Tenable Security Center Reviews

We use Tenable SC for compliance and vulnerability scans. 

We are fully updated in terms of the version, and we have its latest version.

Compliance and vulnerability scans are most valuable. Compliance scan helps in validating how our teams are complying, and vulnerability scan helps in future-proofing. Its vulnerability detection is accurate.

Its reporting can be improved. It is not easy to generate a scan report the way we want. The data is okay, but we can't easily change the template to make it look the way we want.

I have been using this solution for about two years.

It is stable and reliable, but it also depends on the on-premise resources.

It is easy to scale. It is currently being used by a few people in our company.

We sometimes took support from Tenable when we had issues with the scans and we couldn't get the results. They were helpful. It is easy to get support.

It is easy to set up. We need to set it up from the appliance.

We can do it on our own, but we sometimes need help from the vendor.

Its maintenance is done from our side.

It is a bit expensive. Everything is included in the license.

It has been good so far. I would rate it an eight out of 10.

We primarily use the solution for vulnerability scanning across the network . 

A few months back, I conducted a Deployment on Tenable SecurityCenter for a Reputed  Private Bank. Also I had to teach the Usage and features and then show them how the scan things work and how results can help analyze and report. also helped developing some use case like Scheduling scan and email that to specific users for mitigation, Generating Alert for particular level of vulnerability etc.

Tenable has come a long way than we found earlier, Asset Criticality Report and Predictive Prioritization helps us finding the most critical loophols in minutes, Security Engineers can now focus more on Remediation. Less of false positive eases our vulnerability program and saved time.

In Tenable SecurityCenter, the Risk-based approach for Prioritizing vulnerability is something that is unique to any vulnerability management platform. Compared to Qualys and Rapid7, Tenable VPR is a special thing that those products don't have. The security over the CVSS and V1 and V2 with the VPR feature help an organization reveal the exact risk of any asset. There might be thousands of vulnerabilities, however, the most impactful vulnerabilities are listed and prioritized in the VPR. 

As tenable SecurityCenter is powered by popular Nessus technology, It is really easy to set up.

The solution is stable and considered as the most solid vulnerability management platform in the industry. 

Tenable.sc provides a wide range of dashboards which makes it easy to grasp the vulnerability profile of the organization. These dashboards allow us to view vulnerabilities in different categories in a simple to understand format. The upgrade to Tenable.sc+ has improved on this as well. Regularity of plugin updates are also exceptional. The speed at which tenable has pushed plugin updates and overall platform updates is great. Also the automatic update capability makes maintenance very simplified. Easy to use User interface. For someone who is not familiar with Tenable.sc, the interface is not difficult to follow along and the documentation makes it very simple for anyone

The solution has a very nice Asset discovery feature that gives you gives you unified visibility of your entire attack surface, As It leverages Nessus Sensors, a mix of active scanners, agents, passive network monitoring, and CMDB integrations to maximize scan coverage across your infrastructure to reduce vulnerability blind spots. This mix of data sensor types helps you track and assess both known and unknown assets and their vulnerabilities

The solution is a bit on the expensive site. In a country like  Bangladesh, most of the customers don't have a budget that could afford Tenable SecurityCenter. They'd rather go for Qualys and Nexpose, which cost less. The licensing policy is something they can improve. 

Support could be faster.

I've used the solution for last 5 years now. 

The solution is verry stable. That said, some customers complain about the results and how they are shown. Compared to Nessus, if a customer gets used to using Nessus, and then comes into Tenable SecurityCenter, then the compliance results are an area where they might find a difference. In Nessus, the compliance results are shown in past and failed. In Tenable.sc, it's shown in medium and high. This could be more clear. 

Tenable can be scaled easily, just to add additional IP's on the licensing and that's it.

I haven't really dealt much with technical support. In the initial stage, however, when I started deploying Tenable SecurityCenter, I faced a bit of a challenge implementing the Nessus Network Monitor. I figured it out, and now I don't have issues. 

Support is top-notch, however, in terms of response times, they are slow, and they need to be faster. 

Positive

I have also worked with Qualys for a long time.

