Pentera Reviews

Name: Pentera
Brand: Pentera
Rating: 4.0 (8 reviews)

4.0 out of 5

8 reviews
100% willing to recommend

What is Pentera?

Pentera is the category leader for Automated Security Validation, allowing every organization to evaluate its security readiness, to know its real security risk at any given moment. Test all cybersecurity layers across the attack surface – inside and out – by safely emulating attacks & prioritize patching with a risk-based remediation roadmap.

Thousands of security professionals and service providers around the world use Pentera to guide remediation and close security gaps before they are exploited. For more info visit: pentera.io

Get the Vulnerability Management Buyer's Guide and find out what your peers are saying about Pentera, Wiz, Veracode and more!

Pentera is the #1 ranked solution in top Penetration Testing Services, #1 ranked solution in Breach and Attack Simulation vendors, and #12 ranked solution in top Vulnerability Management solutions. PeerSpot users give Pentera an average rating of 8.0 out of 10. Pentera is most commonly compared to Wiz: Pentera vs Wiz. Pentera is popular among the large enterprise segment, accounting for 60% of users researching this solution on PeerSpot. The top industry researching this solution are professionals from a computer software company, accounting for 14% of all views.

Buyer's Guide

Vulnerability Management

October 2024

Get the category report

Helped 815,854 peers since 2012

Featured reviews

Richard Marlow

Vulnerability Testing Manager at Frasers Group

We used the solution for password strength assessments, ransomware testing, and automated penetration testing The tool helped us discover that we were using an outdated network protocol, NTLM. The password strength assessments feature was valuable. The testing features are fantastic. The tool…

Read full review

Jon Medvenics

Chief Hacker at Heretek

One of the big issues we have is that the tool has an additional license for compromised credentials. Suppose compromised credentials for any of your domains appear in leaks, dumps, or are being sold. In that case, they try to aggregate that data and highlight that, for example, ten users appeared in recent dumps as compromised credentials. However, they don't provide much information about where those compromises came from or their source information, probably to protect their sources. Also, if you have credentials and want to check if they're still valid or can still be used, and you confirm they can't be used (maybe they're from a leak or a twenty-year-old database), there's no way for you to flag that these credentials aren't a problem anymore. The solution has a sort of flat report. It's annoying to go through lots of legwork only to see the same names or credentials still there, and you can't do anything about it in their portal. We've given them feedback, but I think it's probably on their long list of feature requests to address. For me, that would be a greater user configuration of the tests performed on a granular level. As I mentioned with Cymulate, they show you every line of code they will run and what tool is being used, step by step. Pentera is more closed in that regard. If Pentera released a feature that allows you to alter the attack path or change the command, that would be incredibly useful. Pentera might use one or a few different methods to do something, but if none of those work, it will just say everything is fine and secure. If Pentera could adapt or change based on what it finds in the environment, that would be very valuable. As a customer, we understand our environments better than an automated tool, so providing context to help the tool get better results would be valuable.

Read full review

Derek Maraw

Cyber Security Officer at AFC Holdings

Pentera's general dashboards could be improved and made more specific in terms of vulnerabilities that I'm discovering. Also, the solution should accommodate virtual patching. It will be a good idea not to prolong this vulnerability in our network. I've got one issue with Pentera's licensing. Pentera should allow small organizations to subscribe and use the solution. Sometimes, it gets very difficult to get 100,000 approved for a project. Pentera should provide the capacity to allow testing something quickly on a demand basis. Now that we haven't been doing red teaming and blue teaming, it would be good if the solution could give general reports that we can send or communicate to our executive. That would really make our job easy. Sometimes there's a lot of jargon around the dashboard, and if it can be general, we can easily convince our executive management.

Read full review

Pentera mindshare

Product category:

As of November 2024, the mindshare of Pentera in the Vulnerability Management category stands at 4.2%, up from 3.8% compared to the previous year, according to calculations based on PeerSpot user engagement data.

Vulnerability Management

Key learnings from peers

Last updated Oct 9, 2024

Valuable Features

Pentera offers continuous automated vulnerability assessment, focusing on remediation and preventing potential exploits. Its cloud-based Pentera Surface maps attack surfaces using OSINT. The tool excels in usability, evidence-based remediation guidance, and faster security testing. Credential and vulnerability management features stand out, along with password strength assessments and testing capabilities. Its automated assessments keep organizations proactive in cybersecurity, reducing dependency on external testing services. Pentera is essential for secure infrastructure management.

