs. There are a lot of templates you can use and you can install it pretty quickly so in one hour you can have your scanner up and running.

I think the company should redo their web page because the way things are now there are a lot of things you can't do. For example, if you want to filter something on the solution and have it filter down to all of your widgets, you can't do it, you have to go from one widget to the other. It takes some time if you have a big customer dashboard that's using some data. I think that the integration with a solution like Jira could be a little bit better for when you create tickets based on your vulnerability.

I know they are working on additional features related to the integration with the patch management like Qualys has, which is really amazing. This is the future and I know they're working on it. 

I've been using this solution for the past six or seven years. 

Usually the solution is stable but it can be a little bit tricky which I think depends on the kind of BME and the sizing used. I'd say it was 80%, 85% stable.

The solution is very scalable, it's one of the most scalable solutions that I've used so far, compared to Rapid7 and Qualys, it's very scalable. You can use it pretty much with anything, even if you start with 1000 IPs and scale up from 1000 to 10,000.

Technical support is very efficient and they escalate the tickets when you have a big issue. When you open a ticket, they respond within the hour and they're pretty quick to find the issue. If you have a bigger issue, you can set up a Zoom call with them and that's very helpful. 

I've used Rapid7 in the past and I've also used Qualys a little as well. I work with customers, so I go with whatever they want to use. 

The initial setup is very straightforward and quick. 

I would definitely recommend the solution but I would tell people that it requires dedicated staff. You need to have someone looking at what's going on when you scan and you need somebody to go through all the results, otherwise it just sits there.

I would rate this solution an eight out of 10. 

I use SecurityCenter currently to investigate daily network security events from reports I receive. Our network support team uses it to track, manage, and remediate system vulnerabilities. It works well for the latter, not so much for the former.

In terms of vulnerability mitigation, SecurityCenter has worked quite well and is a perfect replacement for GFI LanGuard. Unfortunately, it's also being posed to my team as what we're supposed to use in place of ArcSight Express, which I've worked with for several years now.  SecurityCenter could be much more useful to our agency as a whole if it were configured better, but I'm not sure that the team that directly manages that system knows how to do that, or has the right licenses they need to bring in all of the data my team needs in SecurityCenter to make good use of it.  Basically, it comes down to two teams trying to use the same product for very different purposes, and while one team is pleased with the results, the other (mine) is not.

The 'raw syslog' search functions are fairly nice for tracking down debug info from an event, but it's usefulness is extremely low when compared with ArcSight in terms of its usefulness in network event investigations. SecurityCenter's strongest focus seems to be its vulnerability scanning, but I'm told I should be able to use it to replace ArcSight, and from experience with both products, I know that's not the case.  To be honest, if my mission were more aligned with our other team's goals, I might like SecurityCenter a lot more than I do; but as is, it's like trying to fit a square peg into a round hole.

Security Center's vulnerability scanners are excellent in terms of compliance reporting, and the dashboards certainly seem to make the less technical of our staff all starry-eyed, but to be honest, I find SecurityCenter to be lacking in too many ways where my usage of it has been concerned.  Dashboards, to me, are much less interesting than a powerful and flexible query engine, and that's an area where I find SecurityCenter most lacking.

ArcSight Express; my employers sought a less expensive solution. If I'd had any sway on the decision, it wouldn't have happened, or at least, it would have happened differently.  The two products compliment each other well, but separately, they're designed with very different goals in mind.

No, I wasn't given the opportunity. SecurityCenter was brought in, vetted, and implemented by a separate team from the one I work with daily.

Know what you're getting into, and know the difference between security compliance suites and SIEM suites. The two are very different, which is why I'm very unhappy using SecurityCenter, because it's been forced upon me as a replacement for a product that it doesn't even compete with.

I primarily use Tenable for scanning and reporting.

Tenable's most valuable features are the credential scan, vulnerability reports, and vulnerability ratings (VPR).

Tenable has some problems with agents going offline during scanning and lag between agents and the security center. In the next release, Tenable should include automated patching and integration with SSCM so missing patches can be pushed from there.

Tenable is stable.

I'm satisfied with Tenable's technical support.

Positive

The initial setup was easy.

Tenable is open-source.

I would rate Tenable eight out of ten.

I use this solution to perform vulnerability assessments and then patch my systems using third-party tools.

The vulnerability scan is pretty fast and once you give it the right access privileges on the target system, you get very clear and precise details of the vulnerabilities.

This solution has a much lower rate of false positives compared to competing products.

It can operate in hybrid mode, too. The greatest strength of the product comes up when the agent is deployed on the endpoint to be scanned. Thereafter, even if the agent is out of the office network, it can still be scanned and will also send back data to the parent console.

The dashboard and the templates used to delvelop reports are awesome.

It is easy to run, scan, and categorize an asset as and when needed. The same asset can be present in two or more groups based on the identification.

This solution can now be deployed in cloud setups.

This solution provides a good reporting system and with a reasonably good level of third-party integration. McAfee has leveraged this capability beautifully in its Policy Orchestrator.

We need to give more customer demos and also highlight the strengths of the product that have been developed over a twenty-year period.

The vulnerability scan does not work correctly until the access privileges are set by the system administrator.

This system is stable under normal configurational mode. It is important to understand how many hosts it will handle and size the system accordingly.

This is a very highly scalable system.

I have not contacted technical support so far, as there was no issue to escalate.

We did not use another solution prior to this one.

I have worked on a few demos and they have been pretty straightforward to setup.

I perform the deployment of this solution.

Yet to be calculated.

Costing is pretty reasonable compared to the competition.

We evaluated Rapid7 and Qualys before choosing this solution.

Tenable SC can be used in any company for vulnerability management life cycle.

It's a very useful tool.

Internal ticketing systems require improvement. 

The GUI could be improved to have all concerns and priorities use the same GUI, allowing them to see all tickets, assign vulnerabilities, and assign variation failures to each member of their team.

I have been working with Tenable SC for more than five years.                                                             

Tenable SC is very stable.

According to the sizing that we are dealing with in this first stage, it is very scalable.

We have not experienced any issues with the scalability of Tenable SC.

The information security team has access to the solution. The number of users varies from one environment to another. It ranges, from five users to ten users maximum.

The same number of users can easily deploy and maintain this solution, included the access manager, administrator, and anyone who can configure the policies they test.

Tenable technical support is very good. They are very helpful, and responsive.

We had experienced some delays in two or three tickets we started, but that may have been because of the client, they were very unresponsive.

Overall, the technical support is very good.

I have worked with Rapid 7 and Qualys.

The installation is very straightforward. It's the easiest solution that I have ever implemented.

The installation was quick, taking no more than one or two minutes.

I completed the installation myself. It can easily be installed by anyone.

The license is perpetual and is based on the number of IP addresses you want to scan in your organization.

The support comes with a different license.

Tenable SC is without a doubt a good choice.

I would rate Tenable SC a nine out of ten.