Tenable Security Center vs Tufin Orchestration Suite comparison

The compared Tenable and Tufin solutions aren't in the same category. Tenable is ranked #3 in RBVM , with an average rating of 8.6, and holds a 11.6% mindshare in the category. Tufin is ranked #2 in Firewall Security Management , with an average rating of 8.0, and holds a 22.5% mindshare. Additionally, 96% of Tenable users are willing to recommend the solution, compared to 91% of Tufin users who would recommend it.

Comparison Buyer's Guide

Download the report

Executive Summary

We performed a comparison between Tenable Security Center and Tufin Orchestration Suite based on real PeerSpot user reviews.

Find out what your peers are saying about Qualys, Tenable, Rapid7 and others in Risk-Based Vulnerability Management.

To learn more, read our detailed Risk-Based Vulnerability Management Report (Updated: July 2025).

Buyer's Guide

Risk-Based Vulnerability Management

July 2025

Download the complete report

Helped 861,803 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

Zafran Security

Mindshare comparison

Risk-Based Vulnerability Management

Firewall Security Management

Featured Reviews

Israel Cavazos Landini

Associate Director IT Security Operations at a pharma/biotech company with 10,001+ employees

Weekly insights and risk analysis facilitate informed security decisions

I appreciate the weekly insights Zafran provides, which include critical topics for networks and IT security, allowing us to evaluate which insights apply to our environment. The organization score feature is valuable to keep the leadership team updated on how our infrastructure fares security-wise. The applicable risk level versus base risk level feature is beneficial because prior to Zafran, we only used the base risk level, but now understand that risk depends on the asset itself. Zafran is an excellent tool.

Read full review

OndrejKOVAC

Solution engineer at EXPERTience

Empower clients with risk-based vulnerability management through continuous workflow and valuable insights

Tenable Security Center could improve by implementing more dynamic data displays and translating reports into European languages. This is especially relevant in Central Eastern Europe, where clients often require reports in local languages. Additionally, the licensing model could be more flexible for managed security providers, similar to a pay-as-you-go model.

Read full review

MithatBulut

Network Security Engineer at TD SYNNEX

New employees can quickly grasp the various IPs, devices, and the network's logical and physical

Tufin is primarily used to orchestrate and manage network traffic and firewall devices. It is specifically useful for implementing firewall policies and handling requests from clients that require policy updates or changes Tufin simplifies understanding network topology. New employees can quickly…

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"We are able to see the real risk of a vulnerability on our environment with our security tools."

"Zafran has become an indispensable tool in our cybersecurity arsenal."

"Zafran is an excellent tool."

"Overall, we have seen about eighty-seven percent reduction of the number of vulnerabilities that require urgency to remediate, specifically the number of criticals."

"We saw benefits from Zafran Security almost immediately after deploying it."

"The valauble feature is compliance reporting system."

"Feature-wise, Tenable Security Center is a very fast tool with many dashboards and reports, and it covers all our systems."

"The most effective feature of Tenable Security Center for detecting vulnerabilities is its capability for critical mapping."

"Tenable SC's most valuable features are the low number of false positives and the strong capability of providing prioritization for the vulnerabilities detected."

"The usability is really good. It's very easy to use and a good platform. It is scalable and very stable. The technical support is fine and the setup is super easy."

"This product has the best results in terms of the lowest number of false-positives and false-negatives."

"The tool gives us fewer false positives. Compared to its competitors, the solution’s reports are more accurate."

"One of the most valuable features is their distributed scan model for allotting engines to work together as a pool and handle multiple scans at once, across multiple environments. Automatic scanning distribution is a distinguishing feature of their toolset."

More Tenable Security Center pros

"A customer is able to submit a request for access and Tufin will automatically analyze the system to find out where the rule needs to go, and then design the rule for you."

"The most valuable feature of this solution is that it reduces both the time required and the number of errors when making changes."

"The initial setup was straightforward."

