Tenable.io Container Security Reviews

I have been dealing with Tenable.io Container Security for almost four to six months.

Most valuable are the reports that are quite good, particularly the detailed ones for container image scanning.

Tenable.io Container Security is giving me the vulnerability information of Docker images and the information about software bill of materials. However, my challenge at this time is that I am using all these solutions with GitLab Ultimate, and it does not support integration, so I am doing some alternate arrangements which are giving me operational complexity because I need to introduce something else instead of GitLab Ultimate. That is the primary concern regarding the benefits of real-time visibility into my containerized application security status.

Several things need improvement about Tenable.io Container Security. First, they should support GitLab Ultimate. Second, Docker-based installation would be required because not everybody has proper Kubernetes, so the standalone Docker should also be available. Third, there is a PostgreSQL issue that I believe has existed for almost six to eight months, so the engineering team must develop a solution for that. Fourth and finally, support capability exists, but it can be further enhanced.

I have been dealing with Tenable.io Container Security for almost four to six months.

Tenable.io Container Security works, but there is a lack of integration with GitLab Ultimate, which is a very popular on-premise solution for CI/CD. Unfortunately, this product does not support integration with GitLab Ultimate. It supports integration with GitLab online in the cloud, but not the on-premise version. I think it lacks usability for customers who are in military-grade secure, SCIF, air gap kind of environments and using GitLab Ultimate as an on-premise solution.

The scanning was not automated. I am doing manual scanning for my software images regarding the automated vulnerability assessments of Tenable.io Container Security.

I am talking about their technical support, and it is good. However, there are times when I am dealing with certain team members, and I believe it could be further improved upon.

If I have to rate their technical support from 1 to 10, I would rate it around six or seven.

Positive

I do not use the platform's risk analysis features.

It was easy to set up for the first time.

I visited your website and researched products like Prisma Cloud and Tenable.io some time back. I purchased Palo Alto Prisma for one of the projects, and for another one, I have already purchased Tenable Enclave Security and Security Center Plus. They are our partner, so we work with them, and I am still dealing with Palo Alto and Tenable. I cannot comment about Prisma because it has been quite some time since I have used it, so I do not know about the latest features.

Tenable.io Container Security is a good product.

I am currently using Tenable Enclave Security.

When I say metrics, I am referring to the vulnerability report that Tenable.io Container Security provides as the end objective. However, when I am trying to do it automated, I am not able to achieve automation because it does not support integration in my environment.

There is a good and bad aspect regarding how I measure the effectiveness and success of the solution. One positive aspect is that it is a microservice, so it is easy to install. The challenge with that is it does not support native Docker setup. Another issue is the PostgreSQL database which is included with this box has some feature limitation because of which I am not able to see the reports on the database. The scanning works, and I can see the report by logging to the box, but not on the database, so it is giving me some problems.

I have been a customer and a partner of Tenable. I have been working in the cybersecurity field for almost 13 or 14 years. I do not deal with the commercials regarding the pricing of Tenable as I am a pure technical person.

I would rate this solution an 8 out of 10.

Tenable.io Container Security has improved our security. 

The tool's most valuable feature is scanning, reporting, and troubleshooting. 

Tenable.io Container Security should improve integration modules. It should also improve stability. 

I have been working with the product for two years. 

I rate Tenable.io Container Security's stability a seven out of ten. 

My company has two to three users. 

Support doesn't understand the issues and cannot arrange resources per our time. 

Neutral

I rate Tenable.io Container Security's deployment a seven out of ten. You need two people to manage its deployment. The tool updates automatically after every 24 hours. 

We have seen ROI with the tool's use. 

I rate the tool's pricing a three out of ten. 

I rate the product a seven out of ten. 

My company has gone through the product named Tenable.io Container Security. Tenable.io Container Security is to help you out in a cluster environment, where you need to have containers like Docker or similar products and should be able to use them for production while also being able to avail some detection capabilities.

Tenable.io Container Security provides some constant improvements in the product. The best part of the product is that you can configure the policy as per your requirements.

Tenable.io Container Security needs a lot of improvement since it runs on DaemonSet.

Tenable.io Container Security's marketing areas and services are areas where improvement is required.

The stability and setup phase of the product are areas with shortcomings where improvements are needed.

I have been using Tenable.io Container Security for a few years.

It is not much of a stable solution.

It is a scalable solution. Scalability-wise, it is a good solution.

My company carried out Tenable.io Container Security's PoC phase for one or two customers so that they could compare it with other OEM solutions.

From the security side, at least two or three people are required to take care of the integrations related to Tenable.io Container Security.

The solution's technical support is good. I have observed that whenever my company faces any problem, the product's technical support team takes time to investigate the issue.

The initial setup of Tenable.io Container Security is a little bit complex.

