Try our new research platform with insights from 80,000+ expert users
Cyber Security Associate at a consultancy with 10,001+ employees
Real User
Reliable with good dashboards and customizable templates
Pros and Cons
  • "The initial setup is pretty straightforward."
  • "They need to have more dependable and faster support."

What is our primary use case?

I primarily use the solution in order to scan assets for our clients. 

What is most valuable?

It's very reliable and is a dependable solution. 

The product offers multiple customizable templates. They've released new templates for template scanning. It makes everything a lot easier.

The dashboards are very helpful. They are also quite customizable. 

It's stable.

The solution can scale.

The initial setup is pretty straightforward. 

What needs improvement?

They need to have more dependable and faster support.

We'd like them to add more features surrounding the filtering of vulnerabilities. My understanding is that they are working on this already.

For how long have I used the solution?

I've been using the solution for almost two years. 

Buyer's Guide
Tenable Vulnerability Management
March 2025
Learn what your peers think about Tenable Vulnerability Management. Get advice and tips from experienced pros sharing their opinions. Updated: March 2025.
842,672 professionals have used our research since 2012.

What do I think about the stability of the solution?

The solution is stable. I'd rate it eight out nine out of ten. It is reliable. The solution doesn't crash or freeze. There are no bugs or glitches. 

What do I think about the scalability of the solution?

The solution can scale well. I'd rate it eight out of ten. 

We have about 13,000 to 15,000 assets. 

How are customer service and support?

Support is okay. However, we've had issues with them. I've had difficulties raising cases.  They need to be more responsive and need to get back to us faster. 

How would you rate customer service and support?

Neutral

How was the initial setup?

The initial setup is easy. I've had no issues with the setup process. 

What's my experience with pricing, setup cost, and licensing?

I'm not sure what the pricing is. I don't handle licensing.

Which other solutions did I evaluate?

Last year we evaluated it with other solutions. We were looking for a new or additional product to extend our expertise beyond Tenable. We did look into Qualys, among others. 

What other advice do I have?

I'd rate the solution nine out of ten. I'm happy with its capabilities. 

Which deployment model are you using for this solution?

Public Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
ZafarUddin - PeerSpot reviewer
Technical Lead Information Security at Australian OpCo Pty Ltd.
Real User
Easy to deploy, simple to maintain, and very user-friendly
Pros and Cons
  • "The interface is fine."
  • "The solution is a bit slow."

What is our primary use case?

Before, they did not have an agent-based solution. Last year, they developed one. For example, before, when users were roaming or working from home, we wouldn't be able to scan previously. Now, we can cover anyone, even off-site. 

What is most valuable?

The most valuable feature is the configuration audit. 

The interface is fine. 

We haven't had issues with support.

The solution is easy to deploy and maintain. 

The solution can scale well.

The entire product is very easy to use. 

What needs improvement?

The solution is a bit slow. It should be faster. They could improve the performance. 

For how long have I used the solution?

We primarily use the solution for vulnerability management and confidential information detection, for example, credit card information. We also use it for configuration management. 

What do I think about the scalability of the solution?

The scalability is great. I'd rate it nine out of ten. A company can expand it if they would like to. 

How are customer service and support?

Technical support is okay. The issue is they don't have a team based in India. Sometimes, it's hard to get support on time. However, they are pretty helpful. 

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

We are also using Tenable.sc, version 6.0.

How was the initial setup?

The initial setup is pretty straightforward. I'd rate the process eight out of ten overall. It is not overly complex. 

We can implement the solution in one week in one region. 

In terms of maintenance, we only really need one person. That's enough.

What's my experience with pricing, setup cost, and licensing?

I do not manage the licensing or pricing. My team handles this aspect.

Which other solutions did I evaluate?

We did test multiple other solutions.

What other advice do I have?

I'm an end-user.

This is an agent-based solution. There isn't a specific version we use.

The solution is very user-friendly if you compare it to other tools. I'd rate it eight out of ten. 

