The product operates on a license-based model, where you purchase a license based on the number of IP addresses you intend to scan. For example, if you purchase a license for 50 IP addresses and your network has 200 users, it will only scan for those 50 IPs. You can gain visibility into all IPs within your environment, including subnets with a full license. Also, you can geographically segment your scanning targets based on the number of IPs allocated for each location.
CTO at ABM Info. tech
An easy-to-manage solution to gain visibility into all IPs
Pros and Cons
- "It is easy to manage. Most of the information the tool provided helped to further investigate the vulnerability and its impact."
- "The solution’s pricing could be improved."
What is our primary use case?
How has it helped my organization?
The product is very friendly. It is easy to manage. Most of the information the tool provided was correct and helped to further investigate the vulnerability and its impact.
What is most valuable?
The most important feature is network scanning.
What needs improvement?
The solution’s pricing could be improved.
Buyer's Guide
Tenable Vulnerability Management
November 2024
Learn what your peers think about Tenable Vulnerability Management. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.
824,053 professionals have used our research since 2012.
For how long have I used the solution?
I have been using Tenable Vulnerability Management for one year.
What do I think about the stability of the solution?
I rate the solution’s stability an eight out of ten.
What do I think about the scalability of the solution?
The solution is very scalable. It allows you to adjust according to your needs. You can add more features if you wish to purchase additional tools.
How was the initial setup?
The initial setup is very easy. To deploy, run the setup command, and then it can deploy on your Linux and Windows platforms. I did it by myself.
What's my experience with pricing, setup cost, and licensing?
The product is expensive but manageable.
What other advice do I have?
I recommend the solution. Although, it varies from person to person experience. Rapid7 users can use free tools. I'm very satisfied with the product.
Overall, I rate the solution an eight out of ten.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Senior Cyber Security Consultant at ATOS
A stable vulnerability management tool with a good user interface
Pros and Cons
- "It is a very, very user-friendly tool...The setup is easy"
- "The only drawback of the solution is that it is expensive."
What is our primary use case?
We actually needed clarity on the vulnerabilities in our infrastructure. We used the solution to scan and make a report for us on what is vulnerable in our infrastructure and what is not, what we can improve and update, and what is good as it is.
What is most valuable?
It is a very, very user-friendly tool. To make some sense, you just need to put in your domain and click a button to scan and give you a piece of customized information about your infrastructure. It is very easy to use to schedule a scan, and it can consume a lot of CPU resources. So, you can schedule a scan between 1 AM to 3 AM, and it works very well for us.
What needs improvement?
I didn't work a lot with the solution. My experience was pretty smooth. I don't have any recommendations for improvement. Maybe it's because I don't use it a lot.
The only drawback of the solution is that it is expensive. The pricing should be kept lower.
For how long have I used the solution?
I have experience with Tenable.io Vulnerability Management. I used it six months ago. I used it for two years. I am a customer of the solution.
What do I think about the stability of the solution?
It is a very stable product.
How was the initial setup?
The setup is easy. Tenable.io Vulnerability Management is known for its ease of setup.
What's my experience with pricing, setup cost, and licensing?
Tenable.io is not known for being a cheap product. You definitely can have another product that could be cheaper than Tenable.io. If you have a real concern with your budget, maybe another platform would be of interest to you.
You can find other tools that are way cheaper, with similarities to Tenable.io. I would say it may not be the same tool, but similar.
What other advice do I have?
The solution's user interface was very good.
It's one of the best tools available for vulnerability management. I would definitely recommend the solution to those planning to use it.
I rate the overall solution a ten out of ten.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Buyer's Guide
Tenable Vulnerability Management
November 2024
Learn what your peers think about Tenable Vulnerability Management. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.
824,053 professionals have used our research since 2012.
CSO at a manufacturing company with 1,001-5,000 employees
Though it is scalable and has an easy setup phase in place, the solution is an expensive one
Pros and Cons
- "The solution's most valuable feature is providing a single pane of visibility on all the infrastructure and its status."
