Tenable Vulnerability Management Reviews

I use it to scan assets to evaluate vulnerabilities, define the risk, and create a resolution process for vulnerability management.

It has greatly impacted us by providing asset visibility, allowing us to know which assets have higher vulnerabilities and to calculate the risk for them. 

The return on investments is adequate since we need this vulnerability management, and without Tenable, visibility was not possible. It saved us time and improved our security.

The most useful feature in managing vulnerabilities is risk management.

It needs additional reporting and intelligence features, as well as enhancements in AI-driven detection, which is still in its early stages.

I have been working with Tenable Vulnerability Management for six years.

The technical support is fast and efficient, and I am satisfied with it. I would rate their support nine out of ten.

I worked with Qualys before Tenable. I find Tenable to be better due to its broader system coverage, better efficiency on discovery, and better capabilities of analysis.

If you have knowledge of networking and security, the initial setup is easy. If you don't, it can be difficult and you might make dangerous mistakes.

The return of investments is good enough as vulnerability management is crucial for us.

The pricing is expensive, and the cost depends on the number of assets. However, the cost is not the most important thing due to the value it provides.

I evaluated Qualys before using Tenable.

Small companies might find it difficult because of the knowledge required to drive vulnerability management successfully. If you lack that knowledge, you should contract the service.

I'd rate the solution eight out of ten.

We actually needed clarity on the vulnerabilities in our infrastructure. We used the solution to scan and make a report for us on what is vulnerable in our infrastructure and what is not, what we can improve and update, and what is good as it is.

It is a very, very user-friendly tool. To make some sense, you just need to put in your domain and click a button to scan and give you a piece of customized information about your infrastructure. It is very easy to use to schedule a scan, and it can consume a lot of CPU resources. So, you can schedule a scan between 1 AM to 3 AM, and it works very well for us.

I didn't work a lot with the solution. My experience was pretty smooth. I don't have any recommendations for improvement. Maybe it's because I don't use it a lot.

The only drawback of the solution is that it is expensive. The pricing should be kept lower.

I have experience with Tenable.io Vulnerability Management. I used it six months ago. I used it for two years. I am a customer of the solution.

It is a very stable product.

The setup is easy. Tenable.io Vulnerability Management is known for its ease of setup.

Tenable.io is not known for being a cheap product. You definitely can have another product that could be cheaper than Tenable.io. If you have a real concern with your budget, maybe another platform would be of interest to you.

You can find other tools that are way cheaper, with similarities to Tenable.io. I would say it may not be the same tool, but similar.

The solution's user interface was very good.

It's one of the best tools available for vulnerability management. I would definitely recommend the solution to those planning to use it.

I rate the overall solution a ten out of ten.

We can scan manual stuff through Tenable.io. 

We have a great view to create desktops also in Tenable.io.

Regarding vulnerability management, the web application scanning is okay. The assist agents are bringing more value to the product by getting the vulnerabilities addressed early with real-time response. This is better, rather than waiting for the scans to run or something like that.

The initial setup is not complex. 

It's a stable product. 

We can scale the solution.

The one drawback that we have found is the reports. We are still getting reports from Tenable.sc since the maturity levels on the reports are lacking. They need to improve the reporting in this solution. We just aren't seeing that many features or options.

I've used the solution for the past three years. 

The stability is good. I don't really have any complaints. It doesn't crash or freeze. There are no bugs or glitches. 

The scalability is good. I can't complain about its capabilities. 

We have four people who use it in our team. There may be others using it. However, they wouldn't use it in the same way.

We may increase usage in the future. 

Technical support is good. We have 24/7 support from them. There are some of sales managers who are the bridge between us and support sometimes. 

It's pretty simple to set up the solution. It's not overly complex. 

I don't have the exact cost numbers on tip of my tongue. However, I have some reports that are generated for us every fiscal year. I'm seeing probably around $120,000 spent. That said, I'm not sure of the exact cost for four or five people in our organization.

I'd rate the affordability of the product at a 3.5 out of five. 

It's a great product, and it brings more value with every improvement in the quarter. It's a mature product. Of course, the reporting could be better.

I'd rate the solution seven out of ten.

I was the manager of the vulnerability patching team in my company, and we would use it to go through everything, discover our network, find what vulnerabilities existed, and then use that for a work plan and assignments to decide who would fix what vulnerabilities.

In my company, with the help of Tenable Vulnerability Management, we could find all the things that we didn't know existed. It would be too resource-intensive to manually go into every device and figure out in which version of a solution the vulnerability exists, which is something that Tenable Vulnerability Management does for you.

The solution's most valuable feature is the product's vulnerability database, as it knows what to scan.

There is no good work assignment system in the product. Specifically, if an SQL patch needs to be applied, then that needs to go to the SQL team, but Tenable wants to assign the ticket to an individual and not a team.

The reporting was never great in Tenable Vulnerability Management, so, in my company, we imported all the data into Ivanti RiskSense to start using it for reporting.

I have been using Tenable Vulnerability Management for three to four years. I don't remember the version of the solution.

It is a stable solution. Stability-wise, I rate the solution a ten out of ten.

Scalability-wise, I rate the solution a ten out of ten.

I rate the technical support a seven out of ten.

Neutral

I have experience with another solution in the past, but I don't remember its name.