"The platform's most valuable features are credential management and vulnerability management."
"The solution is SaaS-based. From a cloud perspective, it has Pentera Surface and Pentera Core. The Core is the on-prem deployed solution, while the Surface is the cloud-hosted solution that scans your public infrastructure. From the Surface perspective, the most valuable feature so far has been the attack surface mapping."
"The tool showed us that our ransomware protection wasn’t working on some machines."

Room for Improvement

Pentera requires enhancements in licensing and affordability for smaller organizations, with more flexibility in subscription options. Improved support is essential for graphics cards and better reporting for executive communication. The dashboards need refinement, becoming more specific in identifying vulnerabilities and reducing jargon. Scalability and virtualization compatibility need attention. Clarifications on compromised credentials would benefit users. Automated testing features and user configuration also demand upgrades. Centralized monitoring for multiple branches is another area needing attention.

"One area for product improvement could be the inclusion of a dashboard to cover multiple branches and subsidiaries, allowing for centralized monitoring."
"One of the big issues we have is that the tool has an additional license for compromised credentials. Suppose compromised credentials for any of your domains appear in leaks, dumps, or are being sold. In that case, they try to aggregate that data and highlight that, for example, ten users appeared in recent dumps as compromised credentials. However, they don't provide much information about where those compromises came from or their source information, probably to protect their sources."
"The automated penetration testing features must be improved."

Pricing

Pentera users indicate a range of experiences with pricing. Some view the yearly licensing cost as relatively cheap and worth the investment, especially given its ability to assess ransomware protection. Others find Pentera expensive and suggest it could be more cost-effective. Several users consider the cost reasonable, despite one rating it moderately low. The varying perspectives highlight differing valuations of Pentera's pricing in relation to its security capabilities.

"The product's cost is reasonable. I rate the pricing a three out of ten."
"The tool is relatively cheap."
"It's not that expensive, but it could be more cost-effective."

Popular Use Cases

Organizations primarily use Pentera to automate penetration testing across 200-300 IPs, aiding in compliance by addressing findings. It assists in vulnerability management through test simulations and automation, covering areas like VMware and ransomware scanning. Teams utilize it both for customer needs and internal purposes to enhance security measures, focusing on validating security environments, assessing password strength, and identifying network vulnerabilities to ensure they are addressed effectively. Financial institutions apply it for vulnerability programs and regular testing automation.

Service and Support

Pentera's support team is helpful, providing quick recommendations and guidance. Users note their prompt response times, although some documentation appears outdated with gaps. Experiences vary depending on the support person's expertise. Technical assistance is rated highly, around eight out of ten. Despite good general performance, code update requests may experience delays. Some users manage customer support independently, indicating a diverse approach to assistance needs.

Deployment

Pentera's initial setup is described as easy and straightforward. Users appreciate the integration process and find it requires basic networking knowledge. Some highlight the advantage of its cloud-based components, while others note that familiarity with similar tools like Qualys or Nessus helps. The setup involves a distributed architecture and needs several people for deployment. Permissions and network access might be necessary. Experience with custom Linux installations aids the process, and users rate the setup highly.

Scalability

Pentera demonstrates impressive scalability, consistently earning high ratings. Users highlight its capacity to be managed by a small team, mentioning its effectiveness even with non-technical operators. Despite encountering a few challenges with specific tasks when adding many users, Pentera consistently achieves strong scalability results across different organizational sizes. The importance of meeting minimum requirements is noted, with scalability performing well in various environments, supported by appropriate technical resources.

Stability

Pentera is praised for its strong stability, receiving high ratings of nine to ten out of ten from many sources. It operates without affecting other services within a network. Some reported occasional issues during setup, but these were resolved quickly. Users experienced a few initial bugs, yet they attribute these to non-Pentera factors. Despite minor problems, many rate Pentera’s stability as excellent.

These insights are based on the in-depth reviews provided by peers to help you make a better buying decision.

Download our Vulnerability Management Buyer's Guide for additional reliable information.