- "I would like the solution to cover the whole cycle of mitigation since it's an area where the solution currently lacks."
What is our primary use case?
Considering regular use cases of the solution, we wanted to cover two things, external vulnerabilities and the ability to identify misconfigurations on the perimeter, like, let's say, if someone is open, something vulnerable to outside, we monitor it. The use case was monitoring the external parameter addresses with Tenable.io and seeing changes there. If something changes or if something becomes vulnerable, as it's seen from the outside, without actual credentials to scan, you know, like, we can have several layers of scans. So, Tenable.io, we used as seen outside without providing any credentials, So it
gives you the true picture of how and what the attackers can use. It might be that if we use it with the credentials, we won't find additional vulnerabilities, but we don't cover that because it's not important because external attackers will not see it, actually. So, it's the first use case, and generally, Tenable.io is used for identifying vulnerabilities in the company infrastructure, servers, endpoints, and additional hardware and software, like routers, switches, and whatever has an IP address. Let's say, not for IoT, just for IT infrastructure and development infrastructure, and that was the use case of Tenable.io.
How has it helped my organization?
It improved basic things in resiliency, like cyber resiliency in the company, so as to not be attacked, not to be breached, or not be successfully attacked by hackers. So, it's basically a non-vulnerable state. This provided us with visibility of our actual status of where all the infrastructure is and helped to prioritize the vulnerability mitigation. It also indicates what to tackle first because you have a lot of stuff there, but you need to prioritize it. The main point here is to know how to prioritize since we never have enough time and resources to deal with fixing everything. You need to understand what to do first, and Tenable.io actually helps with that because they have additional intelligent sources to not just give you, like, CVSS because all the vulnerabilities have CVSS scores from zero to ten. So it gives you not just to always work by the score number because it just represents the vulnerability and how it can be hacked. But just take into account when you prioritize if it's a public-facing asset or computer or server or if not, or if this is now a trendy vulnerability to use and to exploit or not. Also, they have an additional score represented only in the system in addition to the CVSS score that helps you prioritize the mitigations.
What is most valuable?
The solution's most valuable feature is providing a single pane of visibility on all the infrastructure and its status. The aforementioned fact helps to prioritize things right and also to cover the mitigation process itself. However, what's bad about older systems, like, is when we do that, it just covers the identification. So, you have the problem and what you need to do, but it doesn't cover the whole cycle of dealing with it, and so you see the problem, you know what to do, maybe you know what to do first, But then the process needs to continue. I'm talking about a lot of negative things, but the fact remains that it doesn't cover, actually, the whole process of the identification and then the prioritization because we need to maybe open a ticket to deal with it by approaching the right people and to see that it's done, including the validation scans after it. The system gives you a way to do the scans somehow all around vulnerability and its status while not having to deal with the whole cycle. So you don't see, or you don't have this part when you mitigate the vulnerabilities themselves, and then you know what you did, what you didn't, and how you did, and which is status after it. So, it doesn't cover the whole vulnerability management process.
What needs improvement?
I would like the solution to cover the whole cycle of mitigation since it's an area where the solution currently lacks.
Nessus was created and, like, covered afterward. All the system is built around a basic unit that is mitigation, not the vulnerabilities. You don't have all the vulnerabilities where you build all the processes and all the reports that you have around it. Vulnerability is not like you have this problem. They say to you. Basically, you have a problem, but you don't have the patch. And the patch, inside of it, you have fifteen vulnerabilities, and it appears as a vulnerability. You are missing a patch, but it's not a vulnerability. All the system is built around missing mitigation. As a basic unit that everything is built around, and so this part is what you see when you do reports or when you build dashboards, and you have several databases inside that you can build reports around, but it's all beautiful, and you have a lot of reports, right, out of the box. But when you start creating something that you really need, like a new report, then you're, like, this data is in this database or downloaded database and this in another database of mitigations, and hence they cannot easily be connected, so each report can be all around this database because they have, like, two, three databases. I don't remember exactly, but they have separate databases inside, and you need to build the reports around one database, and it's not easy to connect two databases into one meaningful report. So, this is a hard part.
