Tenable Vulnerability Management Reviews

I primarily use the solution in order to scan assets for our clients. 

It's very reliable and is a dependable solution. 

The product offers multiple customizable templates. They've released new templates for template scanning. It makes everything a lot easier.

The dashboards are very helpful. They are also quite customizable. 

It's stable.

The solution can scale.

The initial setup is pretty straightforward. 

They need to have more dependable and faster support.

We'd like them to add more features surrounding the filtering of vulnerabilities. My understanding is that they are working on this already.

I've been using the solution for almost two years. 

The solution is stable. I'd rate it eight out nine out of ten. It is reliable. The solution doesn't crash or freeze. There are no bugs or glitches. 

The solution can scale well. I'd rate it eight out of ten. 

We have about 13,000 to 15,000 assets. 

Support is okay. However, we've had issues with them. I've had difficulties raising cases.  They need to be more responsive and need to get back to us faster. 

Neutral

The initial setup is easy. I've had no issues with the setup process. 

I'm not sure what the pricing is. I don't handle licensing.

Last year we evaluated it with other solutions. We were looking for a new or additional product to extend our expertise beyond Tenable. We did look into Qualys, among others. 

I'd rate the solution nine out of ten. I'm happy with its capabilities. 

Vulnerability Management is used to discover assets and identify vulnerabilities across our IT landscape. 

The dashboard is pretty intuitive, and it lets you do a drill-down analysis of each vulnerability. That is something that brings a lot of value to the organization.

Tenable could improve visibility into assets, including automated asset tagging. You should be able to automatically tag assets based on location, function, ownership, etc. That would help us because we spend a lot of time identifying and tagging assets by hand. 

I have used Vulnerability Management since February 2021.

There are factors within the organization that affect stability. Ultimately, your Tenable.io performance depends on your on-prem network infrastructure. 

I haven't used Tenable.io support, but my team has, and I haven't heard any complaints thus far. 

I used Qualys at my previous job for vulnerability validation, but I have used Tenable.io VM for quite a while now.  

Deploying Tenable.io VM is neither straightforward nor particularly complex. We run gateways in North America and India, respectively that talk to the Tenable.io console. It's not too complex. It was in place when I joined, but I believe it took no more than two weeks to deploy.

You need to create a tenant in the Tenable Cloud SaaS and configure user access.  We have five analysts using the solution and one or two admins. 

We see a return by identifying vulnerabilities and converting them into actionable items. The solution provides a lot of visibility into your environment. 

We pay an annual subscription, and I feel the cost is reasonable. The license covers everything, including support. 

I rate Tenable.io Vulnerability Management nine out of 10. It's an excellent product that's scalable, stable, and intuitive. It helps you to drill down into vulnerabilities.

Before, they did not have an agent-based solution. Last year, they developed one. For example, before, when users were roaming or working from home, we wouldn't be able to scan previously. Now, we can cover anyone, even off-site. 

The most valuable feature is the configuration audit. 

The interface is fine. 

We haven't had issues with support.

The solution is easy to deploy and maintain. 

The solution can scale well.

The entire product is very easy to use. 

The solution is a bit slow. It should be faster. They could improve the performance. 

We primarily use the solution for vulnerability management and confidential information detection, for example, credit card information. We also use it for configuration management. 

The scalability is great. I'd rate it nine out of ten. A company can expand it if they would like to. 

Technical support is okay. The issue is they don't have a team based in India. Sometimes, it's hard to get support on time. However, they are pretty helpful. 

Positive

We are also using Tenable.sc, version 6.0.

The initial setup is pretty straightforward. I'd rate the process eight out of ten overall. It is not overly complex. 

We can implement the solution in one week in one region. 

In terms of maintenance, we only really need one person. That's enough.

I do not manage the licensing or pricing. My team handles this aspect.

We did test multiple other solutions.

I'm an end-user.

This is an agent-based solution. There isn't a specific version we use.

The solution is very user-friendly if you compare it to other tools. I'd rate it eight out of ten. 

Our company has 25 technicians who use the solution to scan firewalls and produce scheduled compliance reports for various environments.

The solution is easy to use and configuration is smooth with no complexities.

The solution is one of the best tools in the market for vulnerability management and remediation. It functions exactly as we desire.

The solution creates vulnerability tickets within the VM profile but should also include them under the Remediation tab so the fixes can be viewed in the ticketing queue. 

Qualys is a competitor product and handles vulnerability tickets in this comprehensive manner. 

I have been using the solution for two years. 

The solution is stable and I have only experienced hangs a few times. 

The solution is accessible from the private cloud so it is scalable to any needs. 

Technical support requires constant follow up and that is an issue. Once they are made aware of an issue, it takes time for them to find a resolution. I currently have three cases and have been waiting so long for updates that I have asked for escalation.