Which deployment model are you using for this solution?

Hybrid Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Buyer's Guide
Tenable Vulnerability Management
March 2025
Learn what your peers think about Tenable Vulnerability Management. Get advice and tips from experienced pros sharing their opinions. Updated: March 2025.
842,672 professionals have used our research since 2012.
Prajot Nair - PeerSpot reviewer
Senior Manager -Cloud Security at Capgemini
Real User
Full-service solution that gives a good ROI
Pros and Cons
  • "The initial setup is straightforward so long as your infrastructure, components, and networks are in place."
  • "Tenable.io Vulnerability Management could be improved with an increased number of dashboards and MSSP integration."

What is our primary use case?

Tenable.io Vulnerability Management is used as a unified platform for vulnerability management.

What needs improvement?

Tenable.io Vulnerability Management could be improved with an increased number of dashboards and MSSP integration.

For how long have I used the solution?

I've been working with Tenable.io Vulnerability Management for five years.

What do I think about the stability of the solution?

Tenable.io Vulnerability Management is stable.

What do I think about the scalability of the solution?

Tenable.io Vulnerability Management is scalable.

How are customer service and support?

Tenable doesn't provide support beyond documentation.

How would you rate customer service and support?

Neutral

How was the initial setup?

The initial setup is straightforward so long as your infrastructure, components, and networks are in place. There are also a few teaching issues post-migration, like integration with third parties and SEO integrations.

What was our ROI?

Tenable.io Vulnerability Management gives a good ROI in the long run, though it would be better with a pay-as-you-go model.

What's my experience with pricing, setup cost, and licensing?

Tenable.io Vulnerability Management's pricing solution model isn't great. Providing a pay-as-you-go option would be an improvement.

What other advice do I have?

Tenable is a full-service product, but it still has a lot of improvements to make, so I'd recommend exploring other products before implementing it. I would give Tenable.io Vulnerability Management a rating of nine out of ten.

Which deployment model are you using for this solution?

Private Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Intake Specialist at Maxtec
Reseller
A powerful product that provides visibility across the entire tech surface and helps you to focus on the vulnerabilities that pose immediate risks
Pros and Cons
  • "Tenable.io, in particular, is quite a powerful product. It looks at your traditional environment, which is pretty much anything that is on-premises, and it also goes a step ahead and covers your modern assets, which is anything that is currently sitting in the cloud. You get complete visibility of your entire environment and tech operation. The ability to give you visibility across the entire tech surface is one of the biggest advantages that Tenable.io has."
  • "They've been able to think about everything in terms of where the world is going and the type of assets that you've got. They've everything sorted out in that aspect, but you have to pay for most of the other components that they've got to give you complete visibility across your tech surface. If it already had those capabilities in-built, without having to add them on to take advantage of them, it would be a very compelling value proposition."

What is our primary use case?

I work for a company called Maxtec, and we are a distributor. One of the solutions that we used to distribute, not anymore, is Tenable. I've worked as the product manager for Tenable, and it is one of the products on which I've worked quite extensively. We stopped its distribution last year, and I stopped working with it at the beginning of 2022. We were using its latest version.

How has it helped my organization?

One of the biggest cutting-edge technologies that they were able to introduce is predictive prioritization. It has helped a lot of IT teams enormously that were heavily under the weight of vulnerabilities that they needed to remediate. Just in 2019, over 19,000 vulnerabilities were discovered, and about 10,000 of those vulnerabilities were rated between high and critical. The way predictive prioritization works is that it adds a lot of context and granularity, and it helps you understand which vulnerabilities actually pose an immediate risk to your environment. It eliminates the pressure that the IT teams were under in terms of remediation because now, they don't have to focus on 10,000 vulnerabilities. They can only focus on 3% of vulnerabilities that pose an immediate risk to their environment. That, for me, has been a cutting-edge technology and a game-changer in helping a lot of IT teams in focusing more on the risk that they need to address, at least within the next 30 days.

What is most valuable?

