Tenable.io is the industry’s most comprehensive risk-based vulnerability management (RBVM) platform, enabling you to:
– See all assets and vulnerabilities across your entire attack surface—including cloud, OT and container environments
– Predict what matters by understanding vulnerabilities in the context of business risk, as well as the criticality of affected assets
– Act on each high priority vulnerability to effectively manage risk, and measure KPIs to effectively communicate effectiveness
Legacy vulnerability management tools weren’t designed to handle the modern attack surface and the growing number of threats that come with them. Instead, they’re limited to a theoretical view of risk, leading security teams to waste the majority of their time chasing after the wrong issues while missing many of the most critical vulnerabilities that pose the greatest risk to the business.
By taking a risk-based approach to vulnerability management, Tenable.io enables security teams to focus on the vulnerabilities and assets that matter most, so they can address the organization’s true business risk instead of wasting their valuable time on vulnerabilities that have a low likelihood of being exploited.
Tenable delivers the most comprehensive risk-based vulnerability management solution available to help you prioritize your remediation efforts, so you can take decisive action to reduce the greatest amount of business risk with the least amount of effort.
Michael N.
Advanced user of Tenable.io
★★★★★
Tenable is easy to run with a clean interface. A bit of setup is required at the beginning.
What do you like best?
The UI is clean and easy to use. I like the dashboards that show me where to target first. Having a agent running on devices is really nice to ease the demand on the network. I like being able to set up multiple scanning nodes, but I wish some of this was automating and prioritized using the resources in the best way. I also liked being able to learn more about the defects (both the device and the vulnerability itself).
What do you dislike?
I wish it helped me with me next steps with recommendations for what to do next. Installing the agent was hard for our team using SCCM and slowed down the deploy/scans. Lots of manual work to create the scans so they do not overlap with the agents or other scans. I also didn't know how to best configure the scans so they had enough time to run. It also seemed like the reports were not as helpful/actionable for a organization of our size.
Recommendations to others considering the product:
Have the team help you though the implementation so you can get up and running right away.
What problems are you solving with the product? What benefits have you realized?
Scanning devices to create a CMDB and also find vulnerabilities. I had a hard time integrating into service now without buying additional features or consulting. Scanning the data was helpful, but I need and easy way to mass patch. It seemed like SCCM was not a good solution for this.
We have been able to create a CMDB and upload it into service now, but we have not been able to patch the vulnerabilities.
Review source: G2.com