If you have a bigger cluster or container environment, then the solution's deployment phase may take more than three months since you won't directly go for the solution's block mode. To start things in the solution, you will have to deploy it in SIEM mode, while the detection mode will provide you with visibility in accordance with which you need to take actions for production, which needs time. Regarding the time taken for deployment, for detection, it may not take more than a week, but in production, it may take at least three months to be completed.

For the deployment process, there are some scripts available along with some YAML files that you need to run on the cluster, specifically considering the cluster you want to focus more on before creating Tenable Cloud Security Console. After creating Tenable Cloud Security Console, you can proceed with the onboarding process.

The product does not operate on a pay-per-license model.

Tenable.io Container Security is a good tool.

I would tell those who plan to use the solution in the future that they need to reach out to the product partners while also looking at other solutions like Prisma Cloud and Sysdig and making a choice.

I rate the overall product a six out of ten.

Tenable.io CS helps us secure all our workloads in the cloud that are placed inside containers. It checks for misconfiguration and vulnerabilities at the container level. 

Tenable.io detects misconfiguration when you deploy a Docker or Kubernetes container. It's much better to remedy these issues during deployment instead of waiting until the container is already in the production environment.

They need to work on auto-remediation so it's easier for the security team to act quickly when certain assets or resources are deployed. The latest version has a CIS benchmark that you need to meet for containers in the cloud, but more automation is needed.

Asset visibility is also critical. While Tenable provides visibility into containers, it could be done much better. Compliance is one of the most crucial aspects of container security. It should be more customizable. For example, I would like a rating system where Tenable reports a risk score for each container based on user-defined metrics, such as severity, activity, or compliance. 

I have used Tenable CS for the last two years.

Tenable.io CS is pretty stable. I haven't seen many performance issues so far. 

Container Security is scalable because it's deployed on the cloud.

Deploying Tenable.io Container Security is straightforward, and we completed it in under two days, including the time we spent setting up the prerequisites. You can complete it in less time if you have the prerequisites in place already. You have to create an instance on the cloud within EC2 or wherever you plan to host the container, whether AWS or a private cloud.

We deployed it with a little guidance and coordination from the Tenable team. It's a cloud-based solution, so they need to make changes on their side and set up a tenant for the customer. Tenable products are mature and user-friendly, so you can deploy them quickly if you're familiar with the vendor. 

The price of Tenable.io CS is reasonable. 

I rate Tenable.io Container Security 8.5 out of 10. I have recommended this solution and all the Tenable products as a presales architect. 

Sometimes, you can have too many vulnerabilities. The solution shows you the exploitable vulnerabilities and helps you prioritize. It also allows you to check for license issues within your code.

The solution’s pricing could be improved.

I have been using Tenable.io Container Security for almost 12 months.

Tenable.io Container Security is a very stable solution.

I rate the solution ten out of ten for stability.

Tenable.io Container Security is a highly scalable solution. Around eight to nine users work with the solution in our organization.

I rate the solution’s scalability a nine out of ten.

The solution's technical support is quite good and very supportive. I rate the technical support nine and a half out of ten.

Positive

The solution's initial setup is fairly standard because there's documentation and support. I'm not saying the setup is 100% easy, but it's not difficult.

We implemented the solution through a partner. The solution's deployment took a few days, mainly because of our own internal processes. After getting a subscription, you log in and start working.

The solution's pricing is neither cheap nor very expensive.

We were able to integrate Tenable.io Container Security into our CI/CD pipeline. We were running on GitHub Enterprise. We could integrate and scan our pipelines and containers and automate that whole process. The solution's compliance monitoring capabilities are really good because you can perform compliance scans using a number of standards.

The solution was deployed on the cloud for us. Tenable.io Container Security has delivered significant financial and operational benefits to our organization. Compliance obligations are very important in financial services. The solution allows us to automate scans and perform many different types of scans across our environments, which is very good.

I would recommend the solution to other users because it is one of the top players. Tenable.io Container Security is a good tool for you if you want a tool that does most of the work for you.

Overall, I rate the solution a nine out of ten.

The company offers two solutions: Container Security, a product concentrated on scanning vulnerabilities in on-prem environments, and Cloud Security, a solution specifically designed for scanning container vulnerabilities in cloud environments. The latter includes options for integration with cloud services and DevOps pipelines.

Currently, I haven't implemented the solution due to its deprecation by the site. However, I can highlight some benefits of Tenable Cloud Security, a cybersecurity solution with various features for scanning vulnerabilities in both cloud environments and on-premises container security.

I believe integration plays a crucial role for Tenable, particularly in terms of connecting with other products and various container solutions like Docker or Kubernetes. It seems that in future updates, enhanced integration is something I would appreciate. Currently, there is integration with Docker, but when it comes to Kubernetes or other container solutions, it appears to be a challenge, especially with on-prem scanners.

It operates in the cloud, so there are no issues, and the service is always available. It's a cloud solution, and in my experience over the last four years, Tenable has never crashed. It's consistently reliable, scoring about nine to ten in terms of availability.

