Tenable Vulnerability Management Reviews

We use the tool to find loopholes in the system.

The product fulfills our needs. It gives reports and finds vulnerabilities in our system. The product is easy to use. It is easy to integrate the tool with other products.

The solution must be promoted more in the market. It will make the customers more aware of the product.

My organization has been using the solution for a month.

The tool is stable.

Around 20 people use the product in our organization. We have one to three administrators. We are most likely to increase the usage of the product in the future.

It was easy to deploy the solution.

The tool is reasonably priced. There are no additional costs associated with the product.

I have known the product for some time. So, I implemented it. Overall, I rate the solution an eight out of ten.

We use the software to manage vulnerabilities in our environment.

The product’s most valuable feature is remediation. It shows a list of vulnerabilities per server once you scan on cloud or on-premise instances. It helps us create remediation projects and assign the console’s responsibility to specific engineers. We can set up a follow-up date depending on the organization's requirements.

The product could be easier to set up on the cloud.

We have been using Tenable Vulnerability Management for three years.

I rate the platform's stability an eight out of ten. Once, a few of our subsidiaries complained that channel usage in the environment was consuming bandwidth.

We have five admins using Tenable Vulnerability Management in our organization. I rate the product’s scalability a seven out of ten. It has many features, and it is complicated to train someone on how to use Tenable. You have to schedule a session every day for almost two weeks for it.

It was challenging to contact the technical support team earlier. However, we have found the right contact and can reach out to them easily.'

I have used open-source applications before.

The product is complicated to set up on AWS. However, it is easy to implement on-premises. It involves discovering IP addresses and schedule scanning. It requires acquiring some knowledge about the process to familiarize yourself with the AWS environment. We have to complete the setup for the whole environment. The deployment for a vast environment involves migrating a lot of data from on-premise to the cloud.

We execute the implementation for most of the tools in-house. We take help from third-party vendors for the rest of it.

I rate Tenable Vulnerability Management a nine out of ten. I advise you to choose Tenable.iO as it is a cloud-based solution.

The solution scans vulnerabilities in assets like workstations, network devices, desktops, or laptops. The product indicates vulnerabilities based on severity levels. There are high, critical, medium, low, and informational levels of severity.

The product can scan assets and web applications. It provides remediation for each vulnerability it scans. We get to know the actions we have to take to remediate the vulnerabilities. The solution is very simple to use. It also has cloud scanners. We can integrate Tenable and Nessus Scanner. It is easier to use.

The solution must provide penetration testing.

I have been using the solution since 2022.

The tool is very stable.

The tool is scalable.

We don't have many issues.

Positive

The initial setup is very easy.

The tool is easy to use and deploy. It's easy for customers to go through the documentation, see how it works, and scan their assets. Everything is straightforward, including the creation of users and enabling 2FA. Overall, I rate the tool a nine out of ten.

The solution is quite friendly. 

Users get confused between VPR and CVSS ratings. 

I would rate the tool's stability an eight out of ten. 

I would rate the solution's scalability an eight out of ten. We have around 1000 users for the product. We plan to increase the tool's usage in the future. 

I have used Nessus before Tenable. We switched to Tenable since it covered the problem for us. 

The product's setup is very easy and the deployment took six months to complete. 

We relied on a third-party vendor to complete the tool's deployment. 

The tool is easy to use and user-friendly and I would rate it an eight out of ten. 

We primarily use the solution for vulnerability scanning.

The vulnerability scanning is the most important aspect of the solution for us.

The initial setup is easy. It's pretty straightforward.

The stability is very good. We have appreciated the performance it offers.

Technical support is responsive. They help if you have issues.

The pricing of the solution could be more reasonable.

We've been working with the solution for many years. We have clients that have been using this solution for the last year.

The stability has been very good overall. It's reliable. There aren't bugs or glitches. It doesn't crash or freeze. It's good.

The solution is very highly scalable, and I don't have any complaints about that. If a company needs to expand it, it can do so fairly easily.

We typically deal with medium to large-sized organizations. Typically, there are thousands of users.

Technical support is okay. We don't have any complaints about their level of service. They are knowledgeable and responsive and we are able to get the information that we need when we need it.

The initial setup is not complex. It's pretty straightforward. A company that wants to implement it themselves shouldn't have any issues.

We sold Tenable.io Vulnerability Management, and the implementation has always gone smoothly. It's pretty seamless overall.

The entire deployment process takes anywhere from a week to ten days. It's not too long.

You only need two to three people to handle the implementation process.

The pricing is a bit high. It could be better.

It is my understanding that our clients did not evaluate other options before this product was suggested to them last year.

The two main competitors on the market are likely Qualys and Rapid7. I'm not familiar with the key differences of each solution, however.

We are a reseller. We work with a lot of different Tenable.io products.

My only recommendation to other companies would be to put up a plan and follow the plan, point by point. Keep tracking of the result and make adjustments, if necessary. It's important to go in with a bit of a roadmap to follow. It will help ensure results.

In general, I would rate the solution at an eight out of ten. We've been pretty happy with the solution overall.

I work for a company called Maxtec, and we are a distributor. One of the solutions that we used to distribute, not anymore, is Tenable. I've worked as the product manager for Tenable, and it is one of the products on which I've worked quite extensively. We stopped its distribution last year, and I stopped working with it at the beginning of 2022. We were using its latest version.

