Tenable Security Center Reviews

I primarily use Tenable SC for vulnerability management i.e. to detect vulnerabilities in servers, workstations, and some IoT, produce, prioritize, and validate a mitigation strategy, and keep the mitigation on track so the CISO can detect changes in the posture. 

Tenable SC's most valuable features are the low number of false positives and the strong capability of providing prioritization for the vulnerabilities detected.

Tenable SC could be improved with additional connectivity to external company postures and the capability of managing and sustaining agents in the systems directly without additional platforms in the middle.

I've been working with Tenable SC for seven years. 

In seven years, we haven't had any problems with Tenable SC's stability. Sometimes a specific update doesn't feed exactly as expected, but the problem is always covered quickly by Tenable, and with a stable version, it's very, very stable.

Tenable SC's system can be multiplied by different installations and have on-top management and a single pane of glass. So it can scale with only one system - almost to half a million assets. And with multiple systems, we can have more than a million assets without problems.

Tenable's American technical support is excellent, though the European version is not quite as good as it takes longer to provide the right information.

Positive

The initial setup is very, very easy, even with the on-prem version, and depending on the customer's size and the complexity of the infrastructure, it can be done in one day.

Tenable SC can cut manpower costs on manual scans and analysis by more than half within one or two years.

Tenable SC is priced per asset, with the basic solution starting around US$12,000 for 500 assets. There's an additional cost for advanced support.

Tenable SC is suitable for medium and large companies, but it's not feasible for small ones. If you're in the US, I advise buying services from Tenable to implement the system instead of trying to implement it yourself. There are always some tricks that come with knowledge of the product that will make for a faster and better installation. Similarly, if you're in EMEA or Asia, please choose a good integrator. I would give Tenable SC a rating of nine out of ten.

It's a management tool. We are more scalable with the Tenable.io product. They are a security vendor with more than one cloud level. Now there are multiple products in my area.

It adheres to advanced security standards. It's mostly geared towards on-premise solutions rather than cloud-based ones. Many enterprises create views solely for internal units and prefer using internal tools without relying on external ones. It is chosen for its comprehensive system-wide solution. It continuously updates its sources to maintain current solutions. Security and confidentiality are top priorities; they avoid external leaks of information. Despite the misconception that such tools are primarily for cloud environments, Tenable manages its systems internally. This makes it a highly valuable asset in the field of data centers and database security, leveraging its own data centers effectively.

They have their own servers and prioritize trust. They address every compliance concern and offer options for automated and manual assessments. Tenable Security Center supports a wide range of applications and servers, capable of comprehensive scanning and handling of vulnerabilities. It can scan against the CI benchmark and provides standard dashboards for general product monitoring and scanning.

They are not currently handling call flows properly. Some call flows are being deleted from the registry but still show as active. Support is also lacking in onboarding properly in this area. This issue causes confusion and reflects poorly on their service. 

I have been using Tenable Security Center since 2014.

The solution is stable.

It is scalable for management in the market, compared to other products.

The initial setup is not easy because everything is on-premise. We need to enable specific ports for the engineering product, which are critical for internal purposes and cannot be easily changed. This complexity remains confined to the client side, where applications may require reboots.

Another issue arises with scanning and agent communication. While some agents communicate effectively with the Security Center, delays occur when numerous users access the service simultaneously, impacting real-time updates.

Managing involves two scanners and one dedicated server, requiring a week for proper setup and two personnel to maintain the system effectively.

While some clients focus solely on developing large-scale software solutions, the industrial sector is vast. Industries such as manufacturing and green technologies prioritize systematic design, maintenance of accounts, blueprints, and business identities—all of which necessitate robust data security. The investment in securing their data is crucial, ensuring that sensitive information remains protected from potential threats. Monitoring and documenting activities through systems like gateway or dedicated servers help management stay informed about ongoing operations and potential risks.

For enterprise customers, it's acceptable. However, for smaller enterprises or businesses, the budget may be too restrictive to consider such extensive solutions. When proposing to small-scale industries, they often show disinterest even when we offer a POC or trial. This reluctance is primarily due to cost considerations, which larger enterprises can manage more easily.