In short, I would like to see the databases seamlessly connected while doing a report.
The tool is okay, but, like I said, to cover the whole cycle and is like connecting the unconnectable things because they are built this way which I don't think they can change right now.
They can add things like brand reputation monitoring because it's the system that needs to identify all the vulnerabilities and infrastructure vulnerabilities. They can take it to add code vulnerabilities, like, if it's an R&D company that creates software, they have vulnerabilities of other types, like application-level vulnerabilities in the things that they are developing. And if it's a cloud, then it needs to be covered in a good way, considering the cloud infrastructure. Also, it works on the IP level. On the cloud, you can do it around EC2 instances. You can do the same in Tenable.io but then all the part of the cloud layer that is cloud-based but not on the EC2 level. Let's say it's CloudWatch logs and all the con configurations that are at a cloud provider level. So, there can be vulnerabilities there not at the EC2 level of the machine itself. So these are also vulnerabilities, and it can be good if they are shown and covered by the system.
In general, brand reputation and external CTI are needed in the solution.
Somewhere outside in the open world that it was bridged, and it's there, and then maybe we can show it to you also that it was bridged. So it's now in the open world, and they don't want to be, you know, to be the open world and also on the external attack surface, but I think we saw that some module that they are doing that is in just the right direction. So, it's a good direction.
For how long have I used the solution?
I have been using Tenable.io Vulnerability Management for two years. I am just a customer of the solution. We used Tenable.io and then moved to Tenable.sc, which was on-premises.
What do I think about the stability of the solution?
Stability-wise, I rate the solution a four out of ten since there were problems with scans that were stuck and didn't work. Also, there was no nobody to talk to about the aforementioned issues. So, it was a problematic thing.
What do I think about the scalability of the solution?
Scalability-wise, I rate the solution an eight out of ten.
We usually give it to maintain, run and configure everything we use to just two people to see the results. Each department has a user to see their problems by themselves. So it's like, apart from the two people, an additional ten or sixteen people use the solution, and these are people that are responsible for infrastructure management, like IT people at different places.
How are customer service and support?
I rate the technical support around three to four out of ten. Sometimes, when we had problems, it was hard to get answers. The support was slow because it got to the wrong people at the start. So, the problems pass through tier one and then get escalated to the right people. So, it is very hard because some problems don't need just a tier one to solve the issue. So, tier three or four support may be needed at times.
How would you rate customer service and support?
Neutral
How was the initial setup?
Just installing it and keeping it running is pretty easy. However, support is very important. I think all the companies in the field lack some good support, specifically in my country.
I rate the initial setup a ten out of ten, but it's not important because afterward, when you have problems, and you want an additional initial setup, the integration needs to be done to just install it. It needs to integrate it with other systems and integrate it into processes. At this level, at least with Tenable.io, I didn't feel that they were doing that, and so I didn't just want to buy software and install it.
The solution is deployed on the cloud and on-prem. We chose some of the biggest three or four cloud providers, including Azure and Oracle.
It took two weeks to a month for the deployment process to be completed. It depends on where you want to deploy. To prepare the solution for work, you install it, then install the scanners, and later on configure the scanners. Also, you need to identify the ranges that you need to scan. If you have some problems with connections, etc., you solve them. Then, you need to do the actual work. Just actually use the system for mitigation, and you need to do the right reporting. Also, things like connecting to ticketing take more time just to install. We deployed the solution with around three to four people, including security engineers, the network team, and business owners of the places we wanted to scan.