"We built the policy comparison reporting into our processes that before we push any change to production, an engineer will stage actual date rule changes and policy changes. Another engineer will go in and do a comparison report of the last push policy to the last save, making sure what has been changed is what is expected to. From an operational excellence, it's huge for us. We have huge policies. All it takes is one accidental right click, delete, or backspace button, which could impact our business. So, this is something that we use almost day in and day out."

"It allows administrators to visualize the traffic flow, and troubleshoot when necessary."

"It is an important application for controlling and monitoring firewall rules. It is useful for making and monitoring the changes."

"I like the policy topology map, which allows us to visualize the picture of the security policy of the whole organization."

"The most valuable feature is that it extends security entries in the firewall policies."

More Tufin Orchestration Suite pros

Cons

"Initially, we were somewhat concerned about the scalability of Zafran due to our large asset count and the substantial amount of information we needed to process."

"I think the ability to have some enhanced reporting capabilities is something they can improve on, as they have good reports but we have asked for some specific reporting enhancements."

"The dashboarding and reporting functionality of Zafran Security is an area that definitely could use some improvements."

"The biggest issue I have with the solution is when I'm using the scanning it picks up the original DNS of that device. That means, before we image it and actually change the DNS to something within our company structure, it'll just be random numbers and letters and Tenable will stick to that DNS for a long time."

"Current web page needs improvement, slows down processes."

"Its reporting can be improved. It is not easy to generate a scan report the way we want. The data is okay, but we can't easily change the template to make it look the way we want."

"We are facing some challenges related to our channel."

"Additional costs are associated with using the solution, as additional scanners are required for different endpoints connected to the Tenable Security Center. If Tenable Security Center could extract information from these scanners automatically rather than manually, it would enhance user-friendliness for customers."

"The integration is very good, although it still needs to improve."

"The user interface can be improved."

"It's good at creating information, it's good creating dashboards, it's good at creating reports, but if you want to take that reporting metadata and put it into another tool, that is a little bit lacking."

More Tenable Security Center cons

"Its price is reasonable, but it could be lower. It could have a more effective approach for creating and changing rules. It could provide advice or suggestions for a better understanding of rules and changing the rules. There should be suggestions for the rules that need to be changed to make them less risky."

"Currently, we are able to monitor access rules and the operating system of a firewall. It would be great if we can also monitor the configuration of the firewall through Tufin."

"They are sort of at the pilot stage on some of their products. I saw the Orca and Iris products yesterday. My initial impression of these products were that they were good products, but I felt like some of their features overlapped with SecureTrack and SecureChange, which they are already doing. So, I just wondered what direction they're going in? I understand that they are cloud products, but are these security products going to overlap each other's features at some point? This is my initial concern."

"We will be using the appliance based product, which cannot be scaled as much. It is a limitation in the hardware."

"We want to have the ability for a ticket requester to add somebody, or to give somebody view rights to their ticket."

"We would like to see more in terms of integration with other application types within the context, such as next-generation firewalls or next-generation threat devices that are out there."

"A limitation right now for compressed firewalls is the limited ability to see above a site level in terms of the Topology Mapping in the policy display. While Tufin's actively working on a solution, or at least they have this in the queue, from being able to view this on a higher level and how all of our site networks are connected, this ability would be useful, as we expect to have these compressed firewalls in place for quite some time."

"The pricing could be a bit more competitive."

More Tufin Orchestration Suite cons

Pricing and Cost Advice

Information not available

"We pay around 60,000 on a yearly basis."

"We're able to save because we don't have to employ more staff members to help wit ht he scheduling of the scans, running the reports or sending them out to the systems owners. That alone is a big ROI for us."

"The pricing depends upon the number of IPs."

"The licensing costs for this solution are approximately $100,000 US, and I think that covers everything."

"The pricing is more than Nexpose."

