Tenable Security Center Reviews

I primarily use Tenable for scanning and reporting.

Tenable's most valuable features are the credential scan, vulnerability reports, and vulnerability ratings (VPR).

Tenable has some problems with agents going offline during scanning and lag between agents and the security center. In the next release, Tenable should include automated patching and integration with SSCM so missing patches can be pushed from there.

Tenable is stable.

I'm satisfied with Tenable's technical support.

The initial setup was easy.

Tenable is open-source.

I would rate Tenable eight out of ten.

The solution is being used to assess Windows servers and ESXi servers, and VMware ESXi.

The most valuable features of the solution are the dashboards and speed of the test.

Tenable.sc is user-friendly.

The user interface can be improved.

I have been using Tenable.sc for a month.

The solution is stable.

The solution appears to be easily scalable.

Previously to using the solution the organization used Tripwire. The switch was made because Tripwire was not being updated often, the reporting was very bad, and the support was no good.

The initial setup was easy and took only two weeks to deploy.

The implementation was done through a consultant.

For 500 users the licensing fee is roughly $100,000.

I rate Tenable.sc nine out of ten.

I am using Tenable SC for vulnerability management and for the dashboards.

The most valuable features in Tenable SC are scanning and analysis.

Tenable SC can improve by making it easier to create complicated reports and have more effectiveness in the remediation area for comparison between the scans.

I have used Tenable SC within the past 12 months.

Tenable SC is stable.

Tenable SC support has been very helpful.

The setup of Tenable SC is easy.

I rate Tenable SC an eight out of ten.

Our primary use case for Tenable SC is its vulnerability scanning capability. 

I think the vendor training provided for Tenable SC could be a lower price. It's quite expensive for the training. 

I have been working with Tenable SC for 4 years.

The stability of the Tenable SC product is satisfactory. 

I find Tenable SC to be a very scalable product. 

The initial setup of Tenable SC is not unmanageable. 

With regards to the setup of Tenable SC, I would advise others to spend time using the module, get familiar with the product, and in addition read the manual that is provided. 

We primarily use Tenable SC for vulnerability scanning and did not evaluate other options. This meets our needs.

I would say there are approximately 30 users in our organization using the Tenable SC product. 

In my previous company, we were using both Tenable IO and Tenable SC. We had the on-prem and the cloud versions. IO was a cloud version, and SC was on-prem.

In my new company, they do use Tenable, but I'm not part of that team. They have the latest version.

I found the dashboard features very useful. It made it easy to track remediation progress. I could publish dashboards to remediation teams and track the progress on the dashboards.

The reporting side can be improved. The dashboards are nice, but exporting things out for reports for management was a little tough.

We had the on-prem version and the cloud version, and I wasn't a big fan of having different consoles. It would have been nice to be able to have all those features in the cloud version because on-prem is a little tough to manage.

I've been using it for about two years. I switched positions about six months ago, and at the moment, I am not using it. 

I find it stable.

It was pretty straightforward.

We had a consultant from Tenable with us.

I would rate it a seven out of ten.

We had a requirement to connect multiple branches into one console. We installed Nessus at multiple locations and then connected Nessus. We did the service scan and got the report on the central site with Tenable SC.

Previously, we were using Nessus, which required a lot of manual work in terms of reporting. We do a lot of customization, and Tenable SC has been very helpful. Reporting is just a click away in Tenable SC, whereas it used to take a long time to create a similar report and customize it in Nessus. 

Tenable SC is good for reporting and alerting. The filtering feature is also very valuable.

Its integration with multiple vendors is quite good. It can be integrated with SIEM solutions and PAM solutions such as Thycotic, which is very helpful.

There is not much room for improvement. However, there should be a guide that describes the step-by-step procedures for doing tasks. Otherwise, training is required from a senior guy to a junior guy.

Our usage is the same. Currently, no increment is required in terms of the license.

They are good.

We used to use Rapid7, but there were too many false positives. So, we switched to Nessus, but in Nessus, we faced the challenge of reporting. Nessus required a lot of manual work in terms of reporting. Tenable SC has been quite helpful for reporting. 

It is not straightforward. When you do integrations, it turns into a complex solution, but this complexity is required. If security is a priority, then complexity will be there for enterprise security.

It didn't take a long time. In one month, we were able to configure and run the reports. Everything was done within a month. We were in desperate need of such a solution, and this solution came. We already knew about integrations from the white papers and documents available on the Tenable website. They were very helpful. So, doing integration was not an issue. We did it without much effort. 