The solution requires maintenance. We used two people for maintenance and for some stuff that didn't work or needed to be improved or to deal with scanners that had problems on this because of the configuration. For not-so-effective scans, we need to tune it because if you have a huge range and the scans are configured to scan everything, then it is stuck. So, you tune them to the right places and scan the right thing to take the right type of scan, and then tune this tool.
The system owner, the infrastructure that is responsible for it, was involved in the maintenance of the solution. So, it was from the same department.
With Tenable.sc, in comparison to Tenable.io, it was even easier to do the implementation because you don't need to do a lot of stuff.
What was our ROI?
I have experienced a return on investment using Tenable.io. It showed us what we did wrong in the process of building the vulnerability management program in our company. It also gave us an understanding, making it a good solution.
On a scale of one to ten, where one is no return on investment, and ten is a hundred percent return on investment, I rate the solution a seven.
What's my experience with pricing, setup cost, and licensing?
On a scale of one to ten, where one is low, and ten is high price, I rate the pricing an eight. So, it is a pretty expensive solution.
Which other solutions did I evaluate?
After evaluation, we have switched from Tenable.io Vulnerability Management to Rapid7. We also looked at Tenable Attack Surface Management but didn't use its protection.
Before choosing Tenable.io, we evaluated Rapid7, Nexpose, and Qualys.
What other advice do I have?
It is a viable solution, but we then preferred and switched to Rapid7 again since it was cheaper. Also, we like the one thing we like because we had, like, problems getting to all the user machines, and so Rapid7 gave us the agent that they have. So you don't need to get the scan to the machine. You just install these solutions. We install the agent that reports on vulnerabilities instead of getting credentials scanned. And today, it's more problematic because, like, it would take several years ago, like ten years ago, all the systems had the perimeter of the company, and all the users were in some understandable place, and we knew where to look for them. Today, as a company where people around the world are not always using VPNs to connect to the network, and if they connect, they connect for some time, and let's say you are scanning your user computers every night or every day at five o'clock. So when you do the scan, just ten percent of the people, you hit them because only ten percent of the people are connected to your VPN during the five o'clock window. So you don't see the other machines, and you don't get them. Hence, you don't know the vulnerability status because they are less scanned. The solution needs to be perimeter-less, let's say, or the scans we need to get to the machines to all the machines, and if you scan them somehow or even if they are on the open internet, it's hard. So here, the agent solution is very easy because they report to the management on the vulnerability status from the agent over the internet. It was a big plus.
In terms of pricing and capabilities and just of the capability, while also considering our use cases where it is most important for us to get to all the machines.
I rate the overall product a seven out of ten.
Which deployment model are you using for this solution?
Hybrid Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Security Analyst at a consultancy with 10,001+ employees
Great data exportability, stable, and scalable
Pros and Cons
- "One of the most valuable features of Tenable.io Vulnerability Management is its exportability, which allows us to conduct risk assessments efficiently."
- "The UI has room for improvement."
What is our primary use case?
We use the solution for our vulnerability management program.
The solution is deployed in the cloud.
How has it helped my organization?
When the logging logic is lacking certain columns, Tenable.io Vulnerability Management provides comprehensive coverage, thereby simplifying the reporting process.
What is most valuable?
One of the most valuable features of Tenable.io Vulnerability Management is its exportability, which allows us to conduct risk assessments efficiently. This feature enables us to prioritize security issues based on their level of importance, without being distracted by other irrelevant details. Additionally, the system is frequently updated to ensure it complies with industry standards.
What needs improvement?
The asset identification has room for improvement. Since we are using a cloud-based scanner, we must scan devices based on their ID. However, we are encountering many issues with reporting. Assets are often being incorrectly merged or we encounter issues related to assets. If we had an agent with a scanning system, this issue may not have occurred, but it currently exists.
The UI has room for improvement. The previous version of the UI was better.
The technical support has room for improvement.
For how long have I used the solution?
I have been using the solution for nine months.
What do I think about the stability of the solution?