Tenable supports integrations with tools like Jira and Symantec, which are relatively easy to implement. However, when it comes to other cloud services beyond AWS and Azure, such as Oracle, support is less robust. Personal or niche cloud platforms may not receive adequate support.

There's a significant distinction between agent-based and non-agent-based approaches in Tenable's solutions. Agent-based scanning requires installation akin to antivirus software on servers, whereas non-agent-based methods operate differently. This difference impacts reporting and usability, particularly evident in Google Cloud environments where agent-based scanning is mandated.

Accessing and managing Tenable is straightforward for administrators, but specialist knowledge may be necessary for certain configurations or troubleshooting. Small-scale businesses implementing Tenable Security Center may find it cost-prohibitive compared to Tenable.io for cloud solutions, which offers more affordable options and promotions.

Overall, I rate the solution a nine out of ten.

I use the solution in my company for vulnerability risk assessment, and we are quite happy with it.

The tool's initial configuration is not so easy. The hardware requirements related to the tool need to be better because we need a lot of memory to achieve speed in the solution. If our company needs to react at times, we need to upgrade more memory in the hardware. In general, Tenable Security Center is a very good solution according to me.

I have been using Tenable Security Center for six months. My company works in partnership with Tenable Security Center.

Stability-wise, I rate the solution an eight out of ten.

Scalability-wise, I rate the solution an eight out of ten.

I use the solution for quite a huge amount of computers in my company, and I see that its scalability is quite nice since it offers an unlimited number of scanners, so I think it's ready for big enterprises.

In the Czech Republic, the tool is mostly used by medium and enterprise-sized businesses consisting of 1,000 to 15,000 users.

I rate the technical support a nine out of ten.

Positive

I have previous experience with Tenable Security Center's competitive solutions, and now I see why Tenable is okay.

I rate the setup phase a six on a scale of one to ten, where one is difficult and ten is easy.

The solution is deployed on the cloud and on an on-premises model, but our company mainly relies on the latter.

The solution can be deployed in a few hours since you need to download the tool's initial package, which is quite big, but once it is done, the deployment process becomes really fast and can be done in 20 to 30 minutes.

I rate the solution's price as seven on a scale of one to ten, where one is cheap and ten is expensive. The tool is quite expensive.

I don't use the product for compliance support.

In terms of the product's valuable feature for threat detection, I would say that the solution's reporting overview in the dashboard is nice. The prioritization of vulnerabilities in the tool is very nice.

The real-time monitoring capabilities of the product are very useful for our company, as they help us to be more in control and interact more actively.

The tool's dashboard and reporting capabilities match our company's needs since we are able to modify the basic view to create a new dashboard, and it works out very well for our needs.

Speaking about how Tenable Security Center's integration capabilities with other tools have affected our company's security operations, I would say that I have very little experience with the integration part, but from what I can see in the product's documentation and description, it can be really well-integrated with a lot of systems, like service desk in ServiceNow and other security vendors, which is good for our company. I can say that the integration capabilities of the product are good.

I would definitely recommend the product to those who plan to use it.

I rate the tool a nine out of ten.

Tenable.sc customers use when they need a complete in-house vulnerability management environment. It enables you to identify the applications and infrastructure within your organization, giving you greater control over your environment. Tenable.sc isn't on the cloud. Tenable.sc is deployed on a private cloud and used when regulations prevent keeping things on a public cloud. Two of my customers are using it currently. 

I like Tenable.sc's analytics and reporting. You can also configure your on-prem network monitors to talk to your Tenable.sc control panel.

I have used Tenable.sc for two years. 

The stability depends on your environment. It is typically stable, and I have not experienced any kind of issues. 

Tenable.sc is scalable, depending on your on-prem environment and how it is configured. You can scale as far as your configuration allows. 

I get the standard support that comes with all Tenable licenses. There isn't specialized support for Tenable.sc. It's decent.