In our country, People are yet not comfortable adopting SaaS/cloud based solutions also,there are some government jurisdictions that require data to be within the country and an on-prem solution is always needed for the organization. Other solutions, Qualys and Rapid7, are mainly cloud designed. Tenable SecurityCenter is the only solution that can be fully on-prem for small to mid Enterprises. 

Also, Tenable is better for compliance requirements in terms of regulations around vulnerability management. it has reporting on compliance with pre-defined checks, metrics and proactive alerts on violations for industry standards like CERT, NIST, DISA STIG, DHS CDM, FISMA, PCI DSS etc. and regulatory mandates. while it comes to other solutions i dint find the compliance feature as good as Tenable 

The initial setup is simple. It's not complex at all. 

You can go with the installer for Tenable SecurityCenter, which has an installer file for Linux and Unix platforms only. talking about the Nessus scanners, It can be deployed anywhere, including on Windows machines or Linux. There is not much of a challenge to it.

The time it takes to deploy varies. For example, what is the implementation size? How many IPs, and what are the sites? Those things change the timing. If it's a stand-alone setup, it can take around one to two hours to deploy. If you are also talking about onboarding the IPs, and scanning all those IPs, it can take a working day to complete.

The legecy container security is already in it's EOL, if it gets added to Tenable Security Center, users can take full toll of on prem container scanning.

Its cost depends on the Number of Assets. The licensing is per year. 

i had also worked and evaluated Qualys.

We sell Tenable.

I'm using something around version five. I have installed the demo version of it in my Docker.

The product really stands out in comparison to the competition. However, the price tag is a bit on the higher.

I would advise new users to scan all assets and grab the results and set up all security postures and do stats for mitigating those attacks which are critical. For the first time, I would recommend they go for the critical and high vulnerabilities first in order to mitigate effectively very early on. 

I'd rate the solution nine out of ten.

We work as System Integrators and my team has experience in using Tenable Security Center. We provide solutions to work for various customers in BFSI, Telcos, and the Government sector. 

We use this solution mainly for vulnerability assessment and management. With the scanning feature set, we do the reporting and provide easy operation and implementation for our customers. 

The initial product price is quite high, and in our country, this market is very price sensitive, and we have multiple segments of customers. If I invest ten dollars on behalf of my customers and profit just five percent; in such a market, how does the solution provider ensure expansion from our side? This should be taken care of by the channel or legal system. Due to this, we need to work in a very tight situation. 

The solution is completely stable and operation is user-friendly. 

We are facing some challenges related to our channel. We are not having partner channel engagement if it's changed. Most probably due to the addressable market size, the solution providers are not putting that much purpose into the partners. 

I have been using the solution for one year. 

I would rate the stability a ten out of ten. The solution is completely stable. 

I would rate the scalability an eight out of ten.

For the first-time implementation, in a few cases, we needed to call technical support to help with license activation. Tech support was good. 

The initial setup of the solution is quite easy and the operation is user-friendly. The deployment time of this solution is not very lengthy. It depends upon the customers and how frequently they are providing us with the time slot to deploy. On-premise deployment doesn't take more than two to three days. Cloud deployment is also quite easy. 

This solution's price is quite high compared to other competitive solutions. 

I would rate the product a nine out of ten. I would advise to focus on partner relationship development and enablement. If your partner is not confident enough or they are not getting training or direct channel attachments, then it becomes difficult for System Integrator professionals. 

My company uses Tenable Security Center to detect and manage our environment's vulnerabilities.

Feature-wise, Tenable Security Center is a very fast tool with many dashboards and reports, and it covers all our systems.

The solution's user interface has some issues. Sometimes, when it comes to a table's interface, shortening a column which in general should be enabled for every column, is not possible. The aforementioned details can be considered for improvement.

I have been using Tenable Security Center for a year. I am using the solution's latest version.

The stability of Tenable Security Center can be described as a straightforward one.

Stability-wise, I rate the solution a ten out of ten.

It is a very scalable solution. Scalability-wise, I rate the solution a ten out of ten.

In my company, we have 20 users of the solution.

The solution is extensively used in our company.

I don't plan to increase the solution's usage since it is used by the security department only.