The solution is generally stable, although we have experienced two instances in the past where it was down. The first outage was related to the scanner and lasted a few hours, while the second was caused by storage issues that prevented us from clearing the logs.
What do I think about the scalability of the solution?
Scalability depends on our licensing agreement and the number of scanners we use. Currently, the number of scanners and our license allows for scalability up to a certain limit. Beyond that limit, we would need to purchase additional licenses to expand.
How are customer service and support?
The technical support team responds promptly to basic issues. However, when faced with major issues or more complex problems, it can take longer to receive adequate assistance due to a high volume of entries. In such cases, we are required to submit detailed logs, which the support team will analyze before we can proceed to ask further questions.
How would you rate customer service and support?
Negative
What's my experience with pricing, setup cost, and licensing?
Our current license covers 2,500 assets. If we want to add more assets we need to buy another license for another scanner.
What other advice do I have?
I give the solution an eight out of ten.
We have around nine people using the solution.
The necessary maintenance pertains to storage. As it will be hosted on a specific cloud instance, we need to periodically manage the storage when the logs become full. This involves manually logging into the deployment platform and clearing the storage every few months.
The features of Tenable.io Vulnerability Management are impressive, the management system is well-designed, and the scanning options are thorough. Additionally, there are numerous built-in templates available. However, when utilizing the twelve-day scanner, asset identification can become challenging because of the dynamic IP addresses, which the solution struggles to properly identify the devices.
Tenable.io Vulnerability Management is a leading solution for vulnerability management and excels at aggregating information.
Which deployment model are you using for this solution?
Public Cloud
Disclosure: My company has a business relationship with this vendor other than being a customer: Integrator
Technical Lead Information Security at Australian OpCo Pty Ltd.
Easy to deploy, simple to maintain, and very user-friendly
Pros and Cons
- "The interface is fine."
- "The solution is a bit slow."
What is our primary use case?
Before, they did not have an agent-based solution. Last year, they developed one. For example, before, when users were roaming or working from home, we wouldn't be able to scan previously. Now, we can cover anyone, even off-site.
What is most valuable?
The most valuable feature is the configuration audit.
The interface is fine.
We haven't had issues with support.
The solution is easy to deploy and maintain.
The solution can scale well.
The entire product is very easy to use.
What needs improvement?
The solution is a bit slow. It should be faster. They could improve the performance.
For how long have I used the solution?
We primarily use the solution for vulnerability management and confidential information detection, for example, credit card information. We also use it for configuration management.
What do I think about the scalability of the solution?
The scalability is great. I'd rate it nine out of ten. A company can expand it if they would like to.
How are customer service and support?
Technical support is okay. The issue is they don't have a team based in India. Sometimes, it's hard to get support on time. However, they are pretty helpful.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
We are also using Tenable.sc, version 6.0.
How was the initial setup?
The initial setup is pretty straightforward. I'd rate the process eight out of ten overall. It is not overly complex.
We can implement the solution in one week in one region.
In terms of maintenance, we only really need one person. That's enough.
What's my experience with pricing, setup cost, and licensing?
I do not manage the licensing or pricing. My team handles this aspect.
Which other solutions did I evaluate?
We did test multiple other solutions.
What other advice do I have?
I'm an end-user.
This is an agent-based solution. There isn't a specific version we use.
The solution is very user-friendly if you compare it to other tools. I'd rate it eight out of ten.
Which deployment model are you using for this solution?
Hybrid Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
IT Manager at a financial services firm with 1,001-5,000 employees
An exceptionally stable and scalable solution that helps users find vulnerabilities
Pros and Cons
- "It is a stable solution. Stability-wise, I rate the solution a ten out of ten."
- "The reporting was never great in Tenable Vulnerability Management, so, in my company, we imported all the data into Ivanti RiskSense to start using it for reporting."
What is our primary use case?