I'd estimate around ten to twenty customers currently using the product in my region. These customers vary in size, from larger organizations to medium and smaller businesses. When it comes to scalability, it depends on the number of users, and typically, I work with larger organizations that may have anywhere from five hundred to two thousand end users of the product.

They assist me every day, not just daily but several times a week, around three to four times. I handle support for both Tenable and clients, so I'm constantly connected to their support. Regarding their technical support, I find it varies. When dealing with L1 support, often from India or Asia, it's not very helpful. It usually takes escalating to L3 support for more meaningful answers after multiple tickets.

Neutral

I would rate Tenable 9 out of 10. 

We use this product for scanning the containers and the vulnerabilities. Many of our clients install it in the CI/CD platform on DevOps and when building their applications. We also used it for scanning purposes when the code was being built. It effectively tells us about the vulnerabilities that occur during the build phase.

It helps us secure our applications from the build phase and identify the weaknesses from scratch. In addition, it helps us understand the weaknesses in the code that we are creating and helps us secure the entire application's attack surface.

The most valuable feature is the protection and data it provides us. It allows us to understand the vulnerabilities and have a good database of vulnerabilities. It helps us provide recommendations on how we can remove those vulnerabilities.

The support is tricky to reach, so we would like better-oriented technical support enabled. The time it takes to get through the technical team could be improved. If we have an issue with the tool or something we don't understand, it takes a lot of time to reach the technical team. So they should include functionality that allows us directly connect to the technical team.

We have been using the solution for more than two years. We've worked on all three types of environments, on-premises, cloud, and virtual. I believe we are using the latest version.

It is a stable solution. The guidebooks provided are brilliant.

It is a scalable solution. However, it depends on all the approvals and operational considerations.

We have had some issues with technical support.

We have experience using regular vulnerability security platforms like Qualys and Nexus.

The best part about Tenable.io Container Security is that they have well-prepared guidebooks for their deployment. Initially, we had queries and questions about deployment, but after we completed it for one or two clients, it was easier for us.

The amount of people needed for deployment depends on the engagement and the number of applications. It is usually a consultant on one application, but an entire application security team is involved. On average, deployment takes around one or two weeks. No maintenance is required, but we need to ensure connectivity with the Tenable Portal. This ensures it updates whenever there are new updates or patches from the back end. Tenable.io Container Security is suitable for all companies.

I do not have details about the costs, but I believe the costs are based on the number of pages in the application. So it has a competitive price.

I rate this product a nine out of ten. I would recommend Tenable.io Container Security. One of the major advantages of being a consultant is that we have documentation readily available. It helps us with deployment and understanding how the product works.

The product is used to protect the applications in the container environment. It is used by customers that are more mature in their security procedures.

The strong security provided by the product in the container environment is its most valuable feature. It protects the applications for further development. It would be of great value to the end user.

Tenable is a well-recognized vendor in Brazil. It provides solutions to expand the security exposure of the corporation. The product is part of that strategy.

The initial setup is highly complex.

I have been working with the solution for two years.

The support provided by the solution is reasonable. It is not terrific customer support, but it works.

Neutral

I rate the product’s pricing a six out of ten.

People considering the solution must know exactly what they are looking for to protect their cloud and container environments. They should have a proof of concept to evaluate their needs against what the solution really offers.

Overall, I rate the product a seven out of ten.

We use Nessus Scanner for internal and external penetration testing activities. The tool in internal penetration testing activities is very useful, but requires regular updating of the patches which requires certain memory and RAM space in the installed server.

In order to finish a project, a pentester in our company has, on average, five days including documentation. Without this tool just the testing would take five days. By using Nessus, we are able to finish testing with assured results, in half the time.

Nessus scanner is very effective for internal penetration testing.

I feel that in certain areas this product has false positives which the company should work on.

They should also try to include business logic vulnerabilities in the scanner testing.

Finally, the vulnerability assessment feature should be increased to other hardware devices, apart from firewalls.

The product we use in our office under different environments is highly stable.

This product is designed for easy scalability and can scale up without major challenges.

We experienced very quick customer support. They had a complete list of our previous issues along with our history which made it faster for us to solve the issues.

It's a straightforward implementation. Once you receive the key, you need to enter the PIN number and, through the internet, it automatically detects the version and internet. It downloads packages seamlessly. One point to note here is that once the license is over, you can only access the completed files but you cannot initiate new scans.

It's best to be an institutional buyer and directly contact the sales team, as they can provide over-the-top discounts for bulk orders.

Qualys box, but it is bulky and difficult to carry everywhere. The benefit with Nessus is that it is in software format.

Try the Home edition of the product to understand the scanner settings. Note that packages are pushed for Home edition after seven days, whereas in the Professional version the packages are released on the same day of vulnerability declaration.