2019-12-16T08:14:00Z

What needs improvement with Tenable.io Vulnerability Management?

Julia Miller - PeerSpot reviewer
  • 0
  • 37
PeerSpot user
23

23 Answers

Yogeswaran Neelagandan - PeerSpot reviewer
Reseller
Top 10
2024-01-24T10:12:08Z
Jan 24, 2024

It's a fantastic product, but there are some things to consider. One is the price. Compared to on-prem solutions, the SaaS model can be expensive. Price is definitely a concern and needs improvement, especially for the Indian market. While it's a fantastic product, it should be more accessible to small and medium-sized businesses (SMBs). Currently, only larger enterprises seem to be able to afford and evaluate it thoroughly. So, pricing can be improved and be more affordable for the Indian market, specifically for SMBs. Another area of improvement is customer service and support. Tenable needs to include support in the pricing/license. Currently, they push clients to get support from partners or channel distributors, who often charge a lot. Even for a simple one-time setup, they may charge three to four lakhs, and then additional annual charges for ongoing support. We have the technical skills to handle basic tasks, but relying on Tenable itself often results in just receiving emails or being redirected back to channel partners. So, support should be bundled with the product cost.

Search for a product comparison
Iwegbue Godspower Isioma - PeerSpot reviewer
Real User
Top 5Leaderboard
2023-11-20T12:49:08Z
Nov 20, 2023

The solution must provide penetration testing.

SP
MSP
Top 20
2023-10-12T17:12:52Z
Oct 12, 2023

There is no good work assignment system in the product. Specifically, if an SQL patch needs to be applied, then that needs to go to the SQL team, but Tenable wants to assign the ticket to an individual and not a team. The reporting was never great in Tenable Vulnerability Management, so, in my company, we imported all the data into Ivanti RiskSense to start using it for reporting.

Amr Abdelnaser - PeerSpot reviewer
Real User
Top 5Leaderboard
2023-08-14T13:26:50Z
Aug 14, 2023

I don't recommend Tenable.io Vulnerability Management for web scanning.

GK
Real User
Top 20
2023-07-17T09:14:09Z
Jul 17, 2023

Improvements should be made to the solution to make it easy to use. It's not a user-friendly tool since it has a complicated interface. The solution needs to have a more user-friendly interface.

Real User
Top 5
2023-07-14T10:59:03Z
Jul 14, 2023

The stability has room for improvement.

Learn what your peers think about Tenable Vulnerability Management. Get advice and tips from experienced pros sharing their opinions. Updated: March 2024.
765,476 professionals have used our research since 2012.
AndréAndrade - PeerSpot reviewer
Vendor
Top 10
2023-06-28T07:17:47Z
Jun 28, 2023

I didn't work a lot with the solution. My experience was pretty smooth. I don't have any recommendations for improvement. Maybe it's because I don't use it a lot. The only drawback of the solution is that it is expensive. The pricing should be kept lower.

SC
Real User
Top 5
2023-05-29T15:09:00Z
May 29, 2023

I would like the solution to cover the whole cycle of mitigation since it's an area where the solution currently lacks. Nessus was created and, like, covered afterward. All the system is built around a basic unit that is mitigation, not the vulnerabilities. You don't have all the vulnerabilities where you build all the processes and all the reports that you have around it. Vulnerability is not like you have this problem. They say to you. Basically, you have a problem, but you don't have the patch. And the patch, inside of it, you have fifteen vulnerabilities, and it appears as a vulnerability. You are missing a patch, but it's not a vulnerability. All the system is built around missing mitigation. As a basic unit that everything is built around, and so this part is what you see when you do reports or when you build dashboards, and you have several databases inside that you can build reports around, but it's all beautiful, and you have a lot of reports, right, out of the box. But when you start creating something that you really need, like a new report, then you're, like, this data is in this database or downloaded database and this in another database of mitigations, and hence they cannot easily be connected, so each report can be all around this database because they have, like, two, three databases. I don't remember exactly, but they have separate databases inside, and you need to build the reports around one database, and it's not easy to connect two databases into one meaningful report. So, this is a hard part. In short, I would like to see the databases seamlessly connected while doing a report. The tool is okay, but, like I said, to cover the whole cycle and is like connecting the unconnectable things because they are built this way which I don't think they can change right now. They can add things like brand reputation monitoring because it's the system that needs to identify all the vulnerabilities and infrastructure vulnerabilities. They can take it to add code vulnerabilities, like, if it's an R&D company that creates software, they have vulnerabilities of other types, like application-level vulnerabilities in the things that they are developing. And if it's a cloud, then it needs to be covered in a good way, considering the cloud infrastructure. Also, it works on the IP level. On the cloud, you can do it around EC2 instances. You can do the same in Tenable.io but then all the part of the cloud layer that is cloud-based but not on the EC2 level. Let's say it's CloudWatch logs and all the con configurations that are at a cloud provider level. So, there can be vulnerabilities there not at the EC2 level of the machine itself. So these are also vulnerabilities, and it can be good if they are shown and covered by the system. In general, brand reputation and external CTI are needed in the solution. Somewhere outside in the open world that it was bridged, and it's there, and then maybe we can show it to you also that it was bridged. So it's now in the open world, and they don't want to be, you know, to be the open world and also on the external attack surface, but I think we saw that some module that they are doing that is in just the right direction. So, it's a good direction.

