We just raised a $30M Series A: Read our story

Tenable.io Vulnerability Management OverviewUNIXBusinessApplication

Tenable.io Vulnerability Management is #6 ranked solution in top Vulnerability Management tools. IT Central Station users give Tenable.io Vulnerability Management an average rating of 8 out of 10. Tenable.io Vulnerability Management is most commonly compared to Tenable SC:Tenable.io Vulnerability Management vs Tenable SC. The top industry researching this solution are professionals from a computer software company, accounting for 27% of all views.
What is Tenable.io Vulnerability Management?

Tenable.io Vulnerability Management provides the most accurate information about all your assets and vulnerabilities in ever-changing environments. Available for cloud or on-prem deployment, Tenable.io features a streamlined interface, intuitive guidance, and seamless integrations that help security teams maximize efficiency. When visibility and insight matter most, Tenable.io helps you truly understand your Cyber Exposure.

Tenable.io Vulnerability Management Buyer's Guide

Download the Tenable.io Vulnerability Management Buyer's Guide including reviews and more. Updated: November 2021

Tenable.io Vulnerability Management Customers

Global Payments AU/NZ

Tenable.io Vulnerability Management Video

Pricing Advice

What users are saying about Tenable.io Vulnerability Management pricing:
  • "There are additional features that can be licensed for an additional cost."
  • "The solution is not too expensive."

Tenable.io Vulnerability Management Reviews

Filter by:
Filter Reviews
Industry
Loading...
Filter Unavailable
Company Size
Loading...
Filter Unavailable
Job Level
Loading...
Filter Unavailable
Rating
Loading...
Filter Unavailable
Considered
Loading...
Filter Unavailable
Order by:
Loading...
  • Date
  • Highest Rating
  • Lowest Rating
  • Review Length
Search:
Showingreviews based on the current filters. Reset all filters
JimKootnekoff
President and CEO, Founder Executive at SecuSolutions Co., Ltd.
Real User
Top 20
Very mature and quite stable but could use a better user interface

Pros and Cons

  • "They are on a good trajectory as a company and investing in R&D in the right ways."
  • "The solution seems to focus too much on enterprises, and they really need a product that works for SMBs."

What is our primary use case?

Primarily we're a partner of Tenable and what we've done is we've essentially created a middleware. We created a middleware on top of Tenable.io engine, the API, and the middleware was developed back in 2003. It has gone through about three different iterations since then. 

Essentially, we simplify their user interface. It's been designed so that the managed service providers, the MSPs, are able to use the Tenable system with our interface on top. In a sense, what we've done is dramatically dummied down the Tenable interface through the use of our own GUI. We connect to the Tenable API in the backend, however, they're doing the heavy lifting, so to speak, and we're just presenting the information in a much more logical, easily understood manner. 

What is most valuable?

The API is pretty good.

The solution works well for enterprise-level organizations.

They're a standup product. They really are. They're one of the first in the industry which means they're a quite well-established site. It's pretty hard to improve upon. 

The initial setup is pretty straightforward.

They are on a good trajectory as a company and investing in R&D in the right ways.

The stability is excellent. 

The scalability is pretty good.

What needs improvement?

The solution seems to focus too much on enterprises, and they really need a product that works for SMBs. The enterprise product is too expensive for smaller companies, however, they really are looking for a product like this in the market.

It's too technologically advanced for SMBs - Tenable is kind of a little bit like flying a 747. There's a lot of bells and whistles and switches and things like that, that quite frankly are not used or not understood largely by the average user. If they don't begin to cater to smaller organizations, they'll likely lose market share.

They could use a better user interface that could be developed a lot better than it is. It really could be more intuitive.

For how long have I used the solution?

I've used Tenable for 20 years or so. 18 to be exact. It's been a good amount of time. I have a lot of experience with the company.

What do I think about the stability of the solution?

The stability is excellent. There are no bugs or glitches. It doesn't crash or freeze. It's one of the reasons we chose it. It's reliable and the performance is excellent.

What do I think about the scalability of the solution?

Aside from their licensing, which needs some serious reworking, when you get the licensing in order the scaling is not that bad. It's pretty much on-par in terms of what others are doing. However, getting the provisioning of the licensing and all of that stuff through their partners, namely Ingram Micro, is nothing short of pulling teeth really. 

How are customer service and technical support?

I've never used technical support in the past. I've never had a need to. Therefore, I wouldn't be able to assess them. I can't say how knowledgeable or responsive they are.

Which solution did I use previously and why did I switch?

We've only been with Nessus. Nessus Professional came out way back in the day, in 2002, 2003, there was WebInspect which was then, bought by IBM. We used WebInspect which was another iteration of vulnerability scanning. It's kind of like Burp Suite, which is commonly used now. That was our only other experience. That was very far back, it's almost another lifetime.

How was the initial setup?