One of the biggest cutting-edge technologies that they were able to introduce is predictive prioritization. It has helped a lot of IT teams enormously that were heavily under the weight of vulnerabilities that they needed to remediate. Just in 2019, over 19,000 vulnerabilities were discovered, and about 10,000 of those vulnerabilities were rated between high and critical. The way predictive prioritization works is that it adds a lot of context and granularity, and it helps you understand which vulnerabilities actually pose an immediate risk to your environment. It eliminates the pressure that the IT teams were under in terms of remediation because now, they don't have to focus on 10,000 vulnerabilities. They can only focus on 3% of vulnerabilities that pose an immediate risk to their environment. That, for me, has been a cutting-edge technology and a game-changer in helping a lot of IT teams in focusing more on the risk that they need to address, at least within the next 30 days.

Tenable.io, in particular, is quite a powerful product. It looks at your traditional environment, which is pretty much anything that is on-premises, and it also goes a step ahead and covers your modern assets, which is anything that is currently sitting in the cloud. You get complete visibility of your entire environment and tech operation. The ability to give you visibility across the entire tech surface is one of the biggest advantages that Tenable.io has.

The use of agents comes in very handy when a lot of the workforce is working from home, such as during COVID-19. Some of the traditional tools would not be able to monitor any of those devices that people would be working with, such as laptops, because they are remote. You can only audit their machines if they are on the business premises, but with Tenable.io agents, you can maintain that level of continuous monitoring, even if they are not on-premises at the time of the scan. The agents run the scans locally on the machine.

Tenable.io is a cloud-managed solution, but the scanners are sitting on-premises. They've also got some public cloud scanners that are sitting all over the world. They've got something called frictionless assessments, which is quite an interesting approach for vulnerability scanning of anything that is sitting in your AWS. You don't have to deploy the scanners. They've got sensors in there that are able to give you continuous monitoring without deploying scanners, doing any configurations, or inputting any credentials.

They've been able to think about everything in terms of where the world is going and the type of assets that you've got. They've everything sorted out in that aspect, but you have to pay for most of the other components that they've got to give you complete visibility across your tech surface. If it already had those capabilities in-built, without having to add them on to take advantage of them, it would be a very compelling value proposition.

Their support needs to be improved in terms of turnaround time.

It is stable.

It is a cloud solution. Therefore, it is highly scalable. There is no limit to how many assets and devices you can handle.

In terms of verticals, in the public sector, we've seen a huge uptake. That could be because of compliance reasons. We've also seen it being used quite extensively within the banking and financial verticals. Those are the biggest users of the product. There has also been an uptake in other verticals but just not as big or as vast as the public sector and the finance and banking sector.

One area that they could improve is technical support. Oftentimes, it's not as good as it should be. The turnaround time could be improved quite significantly.

It is pretty easy and straightforward. For the cloud, you don't have to do anything on the management console. That is already set up for you. The only thing that you need to configure is your scanners that are sitting on-premise. For that, you just need a linking key that you obtain from Tenable.io so that there is directional communication between the cloud, your cloud instance, and various scanners that are sitting on-premises. It would be the same process if you want to install an agent, for example, on a machine. It would apply the same way. The only difference is that instead of choosing a scanner, you'd choose an agent.

For future users of Tenable.io, I would recommend using a layered approach. Tenable.io has an open API. So, it can be integrated with SIEM solutions. You can look at integrating it with privileged access management or any SIEM solution so that you've got all the data being pumped into a centralized location, and you are able to read the data alongside other security events coming from the SIEM and privileged access management solutions. 

Companies that are currently using Tenable.io can definitely start looking at integrating some of their security solutions for a much more robust security approach.

I would rate it a solid eight out of ten.

We use Tenable.io for vulnerability scanning.

I like the Cloud Scanning feature the most.

They can improve in the area of role management and compliance reporting.

They should include better customization of the dashboard and integration tools.

We have been partners with Tenable.io for four years.

It is pretty stable. I would rate it nine or maybe ten out of ten. I didn't realize that the solution will be dropped in availability.

It is a scalable solution. I would like to rate it a six out of ten.

Many times, I get some answers that are not suitable information for my query. Thus, I need to escalate our vendors and our contacts internally. When some task is escalated and some security engineer supports them, it becomes quite helpful. After all, we are a part of it. I am working with Tenable.io. So in general when I have some problems, it is a pretty big problem for me. And I need someone else for support. It is not a general problem that some customers can figure out.

Neutral

Two years ago, I was training for Rapid7. Since then, I have had no time to implement another solution. So we are just implementing Tenable.io right now. Also, we have some big Tenable.io projects. So, we are just working around Tenable.io. But I have some expectations to work in the future with another vendor for vulnerability management.

I don't have any comparative options from another vendor. I just work at the retail level. I know it has a pretty high cost for some features. It's a security vendor, and the security solutions are pretty high-priced. I think Tenable.io is available at the mid-range of prices, maybe the mid-high range.

I work with Tenable.io and implement this solution for many customers. I would rate it eight out of ten.

The solution needs either two engineers or one security specialist to maintain it.

We use the Tenable Vulnerability Management solution for internal web applications, asset management, and remediation. It helps us transfer and leverage the remediation of websites, effectively addressing vulnerabilities.

We need to deploy this on internal assets. It resides within the internal infrastructure and communication.

It encompasses everything at some point. From development to deployment, it receives the necessary attention. 

The solution provides seamlessness, a perfect UI, and identity management for office operations. We are most vulnerable to users. Therefore, it is crucial to implement the right solution to ensure proper user access and resource management.

I have been using Tenable Vulnerability Management for 4 years.

200 users are using this solution.

We have used Qualys. It is tricky and expensive.

The initial setup is seamless and takes three days to complete. Two people are required for the deployment but one person can do as well.

This process is seamless because checks are scheduled at different intervals, typically every ten minutes. Once a log is generated, we attend to it immediately. Also, the maintenance is straightforward.

Overall, I rate the solution an eight out of ten.