"My company needs to make yearly payments towards the licensing costs. The pricing of the solution falls in the mid-range level, so it is not too expensive"

"We're happy with the licensing cost and find it affordable."

"I rate the solution's price as seven on a scale of one to ten, where one is cheap and ten is expensive. The tool is quite expensive."

More Tenable Security Center pricing and cost advice

"I just wrote a purchase order for it. It is a $150,000 a year."

"Price could always be better, but there are always consequences."

"I'm saving 20 man-hours a week, so I am seeing some ROI."

"We've seen a decrease of about 50 percent in the overall time it takes to complete a firewall change."

"It is expensive, but as compared to other players, it's more or less okay. Their pricing is not very transparent. This is my biggest point regarding Tufin. I've never seen a price list or something like that. It's always individual, and in many cases, it's very confusing to know what is the base and what is the price."

"We have seen ROI from the side of operations, and we'll probably get to more of that as time goes on. However it took a while to get to that point."

"The solution has helped us to reduce the time it takes to make changes. With Tufin, it takes ten to 15 minutes. Before, it was 30 minutes or more."

"Tufin makes things a little easier. It lessens the amount of manual work which we have to do. It has a lot of benefits in terms of revenues, profits, employee costs, and operational costs. We have already seen return on investment."

More Tufin Orchestration Suite pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Risk-Based Vulnerability Management solutions are best for your needs.

See recommendations

861,803 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Computer Software Company

11%

Financial Services Firm

11%

Manufacturing Company

Healthcare Company

Financial Services Firm

13%

Computer Software Company

12%

Government

11%

Manufacturing Company

Financial Services Firm

17%

Computer Software Company

14%

Manufacturing Company

10%

Healthcare Company

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

No data available

Questions from the Community

What is your experience regarding pricing and costs for Zafran Security?

The current pricing of Zafran Security is fair overall. They were good to work with to accommodate our organization w...

See all answers

What needs improvement with Zafran Security?

The dashboarding and reporting functionality of Zafran Security is an area that definitely could use some improvement...

See all answers

What is your primary use case for Zafran Security?

Zafran Security is helping reduce the amount of critical vulnerabilities in our environments that require prompt reme...

See all answers

What do you like most about Tenable SC?

The tool's dashboard and reporting capabilities match our company's needs since we are able to modify the basic view ...

See all answers

What is your experience regarding pricing and costs for Tenable SC?

Tenable Security Center is quite expensive, particularly for the CEE region, causing us to lose cases due to its pric...

See all answers

What needs improvement with Tenable SC?

Tenable Security Center could improve by implementing more dynamic data displays and translating reports into Europea...

See all answers

What needs improvement with Tufin SecureCloud?

Tufin Orchestration Suite ( /products/tufin-orchestration-suite-reviews ) is not commonly used in Thailand due to a l...

See all answers

What is your primary use case for Tufin SecureCloud?

I have primarily used Skybox and AlgoSec ( /products/algosec-reviews ). I have also interacted with FireMon for compi...

See all answers

What advice do you have for others considering Tufin SecureCloud?

There is potential for improvement in explaining the analytics in the dashboard for Tufin Orchestration Suite. Tufin ...