Tenable.io, in particular, is quite a powerful product. It looks at your traditional environment, which is pretty much anything that is on-premises, and it also goes a step ahead and covers your modern assets, which is anything that is currently sitting in the cloud. You get complete visibility of your entire environment and tech operation. The ability to give you visibility across the entire tech surface is one of the biggest advantages that Tenable.io has.

The use of agents comes in very handy when a lot of the workforce is working from home, such as during COVID-19. Some of the traditional tools would not be able to monitor any of those devices that people would be working with, such as laptops, because they are remote. You can only audit their machines if they are on the business premises, but with Tenable.io agents, you can maintain that level of continuous monitoring, even if they are not on-premises at the time of the scan. The agents run the scans locally on the machine.

Tenable.io is a cloud-managed solution, but the scanners are sitting on-premises. They've also got some public cloud scanners that are sitting all over the world. They've got something called frictionless assessments, which is quite an interesting approach for vulnerability scanning of anything that is sitting in your AWS. You don't have to deploy the scanners. They've got sensors in there that are able to give you continuous monitoring without deploying scanners, doing any configurations, or inputting any credentials.

What needs improvement?

They've been able to think about everything in terms of where the world is going and the type of assets that you've got. They've everything sorted out in that aspect, but you have to pay for most of the other components that they've got to give you complete visibility across your tech surface. If it already had those capabilities in-built, without having to add them on to take advantage of them, it would be a very compelling value proposition.

Their support needs to be improved in terms of turnaround time.

What do I think about the stability of the solution?

It is stable.

What do I think about the scalability of the solution?

It is a cloud solution. Therefore, it is highly scalable. There is no limit to how many assets and devices you can handle.

In terms of verticals, in the public sector, we've seen a huge uptake. That could be because of compliance reasons. We've also seen it being used quite extensively within the banking and financial verticals. Those are the biggest users of the product. There has also been an uptake in other verticals but just not as big or as vast as the public sector and the finance and banking sector.

How are customer service and support?

One area that they could improve is technical support. Oftentimes, it's not as good as it should be. The turnaround time could be improved quite significantly.

How was the initial setup?

It is pretty easy and straightforward. For the cloud, you don't have to do anything on the management console. That is already set up for you. The only thing that you need to configure is your scanners that are sitting on-premise. For that, you just need a linking key that you obtain from Tenable.io so that there is directional communication between the cloud, your cloud instance, and various scanners that are sitting on-premises. It would be the same process if you want to install an agent, for example, on a machine. It would apply the same way. The only difference is that instead of choosing a scanner, you'd choose an agent.

What other advice do I have?

For future users of Tenable.io, I would recommend using a layered approach. Tenable.io has an open API. So, it can be integrated with SIEM solutions. You can look at integrating it with privileged access management or any SIEM solution so that you've got all the data being pumped into a centralized location, and you are able to read the data alongside other security events coming from the SIEM and privileged access management solutions. 

Companies that are currently using Tenable.io can definitely start looking at integrating some of their security solutions for a much more robust security approach.

I would rate it a solid eight out of ten.

Which deployment model are you using for this solution?

Public Cloud
Disclosure: My company has a business relationship with this vendor other than being a customer: Reseller
PeerSpot user
Senior Information Security Engineer at a consultancy with 5,001-10,000 employees
Consultant
An easy-to-use solution with smooth configuration and broad scalability
Pros and Cons
  • "The solution is easy to use and configuration is smooth with no complexities."
  • "The solution creates vulnerability tickets within the VM profile but should also include them under the Remediation tab so the fixes can be viewed in the ticketing queue."

    What is our primary use case?

    Our company has 25 technicians who use the solution to scan firewalls and produce scheduled compliance reports for various environments.

    What is most valuable?

    The solution is easy to use and configuration is smooth with no complexities.

    The solution is one of the best tools in the market for vulnerability management and remediation. It functions exactly as we desire.

    What needs improvement?