The technical support is good and provides a quick response whenever contacted by us.

Previously, I have used Tripwire IP360.

My company started using Tenable Security Center because of its reporting capabilities, including the number of reports and dashboards.

The initial setup was straightforward.

The deployment took place in a week.

During the deployment process, we first define your network zones, then we define your organization, define the scan policies, and then finally, we schedule the scanning.

The installation phase can be done in-house, but we chose to seek the help of a consultant.

My company needs to make yearly payments towards the licensing costs. The pricing of the solution falls in the mid-range level, so it is not too expensive.

Overall, I rate the solution a nine out of ten.

The solution is a vulnerability scanner that helps us check if we are covered on the audit and compliance aspect. It provides us with critical alerts in case we encounter any vulnerabilities. The tool also helps us with patching. It also gives us notifications whenever certificates like SSL expire.

The tool provides us insight into the happens of the network and its hosts. It provides me with a list of hosts. 

The product gives us reports whenever we setup a scan. 

The solution needs to improve its support. I would like to see a bird's eye view of my network architecture. I would also like to see the continuous view feature in the tool. 

The tool is pretty stable. I would rate it a ten out of ten. 

I would rate the tool's scalability a nine out of ten. My company has two users for the tool. 

I wasn't part of the tool's initial deployment. However, when we had to install the upgrades, we had to do the deployment all over again. The tool's deployment was easy. 

We have seen ROI with the tool's use. 

I would rate the tool a seven out of ten. 

We use Tenable for security. I'm an information security officer and we are customers of Tenable. 

The solution is very intuitive as are the dashboards. It provides good visibility to the vulnerabilities in the company. 

We currently have local authentication for Tenable but I'm looking to create connections with our active directory. I'm having some issues with that and it's holding things up. I'd like to have access to some training or documentation. As a security officer, I think there can always be improvements made to that aspect of a product. 

I've been using this solution for a few years but only for the past couple of months in this new company I've joined. 

The solution is stable. 

The solution is scalable. 

The initial setup is reasonably straightforward. We currently have about five IT people who are users of this solution. 

I like this tool a lot but I work in the security area, so my concerns are always about security and how we can increase the security of everything that we have. It's important to be cautious about who gets access to what. 

I rate this solution eight out of 10. 

We use Tenable to scan all of our environments and plugins for vulnerabilities. Tenable helps us discover network vulnerabilities to threats and piracy. 

Tenable's reporting engine needs improvement. It needs to be more efficient and add more features.

I've been using Tenable for one year.

Tenable is scalable. 

Tenable technical support needs improvement.

Setting up Tenable SC was straightforward, and it took two months to deploy. 

A third-party vendor implemented Tenable for us.  

I rate Tenable SC nine out of 10. It needs some improvements in the reporting engine and training. For example, I need the ability to easily check what happened on Tenable specific dates.

Tenable SC can be used in any company for vulnerability management life cycle.

It's a very useful tool.

Internal ticketing systems require improvement. 

The GUI could be improved to have all concerns and priorities use the same GUI, allowing them to see all tickets, assign vulnerabilities, and assign variation failures to each member of their team.

I have been working with Tenable SC for more than five years.                                                             

Tenable SC is very stable.

According to the sizing that we are dealing with in this first stage, it is very scalable.

We have not experienced any issues with the scalability of Tenable SC.

The information security team has access to the solution. The number of users varies from one environment to another. It ranges, from five users to ten users maximum.

The same number of users can easily deploy and maintain this solution, included the access manager, administrator, and anyone who can configure the policies they test.

Tenable technical support is very good. They are very helpful, and responsive.

We had experienced some delays in two or three tickets we started, but that may have been because of the client, they were very unresponsive.

Overall, the technical support is very good.

I have worked with Rapid 7 and Qualys.

The installation is very straightforward. It's the easiest solution that I have ever implemented.

The installation was quick, taking no more than one or two minutes.

I completed the installation myself. It can easily be installed by anyone.

The license is perpetual and is based on the number of IP addresses you want to scan in your organization.

The support comes with a different license.

Tenable SC is without a doubt a good choice.

I would rate Tenable SC a nine out of ten.