I was the manager of the vulnerability patching team in my company, and we would use it to go through everything, discover our network, find what vulnerabilities existed, and then use that for a work plan and assignments to decide who would fix what vulnerabilities.
How has it helped my organization?
In my company, with the help of Tenable Vulnerability Management, we could find all the things that we didn't know existed. It would be too resource-intensive to manually go into every device and figure out in which version of a solution the vulnerability exists, which is something that Tenable Vulnerability Management does for you.
What is most valuable?
The solution's most valuable feature is the product's vulnerability database, as it knows what to scan.
What needs improvement?
There is no good work assignment system in the product. Specifically, if an SQL patch needs to be applied, then that needs to go to the SQL team, but Tenable wants to assign the ticket to an individual and not a team.
The reporting was never great in Tenable Vulnerability Management, so, in my company, we imported all the data into Ivanti RiskSense to start using it for reporting.
For how long have I used the solution?
I have been using Tenable Vulnerability Management for three to four years. I don't remember the version of the solution.
What do I think about the stability of the solution?
It is a stable solution. Stability-wise, I rate the solution a ten out of ten.
What do I think about the scalability of the solution?
Scalability-wise, I rate the solution a ten out of ten.
How are customer service and support?
I rate the technical support a seven out of ten.
How would you rate customer service and support?
Neutral
Which solution did I use previously and why did I switch?
I have experience with another solution in the past, but I don't remember its name.
How was the initial setup?
The product's initial setup was very straightforward.
The solution is deployed on an on-premises model and the cloud. With the endpoint in the product, everything was reported back to the cloud offered by Tenable.
What was our ROI?
I saw a return on investment from using the solution since I feel that finding the vulnerabilities is always much cheaper than dealing with a situation after your system gets hacked. In short, I would put it as insurance is cheaper than the fire.
Which other solutions did I evaluate?
In our company, we went through every other tool in the market and came down to Rapid7 and Tenable since they were the only two good options.
What other advice do I have?
Network scans are very resource-intensive and can cause outages in some instances, which is a political and not a technical issue to solve.
I rate the overall tool a ten out of ten.
Which deployment model are you using for this solution?
Hybrid Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Security Manager at Yarix S.r.l.
An easy-to-use, mature, stable, and scalable solution for vulnerability assessment
Pros and Cons
- "Tenable.io Vulnerability Management is an easy-to-use product. I"
- "The shortcoming of the solution that needs improvement is related to its capability to do vulnerability assessments on applications."
What is our primary use case?
In my company, we use Tenable.io Vulnerability Management is a good solution for vulnerability assessment on the infrastructure and not on the applications. The solution is useful for conducting vulnerability assessments on IT infrastructures. We use Tenable to discover assets on the network and the vulnerabilities in the vulnerability management cycle.
What is most valuable?
Tenable.io Vulnerability Management is an easy-to-use product. It is a good solution, as per Gartner's SIEM Magic Quadrant. The product has a lot of documentation and blogs, so you can get lots of support from its communities while also finding a lot of online materials that can help you improve the solution's uses or implement it according to your use cases.
What needs improvement?
The shortcoming of the solution that needs improvement is related to its capability to do vulnerability assessments on applications.
For how long have I used the solution?
I have been using Tenable.io Vulnerability Management for more than ten years.
What do I think about the stability of the solution?
It is a very stable and mature solution in the market since it has been around for over 15 years.
What do I think about the scalability of the solution?
The product has no scalability solution since it can manage hundreds to thousands of networks.
How are customer service and support?
The solution's technical support is good and quick to respond. If you have a problem, you can be sure that someone from the support team has a solution to your problem.
Which solution did I use previously and why did I switch?
Our company doesn't use any other products from Tenable apart from Tenable Nessus for vulnerability assessment. We also use NetSuite to manage the vulnerabilities' life cycle.
How was the initial setup?
The initial setup of Tenable.io Vulnerability Management was straightforward since it allows one to use a device, like a virtual machine, or one can use it on a public IP address if it is already deployed, making the process very quick and easy.