    The solution creates vulnerability tickets within the VM profile but should also include them under the Remediation tab so the fixes can be viewed in the ticketing queue. 

    Qualys is a competitor product and handles vulnerability tickets in this comprehensive manner. 

    For how long have I used the solution?

    I have been using the solution for two years. 

    What do I think about the stability of the solution?

    The solution is stable and I have only experienced hangs a few times. 

    What do I think about the scalability of the solution?

    The solution is accessible from the private cloud so it is scalable to any needs. 

    How are customer service and support?

    Technical support requires constant follow up and that is an issue. Once they are made aware of an issue, it takes time for them to find a resolution. I currently have three cases and have been waiting so long for updates that I have asked for escalation.

    Support provided by Qualys is better because they work with you right away to resolve issues. 

    I rate support a two out of ten. 

    How would you rate customer service and support?

    Negative

    How was the initial setup?

    The initial setup is straightforward and not hard to understand if you have worked with other solutions. 

    We experienced an authentication issue when the NetApp scanner was trying to log in to the system and firewall, but we modified the setting and the issue was resolved. 

    What about the implementation team?

    We deployed the solution ourselves and the complexity depends on each environment. 

    For example, our company has AWS, Azure, and on-premise data center environments. Our infrastructure team builds a list of assets and then our technicians deploy the solution to conduct scans. 

    What's my experience with pricing, setup cost, and licensing?

    The annual license is a bit costly but the solution is worth it. 

    Which other solutions did I evaluate?

    We also use Qualys and like how it handles vulnerability tickets. 

    We moved to the solution because Qualys does not support Cisco Secure Firewalls and that is a requirement in our environment. 

    What other advice do I have?

    While Qualys offers dual locations for vulnerability tickets, it is not difficult to use API calls to integrate the solution with ServiceNow for assigning mitigation. 

    Many companies use third-party tools like Jira to integrate things so it is not unusual. I do believe Tenable is working on an internal solution that will be available in the future.  

    I rate the solution an eight out of ten. 

    Which deployment model are you using for this solution?

    Private Cloud

    If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

    Other
    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    PeerSpot user
    Director at Inspyretek Solutions
    Reseller
    Top 20
    Assesses vulnerabilities and finds anomalies and has an easy-to-use interface
    Pros and Cons
    • "The tool has an easy-to-use interface."
    • "The product is a bit expensive."

    What is our primary use case?

    The solution is used for the vulnerability assessment of the network infrastructure.

    What is most valuable?

    The solution finds vulnerabilities, anomalies, and threats. Tenable has basic and ad hoc scanning features. The tool schedules scans for continuous monitoring. The main advantage of the solution is that it assesses the vulnerabilities and provides a CVE score. Reporting is very easy. The management dashboard is very easy. The tool has an easy-to-use interface. It is easy to implement the product.

    What needs improvement?

    The product is a bit expensive.

    For how long have I used the solution?

    I have been using the solution for 7 years.

    What do I think about the stability of the solution?

    The solution is stable.

    What do I think about the scalability of the solution?

    The solution is scalable up to a certain point. I rate the scalability a seven to eight out of ten. Our customers are medium to large businesses.

    How are customer service and support?

    The support is very good.

    How would you rate customer service and support?

    Positive

    How was the initial setup?

    The configuration is easy. My engineers can work on it seamlessly. The deployment of the basic solution does not take more than four to eight hours. We need one or two persons to deploy and maintain the product. There are no other challenges if we have the network and can access the IPs.

    What was our ROI?

    The product impacts our client's operational cost related to vulnerability management in a good way. It automates a few things and saves the engineers' costs.

    What's my experience with pricing, setup cost, and licensing?

    I rate the pricing a seven out of ten.

    What other advice do I have?

    We are resellers. The solution is easy to implement. It has an easy-to-use interface, enabling organizations to go faster to market. Overall, I rate the product a nine out of ten.

