Cisco Vulnerability Management (formerly Kenna.VM) Pros and Cons

Being that I know our object environment very well and am very proficient in the PM process at our company this tool will allow me to see what our INFOSEC team sees so we can work from the same application and not try to decipher two applications for the same issue. I now have a tool that allows me to render issues as qualified or to associate them to our normal patch process. Since I now see our patch process and their vulnerability discovery I can assess issues much quicker and with better clarity. Review collected by and hosted on G2.com.

So far I have no issues as the Kenna application is quite informative. As I use it more I may request certain views that I cannot create myself. Review collected by and hosted on G2.com.

Kenna is easy to use and to understand. It's perfect to show to the team leader or the business the risk connected to vulnerabilities for therir applications. Also it allows to prioritize vulnerability and show how a fix can reduce the overall risk of the applications. Review collected by and hosted on G2.com.

Some integrations are not present and, even if kenna as some api, not always it's easy to import data in it and correlate them with the one in the platform (the risk score may follow different scale) Review collected by and hosted on G2.com.

The user interface of Cisco Vulnerability Management stands out as one of its features. Even individuals who are new, to vulnerability management will find the platform intuitive and easy to navigate. This is particularly advantageous for teams with varying levels of expertise.

The solution excels in assessing risks ensuring that vulnerabilities are prioritized effectively. Doing it helps organizations focus on addressing the critical issues first improving their overall security posture.

Another notable aspect is its integration capabilities seamlessly working with tools and platforms. This feature streamlines vulnerability management. Provides a view of an organization's security landscape.

Furthermore, the platform offers insights, into vulnerabilities by providing remediation guidance and suggesting practices for mitigation. This assists security teams in making informed decisions. Review collected by and hosted on G2.com.

Cost Concerns; While Cisco Vulnerability Management offers a variety of features the pricing may pose limitations, for organizations or startups. The pricing structure might not be as flexible compared to competitors.

Steep Learning Curve; Even though the interface is user-friendly setting up the solution and fully grasping its features might require some time and effort. Proper training and onboarding are essential to unlock its potential.

Customer Support Experience; Although customer support is generally responsive there may be delays, in addressing complex or unique issues. It would be beneficial to have a response time and customized solutions in cases. Review collected by and hosted on G2.com.

A clutter free minimal dashboard which shows a brief information on your assets, vulnerabilities and also possible fixes for vulnerabilities. Moreover, the dashboard shows quick visible links to filter based on easily exploitable vulnerabilities, popular malwares etc. Such filters are easy to use for a novice user as well as a person with limited tech knowledge. To add, there are custom query filters to search assets based on tags as well as check boxes to filter the vulnerabilities based on status for e.g. open, closed, ports, classification etc. Review collected by and hosted on G2.com.

Search, asset filteration, tool tips can really help understand new users who have no prior background of vulnerability identification & removal. Tutorials, links to documentation or security terms and practices can be included. Moreover, the UI can be little more simple, viewable for an intuitive UX Review collected by and hosted on G2.com.

When I started at my company, our team had several serious security vulnerabilites. By utilizing Cisco Vulnerability Management, we're now recognized as having the most secure environement company-wide.

Cisco Vulnerabiliy Management gives our team threat vulnerability detection, prioritization, tracking, and even recommended steps to remediation.

I can't imagine where our team would be without it. Review collected by and hosted on G2.com.

I've noticed that when I am viewing a group and click the Fixes tab, if I click on the number of assets affected by a vulnerability, I am unable to then hit the back button to return to the group view. This is frustrating. Review collected by and hosted on G2.com.

All vulnerability are properly arrange w.r.t to VMs which helps a lot.

It is easy to use as you can filter your requirement with queries.

We use it a lot and it helps us sort out our vulnerability issue.

Haven't had need to contact customer supoort but that i guess is a good thing. Review collected by and hosted on G2.com.

The report generated to be made a bit more user friendly to read. Review collected by and hosted on G2.com.

Easy to manage vulnerability using Talos and response to vulnerable threat on time. Easy configuration and onboarding process which has reduce our system risk. Integration with Cisco XDR help expedite incident response time. Review collected by and hosted on G2.com.

I feel that the analyzed report has is not detailed enough to feed all the need to measuring the threat and vulnerability. Review collected by and hosted on G2.com.

A single pane of glass to get an overall view of the risks in my environment. Review collected by and hosted on G2.com.

Filtering vulnerabilities by CVE does not give me the result expected. Review collected by and hosted on G2.com.

The Kenna tool is really helpful for us. It finds security risks and gives us a list. The best part is, it also giving soltions to fix these risks. This makes our work easier and quicker. Review collected by and hosted on G2.com.

The tool could be better if it had more filter options. This would help us quickly find issues related to specific areas like applications and infrastructure. Review collected by and hosted on G2.com.

Cisco Vulnerability Management (CVM) does allow a subscriber to segment security issues by either device type or vulnerability making it easier to see what a the significant risks are that require remediation. The risk meter paradigm allows administators the ability to provide other IT groups a simple way to track and address their specific risks. Review collected by and hosted on G2.com.

The CVM platform has issues with holding settings when marking specfic vulnerabilites as either false positive or risk accepted. The latter somes disappear and need to be re-entered. Also my experience has been that CVM has issues correlating assets being imported causing duplication of assets and wide swings in overall asset counts. Finally, helpful support for the product is almost non-existent. If you can't find the answer in the knowledge base and try opening a ticket it takes days sometimes weeks for a response and then its only to send a link. Review collected by and hosted on G2.com.