The initial setup is pretty straightforward. We've got staff members that are certified for decades, two decades or more, and they know their way around quite easily. It's quite easy in that regard to set up.

What's my experience with pricing, setup cost, and licensing?

In terms of the pricing side, I would say that they've lost a little touch on the pricing. It seems that the enterprise companies are the ones that primarily use Tenable for DIY security. However, the needs are much greater adoption in terms of the SMB space. These companies are screaming for attention. They've gotten interest from the hackers as hackers seem to be quite focused on the SMB space - which means they need protection. Most of the VA companies that are out there are servicing the enterprise and they all need the help. They've got the budget, they've got the resources, they have the CISSP certified guys on the bench taking care of their needs.

In terms of the volume of users interacting with the solution, you're looking at tens of thousands. As a service provider, we use the solution for companies of all sizes.

What other advice do I have?

We're a partner for Tenable Nessus.

The Tenable.io is what we're using currently. It suits our needs best due to the fact that it's in the cloud. The API is okay. It's not wonderful. Seems to serve a purpose.

The biggest problem with the solution is that if you're a small company, you're not going to be able to afford it, nor are you going to be able to manage it.

I would recommend other organizations use the product. People probably don't consider the amount of, let's say, understanding or comprehension that they need of their own network to truly be able to deploy and manage and get the results they're looking for, however. Many often underestimate all their skillsets. Tenable has a number of features and functionalities and it can be a little confusing for, let's say, a non-security savvy person. It could be a little bit of a challenge, to be honest. I'd suggest any company that considers it also does their homework first.

I'd rate the solution at a seven out of ten. It gets the job done. It really is smooth to operate once it's set up. It is for the most part pretty easy to set and forget.

Which deployment model are you using for this solution?

Private Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Flag as inappropriate
SA
Ingeniero de proyectos de TI at a tech services company with 51-200 employees
Real User
Stable with a straightforward setup and good scalability

Pros and Cons

  • "The initial setup is very straightforward."
  • "There needs to be better dashboard navigation."

What is our primary use case?

We primarily use the solution for on-premises monitoring. We use it to monitor the servers in our organization.

How has it helped my organization?

For most of the updates, Windows updates, et cetera, the service will let us know when we shouldn't apply an update due to the fact that there's some missing code, for example. It gives us great insights into security risks.

What is most valuable?

The vulnerability scanning has been great as it's helped us to define some issues around the updates of some things, and some items surrounding services we need to take care of.

The initial setup is very straightforward.

The solution has been very stable and quite scalable.

What needs improvement?

The dashboard and the main panel could be better. It's lacking right now. Sometimes it's hard to find what you need in the menus. There needs to be better dashboard navigation.

There needs to be more curation of core knowledge.

The documentation was hard to find. It's not all in one place. It's kind-of all over. You have to work to seek it out.

I can't recall any features that are lacking. I can't think of any additions we'd like to see in the next release.

For how long have I used the solution?

I've been using the solution for six months at this point. This has occurred within the last year. It hasn't been that long.

What do I think about the stability of the solution?

The stability is very good. I haven't had any issues with it. There are no bugs or glitches. It doesn't crash or freeze.

What do I think about the scalability of the solution?

The scalability of the solution is very good. If a company needs to expand it out, it can do so with relative ease.

We have a few network engineers that work with the solution directly.

I can't speak to any plans in terms of increasing usage. it's not something that we've discussed.

How are customer service and technical support?

I've never directly dealt with technical support. I can't speak to how knowledgeable or responsive they are. 

I've read a lot of documentation and whitepapers on the product. However, they were not concentrated in one place. I had issues teaching down details about the product.

Which solution did I use previously and why did I switch?

We did previously use a different solution, however, we've found Tenable to be much better.

How was the initial setup?

The initial setup is quite straightforward. It's not complex. It was very easy to create an account

The deployment itself only took one day. It was quite fast.

We have four people on staff that are knowledgeable enough to handle deployment and maintenance.

What about the implementation team?

We handled everything ourselves. it was all online and very simple. We didn't need the assistance of a consultant or reseller. 

What's my experience with pricing, setup cost, and licensing?

I don't handle the licensing aspects of the solution. I'm not aware of the costs involved.

Which other solutions did I evaluate?

We potentially looked at Qualys and Rapid7 before ultimately choosing Tenable.

I cannot control the main difference.

What other advice do I have?

We're a partner.

I'm not sure which version of the solution we're using.

I'd recommend the solution to other companies.

I'd rate the solution at an eight out of ten overall. We're mostly very happy with its capabilities.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Flag as inappropriate
Learn what your peers think about Tenable.io Vulnerability Management. Get advice and tips from experienced pros sharing their opinions. Updated: November 2021.
554,873 professionals have used our research since 2012.
VA
Security Architect at a tech services company with 51-200 employees
Real User
Top 20
Supports container scanning, and the technical support is good

Pros and Cons

  • "The most valuable feature for me is container scanning because I am interested in CICD security."
  • "It would be helpful if Tenable could be more clear with regard to everything the solution can and cannot do with the particular license that you have."

