Tenable Security Center Reviews

The primary use case for Tenable Security Center among my clients is risk-based vulnerability management. It involves not just a one-time scan but a continuous workflow that integrates with management and auditing processes.

The most valuable features of Tenable Security Center for my clients are Vulnerability Priority Rating (VPR) and Asset Criticality Scoring. The tool also excels in data correlation and reporting, providing crucial insights into security performance, and aiding in measuring service level agreements (SLA).

I use Tenable Security Center mainly to detect vulnerabilities. One of its core functions is its capability for asset discovery, which aids in improving our security posture.

The most effective feature of Tenable Security Center for detecting vulnerabilities is its capability for critical mapping. 

Additionally, the asset discovery feature significantly aids in enhancing the security posture.

In my previous job, Tenable Security Center was used for a financial institution covering approximately eight thousand assets including servers, computers, network devices, and web applications. The scope was to scan every device within the IT environment. It is a robust solution with numerous plugins that streamline the scanning process, providing powerful results.

Tenable Security Center provides an overall score of vulnerabilities, comparing an organization with others in the same industry. For example, it allows financial institutions to compare their vulnerability management to others in the same sector. This provides a comprehensive view of the organization's vulnerability status.

The primary use cases are vulnerability management and dashboard creation. I utilize it to exhibit the current security posture to higher management, prioritize which paths to fix first, and identify vulnerabilities. Additionally, I escalate issues to management based on their criticality and business rating.

Tenable Security Center has significantly contributed to cost savings by identifying numerous bugs and security issues. It assists in safeguarding customer data, which is crucial to avoid fines imposed by local governing authorities.

We use Tenable Security Center for vulnerability assessment purposes within our security infrastructure. The solution helps identify management-related issues and automatically forwards the ticket to our stakeholders, as well as an auto-alert mechanism. Additionally, we have integrated it with our SI solution.

The primary use case involves automated scheduled scans. We have established an asset inventory, and there is a scheduled quarterly automated scan. This process sends the results, thereby reducing manual tasks. The more automation we implement, the fewer errors occur, resulting in a faster and more efficient process.

We also use it for continuous network monitoring. We scan network devices such as Cisco routers, load balancers, and WAN devices. If any suspicious network activity arises, the system saves the results.

Our organization also uses Power BI. There are a lot of scripts that are already integrated to check compliance within the organization. We aim for at least 75% of the benchmark. Tenable's solution assists in representing the level of compliance achieved, whether it be 70%, 80%, 90%, or 95%. We have installed agents on various server types, and adding them to the scan does not require manual credential entry each time. The solution provides comprehensive results on the dashboard for each service by simply clicking on the play button.

The most important features are the dashboard and reporting. The dashboard provides statistics with graphs and bar charts for our management. We can be amazed at how much compliance and patch management are followed; everything can be represented in a single interface.

The solution is connected to our network. We can easily track it with the Tenable Security Center. Without the solution, it's very difficult to track whether or not a new asset is added.

The solution’s configuration is vast. There are so many configurations leading to confusion. It varies from organization to organization based on the Center and new compliance. Suppose some organizations follow the ISO Center. If your organization is a financial organization, it may follow PCS standards. If your organization is healthy enough, it may follow HIPAA standards. You can configure it according to the organization’s compliance. Hence, it's very flexible.

We use it to scan both our workstations and servers for vulnerabilities. This includes vulnerabilities related to software, operating systems, and package vulnerabilities. It helps us gain an overview of our organization's security status, which in turn guides our patching strategies and decision-making. 

We use agents for scanning and authenticated logins, but we do not utilize the scanner part that performs web scanning.

We've got better insights into our vulnerabilities and weaknesses. This has led us to a better situation where we have better control. Our ability to manage the situation has improved. 

Previously, we lacked a good overview, but now we possess detailed reports. We generate these reports internally and disseminate them to other responsible teams. Now, we have made it a part of our daily workflow and it helps us monitor vulnerabilities and related matters. It aids us in pinpointing weaknesses and facilitates more effective updates. If something slips, it becomes visible.

However, this is a significant feature, although it could potentially offer even more assistance. 

It's a management tool. We are more scalable with the Tenable.io product. They are a security vendor with more than one cloud level. Now there are multiple products in my area.

It adheres to advanced security standards. It's mostly geared towards on-premise solutions rather than cloud-based ones. Many enterprises create views solely for internal units and prefer using internal tools without relying on external ones. It is chosen for its comprehensive system-wide solution. It continuously updates its sources to maintain current solutions. Security and confidentiality are top priorities; they avoid external leaks of information. Despite the misconception that such tools are primarily for cloud environments, Tenable manages its systems internally. This makes it a highly valuable asset in the field of data centers and database security, leveraging its own data centers effectively.

The product is useful for vulnerability management. The Auto-Remediate feature is good. The tool enables centralized vulnerability management.

The product should provide risk-based vulnerability management. It is a popular feature. Large environments can have a lot of vulnerabilities. We need to prioritize them for remediation. So, risk-based vulnerability management is useful for large enterprises.