Coming October 25: PeerSpot Awards will be announced! Learn more
2019-05-20T08:00:00Z
Julia Frohwein - PeerSpot reviewer
Senior Director of Delivery at PeerSpot (formerly IT Central Station)
  • 0
  • 2

What advice do you have for others considering Tenable SecurityCenter Continuous View?

If you were talking to someone whose organization is considering Tenable SecurityCenter Continuous View, what would you say?

How would you rate it and why? Any other tips or advice?

3
PeerSpot user
3 Answers
SATYAVRAT MISHRA - PeerSpot reviewer
AVP - Corporate IT at Godrej Industries Ltd
Real User
Top 10
2021-05-17T18:28:01Z
17 May 21

I would recommend this solution to potential users. On a scale from one to ten, I would give Tenable SecurityCenter Continuous View a nine.

Eric Noe - PeerSpot reviewer
Senior Information Technology Security Engineer at a insurance company with 10,001+ employees
Real User
2019-06-06T08:18:00Z
06 June 19

The fundamentals are the most important part. Make sure you can access and scan all the different parts of your network with the correct authenticated scans. That is what is most important. Everything else derives from that base data, so you have to make sure that's in place and organized correctly. In terms of vulnerability prioritization, a lot of it is based on the CVSS score. We're just starting to look into the VPR feature and see how well we agree with that. The way we have it, within our architecture, is that SecurityCenter will run the scans, and then we export the scanned results into a different tool that does network modeling and prioritization. After that system prioritizes, it forwards it into our ServiceNow platform for ticketing and remediation. So far it's been effective in accomplishing the goals we had. In terms of SecurityCenter reducing the number of critical and high vulnerabilities we need to patch first, I can't really answer that question. With such a large environment, we have quite a number of vulnerabilities. We're not using, for the most part, Tenable's built-in prioritization, or the VPR rating. So it's hard to say if Tenable increased or decreased the number of vulnerabilities that we have to address, compared to the previous solution. A lot of stuff changed around the same time, so it's not comparing apples to apples. Our team is the only one that manages SecurityCenter day-to-day and runs the scans. After the scans are done it goes out to a prioritization tool, which it applies some additional context and additional data to drive a risk score. Based on a threshold there, it's sent into ServiceNow, where the team which owns the asset or the device will do the remediation. Most of the data they get comes directly from Tenable. It's just removed a couple of steps by going through those other platforms. Overall I would rate SecurityCenter at nine out of ten. There are definitely some things that could probably be improved, but how we use it might not be how every other customer uses it. Just because we don't use a feature, or we're missing a feature, doesn't mean that other customers aren't getting more leverage out of it.

GS
Director - Information Risk Management at a consultancy with 1,001-5,000 employees
Real User
2019-05-20T08:00:00Z
20 May 19

My advice isn't vendor-specific, it's much more agnostic. Whoever is looking for a new solution for vulnerability management or configuration management, needs to ensure that they take their time. Develop a strong RFP process that's objective and quantitative and removes bias. Then, perform a well-thought-out PoC and let the data speak for itself. For me, it's extremely important that when you're planning on spending millions of dollars, or making a large purchase, that you remove any emotion or bias. You take the relationships out of the picture, and you let the best product win, given a certain use case. In terms of Tenable focusing our resources on vulnerabilities which are most likely to be exploited, I can't say yes or no. One of the functions our team has is to focus on vulnerability research and emerging threats, and that was before there was ever a plugin created for Tenable. The team is actually really proactive in identifying vulnerabilities through manual research. That's where a lot of the critical stuff comes from. We'll find something critical before the scanning vendors even have a check for it. The output of Tenable is used by dozens of folks, primarily engineers. Tenable itself, as a platform, is used by 15 or 20 folks. Most of them are vulnerability analysts and some of them are platform engineers. There are a dozen or so executive leaders who reference Tenable's data, as well. We built some 50 dashboards, tailored to a given audience, so that they can see near real-time results. For example, our CIO has an enterprise goal of reducing X percent of vulnerabilities in our enterprise, so we've built out specific dashboards reflecting all of that work. Maintenance of the product requires one person, and it's not a full-time position. For deployment, I had two people, who are security analysts. I actually did not need software engineers to do it. We're using Tenable very extensively. Some of the feedback I got from Tenable this week is that we're actually one of their more mature clients. And we are expanding our usage. Our company was procured in early December last year, and we'll be expanding not only the scope of what we currently use but also increasing some of the functionality. For traditional, network-based vulnerability management, I would rate Tenable a nine out of ten. For dynamic application scanning, it's a two out of ten. Overall, I'd put Tenable at a seven out of ten, which is still definitely higher than any of the other technologies that operate in the market. I think this segment of the market is a bit confused. There are too many companies looking to be a silver-bullet and own it all, and their strategy is a bit confused.