Deploying Tenable.sc is highly complex because it's an on-prem solution, whereas Tenable.io is cloud-based, so you can go live as soon as you log in. Tenable.sc involves significant integration with other on-prem solutions, and the deployment takes about two to three weeks with the help of a system integrator

You need to set up your environment, including VMs or a physical server. If you have data centers spread across multiple sites and regions, you need to deploy a specific JPS at every location so the data can pass through the gateway and be captured in the central console on a private cloud or on-prem data center.

I rate Tenable.sc seven out of 10. I typically recommend Tenable.io instead, but Tenable.sc is an option if data regulations require you to use a private cloud or on-prem infrastructure. 

We use Tenable SC for internal vulnerability scans with agents, and agentless scanning in the cloud. For example, we're scanning the AMI in the cloud and making it part of the base image.

The most valuable features of Tenable SC are scanning, reporting, dashboards, and automation.

Tenable SC can improve by adding more integrations with HCI-type tools and more accurate vulnerability detection.

I have been using Tenable SC for approximately three years.

Tenable SC is stable.

The scalability of Tenable SC is scalable.

We have more than 10,000 people using this solution. We are using the solution extensively.

The support from Tenable SC is good.

I rate the support from Tenable SC a four out of five.

We previously used Qualys.

The implementation of Tenable SC is straightforward. It took us approximately two to three months to complete.

I rate the initial setup of Tenable SC a four out of five.

We did the implementation of Tenable SC in-house. We used five or six staff members for the process and we did most of it through automation. We have engineers, managers, administrators, and product managers assisting.

I would recommend this solution to others.

I rate Tenable SC an eight out of ten.

The usability is really good. It's very intuitive and any person can use it, you do not have to be an expert in vulnerability analysis. It's very easy to use and a good platform. 

In regards to additional features, I would say make it a little bit simpler. There are different menus for downloading reports that could just be a click and download. Right now, we have to go to the scan and then we have to go to the reports and download the Excel or CSV or PDF. I think these menus and clicks can be minimized.

We have had Tenable SC for the past year.

It is very stable. We have not had any issues.

It is scalable. You can add the scanner in. At present, we have five people working with it at our organization.

The technical support is fine. They're prompt and we've had no issues with them.

Neutral

It was super easy, not complex.

We set up a consultant to help with deployment and the full process took around a month.

Compared to other companies or other products it could maybe be a little bit less, but the price is okay. I would say it's not very expensive.

I would rate the solution as a nine out of ten. 

Tenable Security Center is aimed at IT environments. It can receive vulnerability information from Tenable OT and integrate it into a unified report covering both IT and OT environments.

The BPR prioritizes vulnerabilities. The ARCs and compliance reports are very helpful in complying with regulations and standards.

The valauble feature is compliance reporting system.

It does not natively support industrial protocols needed for OT environments. The reporting system is very powerful, though it could be more user-friendly for creating custom reports.

I have been using Tenable Security Center as a partner for five years.

It's very stable.

I rate the solution's stability an eight out of ten.

We cater the solution to medium and enterprise. We haven't seen issues with scalability.

I rate the solution's scalability an eight out of ten.

Deployment takes probably a couple of days. it can either be done for one person.

It requires the installation of its tools and console server, which can be either virtual or physical. You need to activate the licenses and update the tool for the latest plugins. Typical deployments may involve multiple scanners linked to the main console, depending on the customer's network. Additionally, customers might need to deploy agents which require a separate Center manager machine. While, there is a lot to set up, it can be done within a couple of days.

I rate the initial setup an eight out of ten.

It's very affordable.

Continuous monitoring is essential because new vulnerabilities are discovered every day, and even existing vulnerabilities can evolve. As new malware emerges, a vulnerability that seemed minor today might become critical tomorrow. The malware, and malicious activities are constantly changing. 

We cannot rely solely on the hardware or servers required to run Tenable Security Center because it is an on-premise solution.