    Disclosure: My company has a business relationship with this vendor other than being a customer: Reseller
    PeerSpot user
    Real User
    Top 5Leaderboard
    Useful for penetration testing but reporting functionality needs improvement
    Pros and Cons
    • "It's a recommended tool for penetration testers because it's effective for that purpose."
    • "The tool's reports are bad. They're not very customizable or flexible. During audits, we often have to exclude things that aren't relevant to our organization, but we can't do that easily with the reports. They come in HTML or PDF format, and we can't compare current results with previous ones in Excel because we never receive reports in Excel."

    What needs improvement?

    The tool's reports are bad. They're not very customizable or flexible. During audits, we often have to exclude things that aren't relevant to our organization, but we can't do that easily with the reports. They come in HTML or PDF format, and we can't compare current results with previous ones in Excel because we never receive reports in Excel.

    For how long have I used the solution?

    I have been using the product for a year, and my organization has been using it for six to seven years. 

    What do I think about the stability of the solution?

    Tenable Vulnerability Management is stable. 

    What do I think about the scalability of the solution?

    I rate the tool's scalability a seven out of ten. 

    How are customer service and support?

    The solution's support is okay, but it could be more customer-friendly. The people providing support have knowledge, but they could improve customer interaction.

    How was the initial setup?

    The tool's deployment can be challenging, especially for those unfamiliar with Kali Linux, as it operates on this platform. This might make the setup process difficult for users accustomed to other operating systems like Windows. It may take a couple of tries to get comfortable with the process. However, once you have set it up a few times, it becomes easier.

    What other advice do I have?

    Sometimes, we use the tool for tasks like configuration and running scans. However, it's a bit difficult to use compared to Qualys. One issue we've noticed is that it takes up a lot of space, which customers often complain about. They promised more system coverage and updates, but it isn't happening.

    I rate Tenable Vulnerability Management a seven out of ten. It might be challenging if you're used to working on Windows. However, it's a recommended tool for penetration testers because it's effective for that purpose.

    We use it for audit and PT. 

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    PeerSpot user
    Faisal Mian - PeerSpot reviewer
    CTO at ABM Info. tech
    Real User
    Top 5Leaderboard
    An easy-to-manage solution to gain visibility into all IPs
    Pros and Cons
    • "It is easy to manage. Most of the information the tool provided helped to further investigate the vulnerability and its impact."
    • "The solution’s pricing could be improved."

    What is our primary use case?

    The product operates on a license-based model, where you purchase a license based on the number of IP addresses you intend to scan. For example, if you purchase a license for 50 IP addresses and your network has 200 users, it will only scan for those 50 IPs. You can gain visibility into all IPs within your environment, including subnets with a full license. Also, you can geographically segment your scanning targets based on the number of IPs allocated for each location.

    How has it helped my organization?

    The product is very friendly. It is easy to manage. Most of the information the tool provided was correct and helped to further investigate the vulnerability and its impact.

    What is most valuable?

    The most important feature is network scanning.

    What needs improvement?

    The solution’s pricing could be improved.

    For how long have I used the solution?

    I have been using Tenable Vulnerability Management for one year.

    What do I think about the stability of the solution?

    I rate the solution’s stability an eight out of ten.

    What do I think about the scalability of the solution?

    The solution is very scalable. It allows you to adjust according to your needs. You can add more features if you wish to purchase additional tools.

    How was the initial setup?

    The initial setup is very easy. To deploy, run the setup command, and then it can deploy on your Linux and Windows platforms. I did it by myself.

    What's my experience with pricing, setup cost, and licensing?

    The product is expensive but manageable.

    What other advice do I have?

    I recommend the solution. Although, it varies from person to person experience. Rapid7 users can use free tools. I'm very satisfied with the product.

    Overall, I rate the solution an eight out of ten.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    PeerSpot user
    Buyer's Guide
    Download our free Tenable Vulnerability Management Report and get advice and tips from experienced pros sharing their opinions.
    Updated: March 2025
    Buyer's Guide
    Download our free Tenable Vulnerability Management Report and get advice and tips from experienced pros sharing their opinions.