Find out what your peers are saying about Tenable Network Security, ManageEngine, Microsoft and others in Network Monitoring Software. Updated: September 2022.
635,162 professionals have used our research since 2012.
Related Questions
Julia Frohwein - PeerSpot reviewer
Senior Director of Delivery at PeerSpot (formerly IT Central Station)
Jul 24, 2021
How do you or your organization use this solution? Please share with us so that your peers can learn from your experiences. Thank you!
See 2 answers
SATYAVRAT MISHRA - PeerSpot reviewer
AVP - Corporate IT at Godrej Industries Ltd
17 May 21
We use it to scan all of our servers and network devices on a monthly basis. Then based on the outcome, we do the patching depending on high availability, and so on.
Pov Men - PeerSpot reviewer
Network Security Engineer at np secure
24 July 21
Our primary use case is to the customer with the vulnerability scan, analysis, compliance, security positioning, regulatory, configuration of the risk assessment, and with the network monitoring.
Julia Frohwein - PeerSpot reviewer
Senior Director of Delivery at PeerSpot (formerly IT Central Station)
Jul 24, 2021
Hi, We all know it's really hard to get good pricing and cost information. Please share what you can so you can help your peers.
See 2 answers
SATYAVRAT MISHRA - PeerSpot reviewer
AVP - Corporate IT at Godrej Industries Ltd
17 May 21
Pricing-wise, it's fine. It's not an expensive product. That's not an issue.
Pov Men - PeerSpot reviewer
Network Security Engineer at np secure
24 July 21
I don't think the pricing is a concern, because if we consider on the business, Tenable SecurityCenter provides many things to the customer. Our customer does not have any concerns or worries.
Related Articles
Ariel Lindenfeld - PeerSpot reviewer
Director of Content at PeerSpot (formerly IT Central Station)
Aug 21, 2022
We’re launching an annual User’s Choice Award to showcase the most popular B2B enterprise technology products and we want your vote! If there’s a technology solution that’s really impressed you, here’s an opportunity to recognize that. It’s easy: go to the PeerSpot voting site, complete the brief voter registration form, review the list of nominees and vote. Get your colleagues to vote, too! ...
Abhirup Sarkar - PeerSpot reviewer
Director, Middle East, East India & SAARC at EverestIMS Technologies
Aug 26, 2022
Modern-day servers are robust enough to accommodate as many applications and processes as possible. Still, there is a limit to how much load a server can handle. If your business does not heed the server constraints in time, you are bound to suffer from operational loss due to server downtimes. To closely monitor your server health, you must track specific metrics regularly. Here are some s...
See 1 comment
AleksandraWojdyła - PeerSpot reviewer
Marketing & PR Specialist at AdRem Software
26 August 22
Collecting as many metrics, statuses, and logs about the servers is indeed the first step, you never know what data you will need to solve a particular problem. The second step is to process and correctly pinpoint where the network performance/behavior differs from the expected range/baseline.  Can your network monitoring software automate the obvious (execute remote corrective actions in response to alerts) and notify the IT person about only critical situations where the human needs to make a decision about the resolution options? We expect the network monitoring software today to do just that.  I would say NetCrunch can do it, but do you have any experience with other monitoring products that provide a similar type of monitoring experience for IT teams?
Netanya Carmi - PeerSpot reviewer
Content Manager at PeerSpot (formerly IT Central Station)
May 02, 2022
PeerSpot’s crowdsourced user review platform helps technology decision-makers around the world to better connect with peers and other independent experts who provide advice without vendor bias. Our users have ranked these solutions according to their valuable features, and discuss which features they like most and why. You can read user reviews for the Top 8 Network Monitoring Software Tools ...
Related Articles
Ariel Lindenfeld - PeerSpot reviewer
Director of Content at PeerSpot (formerly IT Central Station)
Aug 21, 2022
PeerSpot User's Choice Award 2022
We’re launching an annual User’s Choice Award to showcase the most popular B2B enterprise technol...
Abhirup Sarkar - PeerSpot reviewer
Director, Middle East, East India & SAARC at EverestIMS Technologies
Aug 26, 2022
7 Most Important Metrics of Server Monitoring Software
Modern-day servers are robust enough to accommodate as many applications and processes as possibl...
Download Free Report
Download our free Network Monitoring Software Report and find out what your peers are saying about Tenable Network Security, ManageEngine, Microsoft, and more! Updated: September 2022.
DOWNLOAD NOW
635,162 professionals have used our research since 2012.