The product's initial setup was very straightforward.

The solution is deployed on an on-premises model and the cloud. With the endpoint in the product, everything was reported back to the cloud offered by Tenable.

I saw a return on investment from using the solution since I feel that finding the vulnerabilities is always much cheaper than dealing with a situation after your system gets hacked. In short, I would put it as insurance is cheaper than the fire.

In our company, we went through every other tool in the market and came down to Rapid7 and Tenable since they were the only two good options.

Network scans are very resource-intensive and can cause outages in some instances, which is a political and not a technical issue to solve.

I rate the overall tool a ten out of ten.

We use Rapid7 InsightVM and Tenable.io Vulnerability Management for similar purposes: a vulnerability assessment. At present, Rapid7 InsightVM is running in our IT infrastructure, while Tenable.io is running in our ICS and OT security, which includes our plants, premises, systems, SCADA systems, and PLCs. We usually find more vulnerabilities in these legacy systems, such as Windows XP and Windows 7, than in Rapid7 InsightVM. However, the use cases for vulnerability assessment are the same.

The solution is more user-friendly than Rapid7 InsightVM. A new user can easily understand the workflow, even if they are creating users for other divisions and the user is a beginner. They can easily use the system to get the data they need or fulfill their requirements.

I believe that Tenable.io is currently the best vulnerability management system. Compared to other vulnerability systems such as Rapid7 InsightVM, I find Tenable.io to be one of the best. However, Tenable.io lacks a platform to exploit or test the vulnerabilities it identifies. For example, if I identify a critical vulnerability, I cannot use Tenable.io to determine the risk of exploitation. Unfortunately, Tenable.io does not have a platform to test this.

The initial setup is complex and has room for improvement.

I have been using the solution for five years.

The solution is stable.

The solution is scalable.

After deploying Tenable, I spoke with the technical support a maximum of two or three times. They are very knowledgeable and know their stuff well. We always received immediate support from them.

The initial setup can be difficult. We need to configure the case. If we are starting from the beginning, we need to set up each IP range and make sure our firewall covers it. We also need to whitelist the Tenable.io IPs. This initial setup can be challenging.

Compared to other VM solutions, Tenable.io Vulnerability Management is expensive.

I give the solution a nine out of ten.

If we are using the solution for the first time, we should be sure to understand what aspects of the target we are trying to use Tenable.io for, such as what kind of information assets we have, whether they are general devices or specific devices, or if they are deployed in the DMZs. This way, we can ensure that we get the desired results. Therefore, before logging in or implementing Tenable.io for the first time, new users should be sure to have a good understanding of their requirements.

We use this solution to scan our network to try to identify all our assets. It is very good at finding all assets depending on how you program it.

The vulnerability management itself is the most valuable feature as well as references to mitigation techniques.

The user interface could be improved by being able to change the user interface to fit your position or your job. The graphs are set in stone and you can only print reports. 

I have been using this solution for seven months. 

The stability of this solution is good. The application is always available and you can also set the scans to not take up too much bandwidth.

The scalability all depends on how much you want to spend. If you have 10,000 assets you want to scan, you'd have to pay for that. It is very easy to scale up or scale down, but it's going to cost you.

I would rate their support ten out of ten. 

Positive

It has a steep learning curve but Tenable does offer free courses for beginners and paid courses to become a specialist. This assists with the ease of setting it up. 

The total cost we pay for this solution is over 45K. This is for a large education organization. 

I would advise others to take the courses provided and then to play around with the solution. This will speed up learning as this solution has a steep learning curve and can be intimidating at first.

I would rate this solution an eight out of ten due to not being able to change certain parts of the user interface. 

I would rate this solution an eight out of ten. 

The product operates on a license-based model, where you purchase a license based on the number of IP addresses you intend to scan. For example, if you purchase a license for 50 IP addresses and your network has 200 users, it will only scan for those 50 IPs. You can gain visibility into all IPs within your environment, including subnets with a full license. Also, you can geographically segment your scanning targets based on the number of IPs allocated for each location.

The product is very friendly. It is easy to manage. Most of the information the tool provided was correct and helped to further investigate the vulnerability and its impact.

The most important feature is network scanning.

The solution’s pricing could be improved.

I have been using Tenable Vulnerability Management for one year.

I rate the solution’s stability an eight out of ten.

The solution is very scalable. It allows you to adjust according to your needs. You can add more features if you wish to purchase additional tools.

The initial setup is very easy. To deploy, run the setup command, and then it can deploy on your Linux and Windows platforms. I did it by myself.

The product is expensive but manageable.

I recommend the solution. Although, it varies from person to person experience. Rapid7 users can use free tools. I'm very satisfied with the product.

Overall, I rate the solution an eight out of ten.

We use the tool to find loopholes in the system.

The product fulfills our needs. It gives reports and finds vulnerabilities in our system. The product is easy to use. It is easy to integrate the tool with other products.

The solution must be promoted more in the market. It will make the customers more aware of the product.

My organization has been using the solution for a month.

The tool is stable.

Around 20 people use the product in our organization. We have one to three administrators. We are most likely to increase the usage of the product in the future.

It was easy to deploy the solution.

The tool is reasonably priced. There are no additional costs associated with the product.

I have known the product for some time. So, I implemented it. Overall, I rate the solution an eight out of ten.