Kenna does many things well but didn't suit our needs
What do you like best?
I really like the risk reporting and the ingestion of threat intelligence. I also like the integrations. The ability to link directly to the Risk Meters is nice and helps when sharing data with engineers. I also like the child risk meters aspect.
What do you dislike?
I did not like how limiting the dashboard features were. I also do not like how they treat vulnerabilities as actionable items rather than fixes. It doesn't do any good to inflate an issue that has one fix with multiple hits. Also JIRA integration doesn't work for us. Another issue is that Kenna is not certified to hold FedRAMP or DoD IL4 data so we have multiple processes for dealing with data that isn't able to go into this system.
Recommendations to others considering the product:
Make sure tagging is correct.
What problems are you solving with the product? What benefits have you realized?
Automation is the best aspect. Data is aggregated already. This also helps with us no longer having to sign into mutliple tenable accounts to access the data. All of it is available in one location. When I'm doing reporting I use the "Link to this view" option to change my hyperlinks to instantly go to this view.