It provides essential tools for vulnerability management and operates on-premises. This allows customers with requirements or audio restrictions to run Security Center on their premises. Additionally, the reporting system is highly advanced, and the compliance dashboards are extremely useful for meeting regulatory requirements. For example, banks and financial institutions prefer Security Center due to its robust reporting capabilities and on-premises operation.

I advise them to look into Tenable Security Center instead because it not only provides vulnerability management but also include other modules of Tenable, such as Tenable Identity, Tenable Cloud, etc. This allows for a single pane of view for the entire company, covering more than vulnerabilities and offering a comprehensive.

Overall, I rate the solution a nine out of ten.

I primarily use this solution for vulnerability assessment on the assets that we have. This includes servers, network equipment, appliances, routers, firewalls, and switches. 

Before, we did manual management of our assets. We have an EXO file that has all our assets in it. They have the IP address and all the details of each equipment. We manually enrolled those assets to our vulnerability scanning tool for them to be scanned on a monthly basis and check what new vulnerabilities they may have. With the  Security Center, we are able to automate. We were able to automate how we enroll our assets in the Security Center, and the scheduling of when we scan each asset, and how we report them to respective system owners. We are trying to use it as a channel of a self-service platform to the system owners or system administrators. It helps to access the Security Center for them to review the vulnerabilities that the equipment or the servers may be assigned or under the domain.

We really love the Security Center dashboard. It performs vulnerability scanning and then outputs vulnerability data. When you are working with one, two, three, up to 10 IT pieces of equipment, managing the vulnerability data would just be fine, but when you are managing assets across an organization of 10,000+ employees, you have a really hard time normalizing those vulnerability data. The dashboard helps us out to map what things need to be prioritized, what is our current threat landscape and what would be the latest threats that we have in our network.

One of the challenges that we may have experienced with that platform would be the flexibility of how to modify or create. They have this configuration compliance audit function, so if ever an organization has their own configuration standards that should be set on their servers, you have to modify those plugins in Tenable for it to match the specific values that you are looking for when you perform the configuration assessment on your equipment. It is a small challenge because it uses regular expressions on their plugins and so we are having a hard time either creating a blank template from scratch. We usually base our compliance audit plugin on an existing one and then modify the values or describe whatever is not up to our standards. A good plugin editor is an additional option for the Security Center.

Whenever you have a vulnerability scan running of  5000 IP addresses all at the same time running, it tends to keep resources on the Tenable server itself, a huge amount of CPU and memory. Right now, it's still goes up, but at least it's below the threshold, which I think would be 73% or 75%.

As long as you can buy the license, you can easily add up until you need an additional scan engine.

We previously used Qualys Virtual Scanner Appliance.

Setup is easy as long as you have the right hardware requirements. The deployment took about a week. We used two network guys, two system admins, one application admin, and two security admins to implement the solution.

The longer process was on the hardening part of the components of the servers. We had to install everything on servers, all the dependencies, all of the software that Tenable needs, including the Security Center itself, and then once everything is installed, meaning everything is locked down, no other software is needed to be added to it. We performed a patch check and configuration checks on it to see they have met our standards. After that, we requested the connectivity performance from our firewall team and performed discovery across our network, if it will be able to see all the systems or all the IPs or all the networks that we have in our network. That would be one of the long processes that we took since there were a lot of different network segments that each engine or each Tenable component will pass through. We had to look for each one, just to make sure that we have the full coverage of our network.

We're able to save because we don't have to employ more staff members to help with the scheduling of the scans, running the reports or sending them out to the system owners. That alone is a big ROI. A massive security breach would cost us a lot. This is a preventative measure worth our investment.

Before, just preparing the monthly scans alone would take us about two weeks to set up. Then, we would have to wait for at least another two weeks for those assessments to be done, for the scanning to be done, and then it will take us about another two weeks to generate the report before we can send them out to the system owners. That's the reason why those were our main drivers, as well, for us to push the use of the Tenable Security Center as a self-service platform to the system owners. The quick turnaround time in terms of generating reports and sending them out to the respective system owners is significant.