Tenable Security Center Pros and Cons

First thing is the dashboard is very informative and gives overview of crucial data such as System status, Scanner status, Plugin details and Repo statistics..

Scan zones allows easily congifure ranges of scope, and set scanner.

Managing of multiple scanners is not so complex. And Job queue feature is useful to monitor scans.

Configuration of policies and credential based scanning is very friendly.

Customer support was good at resolving any queries and with licensing issues. Review collected by and hosted on G2.com.

Well dashboard presents data well but UI design could be more interactive.

Scans are sometimes resource intensive. Review collected by and hosted on G2.com.

1- Compliance Scan using CIS Benchmarks for windows & Network devices for all major vendor that helps to stay in compliant with ISO 27001 and other Audit requirements

2- We can perform Vulneralbity and Compliance scan to get one report for both.

3- Nessus provides Large number of plugins and built-in reports that can be used in Dashboards and KPI Reports Review collected by and hosted on G2.com.

1- We have faced some issues during installation on appliance and it took a lot of time and effort from the tenable team to fix that issue. 2- Tenable product is excellent but requires improvement on

installation and integration with OS.

3- Tenable documentation is very complex and requires lot of

effort to understand ,how to fix the issues. Review collected by and hosted on G2.com.

Comprehensive Vulnerability Management:

Asset Discovery and Inventory: Automatically discovers assets in the network, ensuring a complete inventory.

Vulnerability Scanning: Leverages Nessus for thorough and accurate scanning of network assets for vulnerabilities.

Configuration Auditing: Ensures systems are configured according to security best practices and regulatory requirements. Review collected by and hosted on G2.com.

Provide lot of false positive observations Review collected by and hosted on G2.com.

The VPR feature is undoubtedly my favorite as it provides our team with the necessary tools to swiftly determine the significance of a vulnerability and how to prioritize it. The ability to manage both compliance and vulnerability risk, allowing us to maintain clean dashboards and categorize information meaningfully, has been invaluable. The dashboards have enabled us to create a wide variety of visualizations tailored to different stakeholders. The implementation was quick, and the support, especially from our local team, has been top-tier Review collected by and hosted on G2.com.

There are some very minor limitations in the dashboard features that do not always allow me to convey the exact information or trend that I want to. Review collected by and hosted on G2.com.

Tenable Security Center has been a great tool to use in our enterprise. We are on the tool daily to search and support our vulnerability management program. We have also had a great communication with a monthly cadence for support. It has been easy to use as we have learned the tool. There are a lot of things we use, including dashboards, assest lists, and queries. Review collected by and hosted on G2.com.

Sometimes we will that we could see more in the queries or when we are looking for something specific. An example is when we are pulling data and there is not a place to pull the OS with the other data. Sometimes certain add ons would be helpful to have it all in one place. Review collected by and hosted on G2.com.

Tenable.sc is basically the one-stop shop for everything Tenable, in an on-prem environment. Everything at your fingertips. The Admin side shows you the status of all your configured devices, Nessus Scanners and Agent Managers, Nessus Network Monitors, etc. In contrast, the User side gives you easy access to create and manage scans and all the parts that go into them with easy-to-use, intuitive templates. Review collected by and hosted on G2.com.

This is a hard question to answer. Tenable does a great job with its suggestions portal and addresses needs and wants in the tool fairly regularly. Anyone who has seen version 5.23.1 will agree it is probably one of the biggest leaps Tenable.sc has ever made. If I were forced to choose one downside, it would be more of a backend issue than anything else. SQLite...That is all I have to say about that. Review collected by and hosted on G2.com.

Tenable.sc reporting capabilities are excellent, way more robust than Tenable.io and others competitors like Qualys. The ability to connect multiple Nessus scanners to Security Center and manage them from there, plus being able to track progress with in the tool is a must to have. Review collected by and hosted on G2.com.

Working with multiple repositories can be difficult. At the same time when running agent scans some duplicated results can be found. I believe the latest version has a new repository called universal to help with this issues. Review collected by and hosted on G2.com.

Once a Compliance scan audit template is setup (XML editing is painful and takes the most wasteful effort, & we don't like at all), requesting a scan is easy. Review collected by and hosted on G2.com.

Having to manually update a very large population of XML audit files for similar control parameters (i.e. password length = 8 across the environment).

06.05.2023 - with recent updates your engineering team has not considered how we truly use the product or have not designed for ease of use. i.e. when generating reports in the Compliance module, multiple reports are generated for each scan... you literally have to select each one individually, download, then unselect and go select the next, you can not select multiple to download at once - the way you used to be able to. It's rediculous. Personally, I'm frustrated with your Tenable support telling me our audit files are "customized" because of us changing a password length from 12 to 8 and they classify it as a custom XML - and won't provide support unless I go to my account rep and complain. It's just not good customer service. You can do better. Your product could be so much better if you just listed to customers like me who use the Compliance module daily. Review collected by and hosted on G2.com.

Tenable.sc is a great upgrade for small and medium businesses that need a bit more trackability and accountability with their vulnerability management program. While Nessus can help you find and remediate vulnerabilities, it is difficult to track trends and assign accountability to those vulnerabilities. Tenable.sc provides built-in trending/reports/dashboards and a ticketing system for assigning vulnerability remediation tasks to specific users.

Nessus is fine for small businesses for visibility, but if you have to start complying with vulnerability management program policies Tenable.sc is a neccessity. Review collected by and hosted on G2.com.

Setting up Tenable.sc you have to take some best practices into consideration to get your asset lists and scans setup properly and most effectively. In addition, the learning curve of learning the dashboards and reports could be steep, but they do provide some decent training programs. Review collected by and hosted on G2.com.

Installation: Deployment of the central console (security center) and scanners is generally straightforward, with most deployment challenges stemming from either excessive network segmentation or difficulties in integrating specific technologies/products to enable proper scanning with the appropriate privileges.

Vulnerability Assessment: Dashboarding and over view part of the vulnerabilties Reported is very good. In dashboards it has customization where the assets group can be defined for dashboards view. Review collected by and hosted on G2.com.

Assets Scan: Assets Grouping part totally requires manual effort from Nessus Manager to Tenable SC , it should be a single platform oriented Vulnerability Management Application from Asset management to Vulnerability management.

Reporting tool: Reports are genreated default in the form of .csv which it self has limitation of charcters. Tenable Team Need to focus on report generation formatting.

Customer Service: When it comes for technical understanding and configuration, out of scope auto emailed sentences gets generated. Review collected by and hosted on G2.com.