Tenable SecurityCenter Continuous View [EOL] Reviews

We have three or four use cases. 

The first is enterprise vulnerability management through continuous scanning. Twice a week, every week, we fully authenticate every host in the environment to perform authenticated scans. The caveat there is our mobile workstations, like our Macs or our Windows laptops. We've deployed agents on them and we do those scans daily. 

The second use case is baseline adherence. We have tailored, customized, secure baselines for about 40 technologies in the environment and we attest to them once a week: everything from common server versions, to a dozen or more database technologies, to middleware, etc. 

Thirdly, we use Tenable.io as our PCI ASV. That's our scanning platform to satisfy some of our PCI controls. 

Finally, we also use Tenable.io to perform truly continuous - in the sense that it never stops - unauthenticated scanning at the perimeter.

We use Tenable to monitor many dozens of technologies. For the most part, any database technology you can think of: multiple versions of Windows Server, Windows 10 on the workstation, High Sierra and Mojave for macOS, a bunch of different networking technologies. The list goes on.

A major advantage, that falls under the "supportability" umbrella, is that with the previous technologies, they didn't have a great way to create highly customized or tailored baselines. With Tenable all the baselines we have are tailored to what we want to see in the environment, and that's what we attest to. It's a little different now, but when we were doing an RFP, the other players would allow you to do CIS, but they wouldn't really allow you customize them or create your own custom checks, and that's something we do extensively.

The nice thing about Tenable's Predictive Prioritization features is that, while our SOPs haven't been updated yet, with Predictive Prioritization it effectively allows us to scale out our tailored risk calculations in the environment.

With Tenable's ability to do highly customized and tailored baselines, it has allowed us to much more accurately measure our adherence to a tailored baseline, versus something like base CIS. With that greater visibility, it allows us to better manage our actual platforms. Every week, at least for our major platforms, we're partnering with them to continuously drive adherence to our tailored baselines. Previously, we were unable to do that effectively.

The level of visibility Tenable provides us, compared to our previous solutions is night and day. For traditional, network-based vulnerability scanning, Tenable is at the top. It's that simple.

We use it for scanning across our network. We leverage the Nessus scanners to scan the environments we have. That includes the external view, scanning across our DMZ, PCI, and internal environments. We have our Windows and Linux clients and servers. We have IP enabled on almost everything, including the printers, cameras, and elevator banks. It does some analysis on anything that's plugged into the network, with varying degrees of efficiency based on what the device is.

We do full IP-import scans periodically. When we do the actual scans themselves they're usually more narrowed and focused, because if you did every port and every IP every time it would take forever.

SecurityCenter enables us to find all the vulnerabilities, export that data, prioritize it, and address the highest-risk vulnerabilities. That is definitely the main goal of the tool and it wouldn't be possible without the scanning technology accurately assessing the environment. 

It helps to limit our cyber exposure because every time we identify one of the exposed or high-risk vulnerabilities and enclose that, or address it, it reduces the overall exposure. This solution is just one tool in the whole chain that helps accomplish that. It is a very critical component, but it's not doing it in a vacuum.

The scanning helps us focus resources on the vulnerabilities that are most likely to be exploited. We're just starting to look into doing the compliance policies. That will be the next step. Right now, we're reactive, addressing vulnerabilities that are detected. We'd like to identify misconfigurations upfront, address those to speed things up, and reduce the resource cost. If you let a bad image go out to production, and deploy it on 50 systems, you have 50 tickets instead of a single place to fix it. That's what we're looking to leverage next.

In terms of financial value, within PCI compliance especially, if you don't have a scanner in place or you're not conducting PCI scans, you can't participate in the credit industry and accept credit cards. That's a requirement and a role that Tenable fills, one that must be addressed through regulation. We are also subject to GRC and a couple of others which are directly addressed, or a component of them is addressed, through Tenable and scans that it runs.

We use it to scan all of our servers and network devices on a monthly basis. Then based on the outcome, we do the patching depending on high availability, and so on.

Through porting, we can see how the improvement is happening over a period of time. We can see the overall scenario from the last year, where were we were and where we currently stand.

Our primary use case is to the customer with the vulnerability scan, analysis, compliance, security positioning, regulatory, configuration of the risk assessment, and with the network monitoring.

The features that I have found most valuable are that it is easy to set up. I is easy to manage and every report already has a template so it is easy for us to generate a template with a compliance and execute authority. All the reports we can generate as if it is a new requirement.

Another valuable feature is that we can manage everything with only a single console on the Tenable SecurityCenter. We can pull and define the policy. We can perform every task on the Tenable SecurityCenter.

One more thing is that Tenable SecurityCenter has an R3 feature which makes it very easy to manage or at least own the asset policy that we define.

Another great feature is that it is very easy to generate reports for management. There is no need to manually create them, everything is by steps. We can add on all the templates, we can cost them on the template and we can do everything in the Tenable SecurityCenter.

Lastly, the Tenable SecurityCenter is aligned for customer with the compliance and regulatories. as well.