See all answers

Comparisons

Wiz Code vs Zafran Security

Compared 42% of the time

Vulcan Cyber vs Zafran Security

Compared 16% of the time

ServiceNow Security Operations vs Zafran Security

Compared 9% of the time

Tenable Vulnerability Management vs Zafran Security

Compared 9% of the time

Nucleus vs Zafran Security

Compared 7% of the time

More Zafran Security Competitors

Qualys VMDR vs Tenable Security Center

Compared 12% of the time

Rapid7 InsightVM vs Tenable Security Center

Compared 11% of the time

Tenable Nessus vs Tenable Security Center

Compared 10% of the time

Tenable Vulnerability Management vs Tenable Security Center

Compared 9% of the time

The NodeZero Platform vs Tenable Security Center

Compared 6% of the time

More Tenable Security Center Competitors

AlgoSec vs Tufin Orchestration Suite

Compared 36% of the time

FireMon Security Manager vs Tufin Orchestration Suite

Compared 33% of the time

Skybox Security Suite vs Tufin Orchestration Suite

Compared 16% of the time

Palo Alto Networks Panorama vs Tufin Orchestration Suite

Compared 4% of the time

ManageEngine Firewall Analyzer vs Tufin Orchestration Suite

Compared 3% of the time

More Tufin Orchestration Suite Competitors

Product Reports

Buyer's Guide

Continuous Threat Exposure Management (CTEM)

July 2025

Download Zafran Security product report

Buyer's Guide

Tenable Security Center

June 2025

Download Tenable Security Center product report

Buyer's Guide

Tufin Orchestration Suite

June 2025

Download Tufin Orchestration Suite product report

Also Known As

No data available

Tenable.sc, Tenable Unified Security, Tenable SecurityCenter

Tufin SecureCloud

Overview

Zafran Security integrates with existing security tools to identify and mitigate vulnerabilities effectively, proving that most critical vulnerabilities are not exploitable, optimizing threat management.

Zafran Security introduces an innovative operating model for managing security threats and vulnerabilities. By leveraging the threat exposure management platform, it pinpoints and prioritizes exploitable vulnerabilities, reducing risk through immediate remediation. This platform enhances your hybrid cloud security by normalizing vulnerability signals and integrating specific IT context data, such as CVE runtime presence and internet asset reachability, into its analysis. No longer reliant on patch windows, Zafran Security allows you to manage risks actively.

What are the key features of Zafran Security?

Threat Exposure Management: Utilizes existing tools to prioritize vulnerabilities and manage threats.
Integrative Analysis: Combines security data with IT context for precise vulnerability management.
Real-time Risk Reduction: Enables immediate risk management without waiting for patches.
Hybrid Cloud Compatibility: Functions across diverse cloud environments for comprehensive security.

What benefits can users expect from Zafran Security?

Improved Security: Enhances protection by efficiently identifying and mitigating risks.
Cost Efficiency: Reduces unnecessary patching expenses by confirming non-exploitable vulnerabilities.
Time Savings: Frees developers to focus on root causes by handling immediate threats.
Comprehensive Insight: Offers a holistic view of security threats and vulnerabilities.

In industries where security is paramount, such as finance and healthcare, Zafran Security provides invaluable protection by ensuring that only exploitable vulnerabilities are addressed. It allows entities to maintain robust security measures while allocating resources efficiently, fitting seamlessly into existing security strategies.

Zafran Security

Get a risk-based view of your IT, security and compliance posture so you can quickly identify, investigate and prioritize your most critical assets and vulnerabilities.

Managed on-premises and powered by Nessus technology, the Tenable Security Center (formerly Tenable.sc) suite of products provides the industry’s most comprehensive vulnerability coverage with real-time continuous assessment of your network. It’s your complete end-to-end vulnerability management solution.

Tenable

Tufin enables organizations to automate their security policy visibility, risk management, provisioning and compliance across their multi-vendor, hybrid environment. Customers gain visibility and control across their network, ensure continuous compliance with security standards and embed security enforcement into workflows and development pipelines.

Tufin

Sample Customers

Information Not Available

IBM, Sempra Energy, Microsoft, Apple, Adidas, Union Pacific

3M, AT&T, Blue Cross Blue Shield, BNP Parabas, ConocoPhillips, Deutsche Bank, GE, IBM, Pfizer, United States Postal Service

Buyer's Guide

Risk-Based Vulnerability Management

July 2025

Download Free Report

Find out what your peers are saying about Qualys, Tenable, Rapid7 and others in Risk-Based Vulnerability Management. Updated: July 2025.

DOWNLOAD NOW

861,803 professionals have used our research since 2012.

We monitor all Risk-Based Vulnerability Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.