I was heading this project as a project manager.

It is a much better solution than other competitors. It provides almost everything that is required in terms of vulnerability management. If you are looking for overall enterprise security in terms of integrations and vulnerability management, you should go for Tenable SC or Tenable SCCV.

I would rate Tenable SC a nine out of ten. 

Essentially we use the solution to monitor hard devices on a network with it. That includes laptops, desktops, tablets, et cetera. I'm just using that to make sure that all of our patching is up to date.

The UI, the user interface, is really, really good. It's really simple. I started with no prior experience in vulnerability management and picked it up in less than a day, pretty quickly. It's very intuitive.

Their overall cost of service is pretty good. 

I've worked with my CS manager and with them a lot, and I'd say every case I've opened, they've reached out to me within two hours. They're pretty prompt in their responses and overall the company is really easy to get ahold of.

Scaling the solution is very easy.

The stability of the product is pretty good.

The biggest issue I have with the solution is when I'm using the scanning it picks up the original DNS of that device. That means, before we image it and actually change the DNS to something within our company structure, it'll just be random numbers and letters and Tenable will stick to that DNS for a long time. I'll be searching for a gallery or a laptop and I can't find it due to the fact that the DNS when it was scanned went in as something non-sensical, like M P X 23 Z. That's the biggest issue I have with it. it's some sort of strange glitch.

While I started using the solution in January of last year, the company itself has been on the solution for about three years or so.

The stability of the solution has been quite good. I haven't experienced any real problems so far. It's been a rather smooth proess.

Scaling the solution would be pretty simple. The process would require us to reach out to Tenable to get more licenses, however, that's a pretty simple process. Overall, it's pretty easy. Essentially it'd just be adding a list of all the new IPs into any asset groups that they would be involved in. I don't think it would take much longer than a week.

Technical support is excellent. They are extremely responsive and very helpful. We are quite satisfied with the level of support we've received from them.

I would give them a ten out of ten. They are very prompt and very knowledgeable. They are great at answering questions and walking you through anything step-by-step.

When I started, the company was actually in the process of revamping the solution. 

It was a two-day process and the company walked us through the entire thing. I had a Tenable engineer on-call with me for eight hours. It was a long process, however, it was easy as they were walking me through it, step-by-step.

When we did a recent re-vamp, Tenable was on hand to walk us through the entire process. We had a very positive experience with them.

I don't handle the billing and therefore don't have an exact idea of how much the solution costs.

We just renewed the solution and didn't look into any other product on the market before we did.

We are just customers and end-users of the product.

If a company does decide to implement the solution, I'd advise working with Tenable engineers during the process, and even afterward, in order to ensure everything is set up appropriately.

I'd rate the solution at an eight out of ten We've had a largely very positive experience with the solution so far.

I'm a pre-sales engineer and we are resellers of Tenable.

This solution is very customizable compared to everything else I've seen on the market, so you can easily customize it to suit your needs. There are a lot of templates you can use and you can install it pretty quickly so in one hour you can have your scanner up and running.

I think the company should redo their web page because the way things are now there are a lot of things you can't do. For example, if you want to filter something on the solution and have it filter down to all of your widgets, you can't do it, you have to go from one widget to the other. It takes some time if you have a big customer dashboard that's using some data. I think that the integration with a solution like Jira could be a little bit better for when you create tickets based on your vulnerability.

I know they are working on additional features related to the integration with the patch management like Qualys has, which is really amazing. This is the future and I know they're working on it. 

I've been using this solution for the past six or seven years. 

Usually the solution is stable but it can be a little bit tricky which I think depends on the kind of BME and the sizing used. I'd say it was 80%, 85% stable.

The solution is very scalable, it's one of the most scalable solutions that I've used so far, compared to Rapid7 and Qualys, it's very scalable. You can use it pretty much with anything, even if you start with 1000 IPs and scale up from 1000 to 10,000.

Technical support is very efficient and they escalate the tickets when you have a big issue. When you open a ticket, they respond within the hour and they're pretty quick to find the issue. If you have a bigger issue, you can set up a Zoom call with them and that's very helpful. 

I've used Rapid7 in the past and I've also used Qualys a little as well. I work with customers, so I go with whatever they want to use. 

The initial setup is very straightforward and quick. 

I would definitely recommend the solution but I would tell people that it requires dedicated staff. You need to have someone looking at what's going on when you scan and you need somebody to go through all the results, otherwise it just sits there.

I would rate this solution an eight out of 10.