The solution is deployed on-premises.
The deployment process was very quick since it could be done using a virtual machine or the customer's network. You can do the deployment with the virtual machine by connecting to the management suite before launching the solution.
To do an assessment for all our customers, my company has over 200 users for the deployment and maintenance of the solution. There is a dedicated team in the company I currently work for to manage the solution. One technician is needed to do a vulnerability assessment.
What's my experience with pricing, setup cost, and licensing?
Yearly payments are to be made toward the licensing cost of the product. It is neither a cheap nor an expensive product.
What other advice do I have?
I recommended the solution to those planning to use it since it is a very good product. Though there are other good solutions like Qualys, Tenable is the best.
I rate the overall tool a nine out of ten.
Which deployment model are you using for this solution?
On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Cyber Security Associate at a consultancy with 10,001+ employees
Reliable with good dashboards and customizable templates
Pros and Cons
- "The initial setup is pretty straightforward."
- "They need to have more dependable and faster support."
What is our primary use case?
I primarily use the solution in order to scan assets for our clients.
What is most valuable?
It's very reliable and is a dependable solution.
The product offers multiple customizable templates. They've released new templates for template scanning. It makes everything a lot easier.
The dashboards are very helpful. They are also quite customizable.
It's stable.
The solution can scale.
The initial setup is pretty straightforward.
What needs improvement?
They need to have more dependable and faster support.
We'd like them to add more features surrounding the filtering of vulnerabilities. My understanding is that they are working on this already.
For how long have I used the solution?
I've been using the solution for almost two years.
What do I think about the stability of the solution?
The solution is stable. I'd rate it eight out nine out of ten. It is reliable. The solution doesn't crash or freeze. There are no bugs or glitches.
What do I think about the scalability of the solution?
The solution can scale well. I'd rate it eight out of ten.
We have about 13,000 to 15,000 assets.
How are customer service and support?
Support is okay. However, we've had issues with them. I've had difficulties raising cases. They need to be more responsive and need to get back to us faster.
How would you rate customer service and support?
Neutral
How was the initial setup?
The initial setup is easy. I've had no issues with the setup process.
What's my experience with pricing, setup cost, and licensing?
I'm not sure what the pricing is. I don't handle licensing.
Which other solutions did I evaluate?
Last year we evaluated it with other solutions. We were looking for a new or additional product to extend our expertise beyond Tenable. We did look into Qualys, among others.
What other advice do I have?
I'd rate the solution nine out of ten. I'm happy with its capabilities.
Which deployment model are you using for this solution?
Public Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Buyer's Guide
Download our free Tenable Vulnerability Management Report and get advice and tips from experienced pros
sharing their opinions.
Updated: November 2024
Popular Comparisons
Tenable Nessus
Tenable Security Center
Orca Security
Claroty Platform
Microsoft Defender Vulnerability Management
Rapid7 Metasploit
The NodeZero Platform
Amazon Inspector
Buyer's Guide
Download our free Tenable Vulnerability Management Report and get advice and tips from experienced pros
sharing their opinions.
Quick Links
Learn More: Questions:
- Can you recommend API for Tenable Connector into ServiceNow
- What's the difference between Tenable Nessus and Tenable.io Vulnerability Management?
- Which one to buy out of the following products: Tenable SC, Tenable.io, Tenable.ep or Tenable.ad?
- What are the differences between Tenable.sc and Tenable.io?
- How inadvisable is it to use a single vulnerability analysis tool?
- What are the benefits of continuous scanning for vulnerability management?
- When evaluating Vulnerability Management, what aspect do you think is the most important to look for?
- What is a more effective approach to cyber defense: risk-based vulnerability management or vulnerability assessment?
- What are the main KPIs that need to be implemented to have better posture in vulnerability projects?
- Which is the best vulnerability scanner tool?