Support provided by Qualys is better because they work with you right away to resolve issues. 

I rate support a two out of ten. 

Negative

The initial setup is straightforward and not hard to understand if you have worked with other solutions. 

We experienced an authentication issue when the NetApp scanner was trying to log in to the system and firewall, but we modified the setting and the issue was resolved. 

We deployed the solution ourselves and the complexity depends on each environment. 

For example, our company has AWS, Azure, and on-premise data center environments. Our infrastructure team builds a list of assets and then our technicians deploy the solution to conduct scans. 

The annual license is a bit costly but the solution is worth it. 

We also use Qualys and like how it handles vulnerability tickets. 

We moved to the solution because Qualys does not support Cisco Secure Firewalls and that is a requirement in our environment. 

While Qualys offers dual locations for vulnerability tickets, it is not difficult to use API calls to integrate the solution with ServiceNow for assigning mitigation. 

Many companies use third-party tools like Jira to integrate things so it is not unusual. I do believe Tenable is working on an internal solution that will be available in the future.  

I rate the solution an eight out of ten. 

Tenable.io Vulnerability Management is used as a unified platform for vulnerability management.

Tenable.io Vulnerability Management could be improved with an increased number of dashboards and MSSP integration.

I've been working with Tenable.io Vulnerability Management for five years.

Tenable.io Vulnerability Management is stable.

Tenable.io Vulnerability Management is scalable.

Tenable doesn't provide support beyond documentation.

Neutral

The initial setup is straightforward so long as your infrastructure, components, and networks are in place. There are also a few teaching issues post-migration, like integration with third parties and SEO integrations.

Tenable.io Vulnerability Management gives a good ROI in the long run, though it would be better with a pay-as-you-go model.

Tenable.io Vulnerability Management's pricing solution model isn't great. Providing a pay-as-you-go option would be an improvement.

Tenable is a full-service product, but it still has a lot of improvements to make, so I'd recommend exploring other products before implementing it. I would give Tenable.io Vulnerability Management a rating of nine out of ten.

The solution scans vulnerabilities in assets like workstations, network devices, desktops, or laptops. The product indicates vulnerabilities based on severity levels. There are high, critical, medium, low, and informational levels of severity.

The product can scan assets and web applications. It provides remediation for each vulnerability it scans. We get to know the actions we have to take to remediate the vulnerabilities. The solution is very simple to use. It also has cloud scanners. We can integrate Tenable and Nessus Scanner. It is easier to use.

The solution must provide penetration testing.

I have been using the solution since 2022.

The tool is very stable.

The tool is scalable.

We don't have many issues.

Positive

The initial setup is very easy.

The tool is easy to use and deploy. It's easy for customers to go through the documentation, see how it works, and scan their assets. Everything is straightforward, including the creation of users and enabling 2FA. Overall, I rate the tool a nine out of ten.

The tool's reports are bad. They're not very customizable or flexible. During audits, we often have to exclude things that aren't relevant to our organization, but we can't do that easily with the reports. They come in HTML or PDF format, and we can't compare current results with previous ones in Excel because we never receive reports in Excel.

I have been using the product for a year, and my organization has been using it for six to seven years. 

Tenable Vulnerability Management is stable. 

I rate the tool's scalability a seven out of ten. 

The solution's support is okay, but it could be more customer-friendly. The people providing support have knowledge, but they could improve customer interaction.

The tool's deployment can be challenging, especially for those unfamiliar with Kali Linux, as it operates on this platform. This might make the setup process difficult for users accustomed to other operating systems like Windows. It may take a couple of tries to get comfortable with the process. However, once you have set it up a few times, it becomes easier.

Sometimes, we use the tool for tasks like configuration and running scans. However, it's a bit difficult to use compared to Qualys. One issue we've noticed is that it takes up a lot of space, which customers often complain about. They promised more system coverage and updates, but it isn't happening.

I rate Tenable Vulnerability Management a seven out of ten. It might be challenging if you're used to working on Windows. However, it's a recommended tool for penetration testers because it's effective for that purpose.

We use it for audit and PT. 

We use the solution to scan our environment, ServicePRO. 

You can customize each point in new scans. 

I don't recommend Tenable.io Vulnerability Management for web scanning. 

I have been working with the product for two years. 

Tenable.io Vulnerability Management is stable. 

We have seven users for the product. 

My colleagues say that the tech support team is very responsive and helpful. 

Tenable.io Vulnerability Management's installation is easy. You just need to access the credentials for it. 

We have not seen ROI with the product's use. 

I would rate the product a ten out of ten. You need to be specific with each step while using Tenable.io Vulnerability Management.