What is our primary use case?

I am a consultant and I advise my clients from a security standpoint. My goal is to get them to maximize value from Tenable.io. I am also a user of it. 

What is most valuable?

The most valuable feature for me is container scanning because I am interested in CICD security. The standard infrastructure scanning is pretty robust, which is why I was focusing on containers.

What needs improvement?

We had some challenges with the implementation because of Docker Version 2, although with help from the support team, we were able to proceed.

It would be helpful if Tenable could be more clear with regard to everything the solution can and cannot do with the particular license that you have. The information is not available on the web site and they should be more upfront about it.

For how long have I used the solution?

I have been using Tenable.io for between six and eight months. My company had acquired it before I joined, although it was not being utilized properly.

What do I think about the stability of the solution?

I have never encountered any issues relating to stability. I have never seen a scan crash, and we've been able to configure multiple scans to run concurrently. Everything appears to run smoothly.

What do I think about the scalability of the solution?

Other than running multiple scans concurrently, we have not looked at scalability. However, I have no doubt that we will be able to get support in order to meet our expectations.

How are customer service and technical support?

The support team is very good and we are quite happy with them. When we had the trouble with Docker Version 2, they responded and were able to help us troubleshoot, and then guide us to the resolution. It now works the way we wanted it to.

Which solution did I use previously and why did I switch?

I have worked with the open-source solution OpenVAS, as well as with Rapid7 and Qualys. I can see that Tenable.io is going to be one of the big players because they are doing very well in this space.

What's my experience with pricing, setup cost, and licensing?

I think that the price is reasonable for now, although given that everybody is looking to cut costs, I think that they should take measures to lower it. There are additional features that can be licensed for an additional cost.

What other advice do I have?

My advice for anybody who is implementing this product is to have all of the requirements documented and ready in advance. You match the solution to your requirements. Out of the box, we found that Tenable.io matched almost all of our requirements. The only clarification that we needed had to do with the Tenable.io Web App license. 

We have a good understanding of how Tenable.io works with containers and infrastructure, but when it comes to deep driving into applications, databases, APIs, and toolkits that you have in your environment, you need a separate license for that. This is what the Web Application license is.

In order to enjoy the maximum value, you need to have the appropriate licensing.

Overall, I am quite happy with Tenable.io.

I would rate this solution a nine out of ten.

Which deployment model are you using for this solution?

Public Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Microsoft Azure
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Antonio Scola
Owner & Entrepreneur at SUNLIT TECHNOLOGIES
Reseller
Top 20
An easy initial setup with responsive technical support and good stability

Pros and Cons

  • "The vulnerability scanning is the most important aspect of the solution for us."
  • "The pricing of the solution could be more reasonable."

What is our primary use case?

We primarily use the solution for vulnerability scanning.

What is most valuable?

The vulnerability scanning is the most important aspect of the solution for us.

The initial setup is easy. It's pretty straightforward.

The stability is very good. We have appreciated the performance it offers.

Technical support is responsive. They help if you have issues.

What needs improvement?

The pricing of the solution could be more reasonable.

For how long have I used the solution?

We've been working with the solution for many years. We have clients that have been using this solution for the last year.

What do I think about the stability of the solution?

The stability has been very good overall. It's reliable. There aren't bugs or glitches. It doesn't crash or freeze. It's good.

What do I think about the scalability of the solution?

The solution is very highly scalable, and I don't have any complaints about that. If a company needs to expand it, it can do so fairly easily.

We typically deal with medium to large-sized organizations. Typically, there are thousands of users.

How are customer service and technical support?

Technical support is okay. We don't have any complaints about their level of service. They are knowledgeable and responsive and we are able to get the information that we need when we need it.

How was the initial setup?

The initial setup is not complex. It's pretty straightforward. A company that wants to implement it themselves shouldn't have any issues.

We sold Tenable.io Vulnerability Management, and the implementation has always gone smoothly. It's pretty seamless overall.

The entire deployment process takes anywhere from a week to ten days. It's not too long.

You only need two to three people to handle the implementation process.

What's my experience with pricing, setup cost, and licensing?

The pricing is a bit high. It could be better.

Which other solutions did I evaluate?

It is my understanding that our clients did not evaluate other options before this product was suggested to them last year.

The two main competitors on the market are likely Qualys and Rapid7. I'm not familiar with the key differences of each solution, however.

What other advice do I have?

We are a reseller. We work with a lot of different Tenable.io products.

My only recommendation to other companies would be to put up a plan and follow the plan, point by point. Keep tracking of the result and make adjustments, if necessary. It's important to go in with a bit of a roadmap to follow. It will help ensure results.