VR
Real User
Top 20
2023-04-07T13:36:31Z
Apr 7, 2023

The asset identification has room for improvement. Since we are using a cloud-based scanner, we must scan devices based on their ID. However, we are encountering many issues with reporting. Assets are often being incorrectly merged or we encounter issues related to assets. If we had an agent with a scanning system, this issue may not have occurred, but it currently exists. The UI has room for improvement. The previous version of the UI was better. The technical support has room for improvement.

Yusuf-Hashmi - PeerSpot reviewer
Real User
Top 5Leaderboard
2023-03-14T11:43:18Z
Mar 14, 2023

Tenable could improve visibility into assets, including automated asset tagging. You should be able to automatically tag assets based on location, function, ownership, etc. That would help us because we spend a lot of time identifying and tagging assets by hand.

MC
Real User
Top 10
2023-02-13T20:29:00Z
Feb 13, 2023

They can improve in the area of role management and compliance reporting. They should include better customization of the dashboard and integration tools.

DS
Real User
Top 20
2022-11-10T18:44:54Z
Nov 10, 2022

The response times from the customer service and support team could be improved. Additionally, the pricing could be better.

OniRahman - PeerSpot reviewer
Real User
Top 5
2022-10-24T10:07:26Z
Oct 24, 2022

The price could be lower, and the grouping of platforms on the dashboard can be included in the next release of the product.

HE
Real User
Top 20
2022-10-18T19:29:44Z
Oct 18, 2022

The one drawback that we have found is the reports. We are still getting reports from Tenable.sc since the maturity levels on the reports are lacking. They need to improve the reporting in this solution. We just aren't seeing that many features or options.

VS
Consultant
Top 20
2022-09-09T13:33:40Z
Sep 9, 2022

The solution creates vulnerability tickets within the VM profile but should also include them under the Remediation tab so the fixes can be viewed in the ticketing queue. Qualys is a competitor product and handles vulnerability tickets in this comprehensive manner.

Prajot Nair - PeerSpot reviewer
Real User
Top 5
2022-07-06T06:38:20Z
Jul 6, 2022

Tenable.io Vulnerability Management could be improved with an increased number of dashboards and MSSP integration.

SN
Reseller
Top 20
2022-04-01T14:27:31Z
Apr 1, 2022

They've been able to think about everything in terms of where the world is going and the type of assets that you've got. They've everything sorted out in that aspect, but you have to pay for most of the other components that they've got to give you complete visibility across your tech surface. If it already had those capabilities in-built, without having to add them on to take advantage of them, it would be a very compelling value proposition. Their support needs to be improved in terms of turnaround time.

FA
Real User
2021-06-09T13:17:00Z
Jun 9, 2021

It can have more integration.

JK
Real User
2021-03-30T07:13:47Z
Mar 30, 2021

The solution seems to focus too much on enterprises, and they really need a product that works for SMBs. The enterprise product is too expensive for smaller companies, however, they really are looking for a product like this in the market. It's too technologically advanced for SMBs - Tenable is kind of a little bit like flying a 747. There's a lot of bells and whistles and switches and things like that, that quite frankly are not used or not understood largely by the average user. If they don't begin to cater to smaller organizations, they'll likely lose market share. They could use a better user interface that could be developed a lot better than it is. It really could be more intuitive.

Antonio Scola - PeerSpot reviewer
Reseller
Top 5Leaderboard
2021-02-25T09:28:25Z
Feb 25, 2021

The pricing of the solution could be more reasonable.

PM
Reseller
2020-12-17T16:06:00Z
Dec 17, 2020

An area of improvement for this solution is being able to customize the dashboard. For example, the dashboard does not allow us to view a previous months vulnerability results alongside current results to make comparisons.

VA
Real User
2020-07-05T09:37:54Z
Jul 5, 2020

We had some challenges with the implementation because of Docker Version 2, although with help from the support team, we were able to proceed. It would be helpful if Tenable could be more clear with regard to everything the solution can and cannot do with the particular license that you have. The information is not available on the web site and they should be more upfront about it.

MC
Real User
Top 10
2019-12-16T08:14:00Z
Dec 16, 2019

I don't have any issues with the solution at this time, and I don't think there are any features that are missing or could be added. The interface could be improved; right now it's running on two interfaces simultaneously.

Managed in the cloud and powered by Tenable Nessus, Tenable Vulnerability Management (formerly Tenable.io) provides the industry's most comprehensive vulnerability coverage with real-time continuous assessment of your organization. Built-in prioritization, threat intelligence and real-time insight help you understand your exposures and proactively prioritize remediations.
Download Tenable Vulnerability Management ReportRead more