In general, I would rate the solution at an eight out of ten. We've been pretty happy with the solution overall.

Which deployment model are you using for this solution?

Public Cloud
Disclosure: My company has a business relationship with this vendor other than being a customer: Reseller
FA
Senior Consultant at a tech services company with 11-50 employees
Real User
Top 5
Discovers quickly, very stable, and periodically updated, and but needs more integration

What is our primary use case?

It is useful for scanning the whole environment to check for any vulnerabilities. We can then start deploying or closing these vulnerabilities by applying the Windows or other product patches. In the end, we have an environment with no vulnerabilities, and we increase our security posture and security levels. 

What is most valuable?

It is very stable, and it is updated periodically by adding new vulnerabilities. It can discover much quickly as compared to other vendors. Its management console and portal make it easy to use and effective. 

What needs improvement?

It can have more integration.

For how long have I used the solution?

I have been using this solution for three months.

What do I think about the stability of the solution?

It is…

What is our primary use case?

It is useful for scanning the whole environment to check for any vulnerabilities. We can then start deploying or closing these vulnerabilities by applying the Windows or other product patches. In the end, we have an environment with no vulnerabilities, and we increase our security posture and security levels. 

What is most valuable?

It is very stable, and it is updated periodically by adding new vulnerabilities. It can discover much quickly as compared to other vendors.

Its management console and portal make it easy to use and effective. 

What needs improvement?

It can have more integration.

For how long have I used the solution?

I have been using this solution for three months.

What do I think about the stability of the solution?

It is very stable.

What do I think about the scalability of the solution?

It is scalable.

How was the initial setup?

I haven't installed it on a customer's site. I just installed it in my lab in order to get familiar with the product, and that's it. It was just for testing.

It was a straightforward installation. Because it was done in my lab environment, it didn't take that much time. It took around three to four hours.

What about the implementation team?

I did it myself.

What other advice do I have?

I would recommend this solution at this time, but after installing it for more customers, my answer might change in the future.

I would rate this solution a seven out of 10.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Flag as inappropriate
Pov Men
Network Security Engineer at np secure
Reseller
Top 5Leaderboard
An inexpensive, stable solution for in-depth vulnerability scanning on the cloud, which is easy to setup and comes with good technical support

What is our primary use case?

Our primary use case for this solution is to perform in-depth vulnerability scans on the cloud.

What is most valuable?

The solution can integrate with third parties and meets standard compliance.

What needs improvement?

An area of improvement for this solution is being able to customize the dashboard. For example, the dashboard does not allow us to view a previous months vulnerability results alongside current results to make comparisons.

For how long have I used the solution?

I have been using this solution for about two years.

What do I think about the stability of the solution?

The solution is very stable.

How are customer service and technical support?

The customer service/technical support for the solution is very good.

How was

What is our primary use case?

Our primary use case for this solution is to perform in-depth vulnerability scans on the cloud.

What is most valuable?

The solution can integrate with third parties and meets standard compliance.

What needs improvement?

An area of improvement for this solution is being able to customize the dashboard. For example, the dashboard does not allow us to view a previous months vulnerability results alongside current results to make comparisons.

For how long have I used the solution?

I have been using this solution for about two years.

What do I think about the stability of the solution?

The solution is very stable.

How are customer service and technical support?

The customer service/technical support for the solution is very good.

How was the initial setup?

The initial setup of the solution is not complicated and can easily be configured. Additionally, the solution comes with templates for assessing and auditing.

What's my experience with pricing, setup cost, and licensing?

The solution is not too expensive.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: reseller
MC
Security Specialist at a tech services company with 11-50 employees
Real User
Good integration, a simple initial setup and easily scalable

Pros and Cons

  • "Technical support has been good. They respond quite quickly."
  • "The interface could be improved; right now it's running on two interfaces simultaneously."

What is most valuable?

The solution's most valuable aspects are its user interface and usability. In general, Tenable is one of the best products in terms of management tools.

The solution integrates well with other solutions.

What needs improvement?

I don't have any issues with the solution at this time, and I don't think there are any features that are missing or could be added.

The interface could be improved; right now it's running on two interfaces simultaneously.

For how long have I used the solution?

I've been using the solution for half a year.

What do I think about the stability of the solution?

The solution is stable.

What do I think about the scalability of the solution?

The scalability is good. Currently, we have thousands of computers using the solution.

How are customer service and technical support?

Technical support has been good. They respond quite quickly.

How was the initial setup?

The initial setup is straightforward, as it is a cloud version.

What other advice do I have?

We use the cloud deployment model.

I'd recommend the solution. I'd rate it eight out of ten.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Product Categories
Vulnerability Management
Buyer's Guide
Download our free Tenable.io Vulnerability Management Report and get advice and tips from experienced pros sharing their opinions.