We just raised a $30M Series A: Read our story

Tenable.io Web Application Scanning OverviewUNIXBusinessApplication

Tenable.io Web Application Scanning is #20 ranked solution in application security tools. IT Central Station users give Tenable.io Web Application Scanning an average rating of 8 out of 10. Tenable.io Web Application Scanning is most commonly compared to PortSwigger Burp Suite Professional:Tenable.io Web Application Scanning vs PortSwigger Burp Suite Professional. The top industry researching this solution are professionals from a computer software company, accounting for 26% of all views.
What is Tenable.io Web Application Scanning?

Tenable.io Web Application Scanning safely, accurately and automatically scans your web applications, providing deep visibility into vulnerabilities and valuable context to prioritize remediation.

Buyer's Guide

Download the Application Security Buyer's Guide including reviews and more. Updated: November 2021

Tenable.io Web Application Scanning Customers

IMDEX

Tenable.io Web Application Scanning Video

Pricing Advice

What users are saying about Tenable.io Web Application Scanning pricing:
  • "The pricing is okay."
  • "It follows the same licensing scheme as Tenable.io and Tenable. sc."

Tenable.io Web Application Scanning Reviews

Filter by:
Filter Reviews
Industry
Loading...
Filter Unavailable
Company Size
Loading...
Filter Unavailable
Job Level
Loading...
Filter Unavailable
Rating
Loading...
Filter Unavailable
Considered
Loading...
Filter Unavailable
Order by:
Loading...
  • Date
  • Highest Rating
  • Lowest Rating
  • Review Length
Search:
Showingreviews based on the current filters. Reset all filters
NC
IT Manager at a manufacturing company with 10,001+ employees
Real User
Top 5Leaderboard
Good reporting and integration, but it needs a user-friendly dashboard

Pros and Cons

  • "The most valuable feature is the reporting, which provides a good level of detail with respect to vulnerabilities."
  • "It would be great if there were a dashboard that is more user-friendly."

What is our primary use case?

We primarily use Tenable.io to scan all of our assets to identify vulnerabilities and determine risk percentages for each.

What is most valuable?

The most valuable feature is the reporting, which provides a good level of detail with respect to vulnerabilities.

This solution integrates well with other products.

What needs improvement?

It would be great if there were a dashboard that is more user-friendly.

We had some trouble integrating with ZeroNorth that required we contact technical support. This is an area that could be improved.

We are currently running several different scanners and it would be nice to see all of them in one place. For example, Tenable.io is used for assets, whereas we have different solutions for mobile and websites. Having all of these integrated into a single dashboard would be helpful.

For how long have I used the solution?

I have been using Tenable.io for more than a year.

What do I think about the stability of the solution?

In general, we do not have problems with stability. We did have an instance where the agents went down, but problems only occur once in a while.

What do I think about the scalability of the solution?

The scalability is decent and has not been a problem. We have approximately 50 users.

If this solution continues to work well then we will gradually increase usage to cover all of our assets.

How are customer service and technical support?

The technical support is responsive and they worked on our problem quickly. That said, it depends on how quickly support is needed. The SLA is one or two days, although that depends on the agreement.

When we contacted support during the integration with ZeroNorth, our agents went down and it took a week to come up again. I think that the response and resolution time from technical support could be improved, which would lead to less downtime.

Overall, I would say that they are responsive.

What's my experience with pricing, setup cost, and licensing?

The pricing is okay.

Which other solutions did I evaluate?

We evaluated several other products using a proof of concept for each. Tenable.io did well in comparison.

What other advice do I have?

For assets, this is a good product and I recommend it. We have done some other PoCs and in comparison, I think Tenable.io did well.

I would rate this solution a seven out of ten.

Which deployment model are you using for this solution?

Private Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
ME
Senior Cyber Security Specialist at a tech services company with 1,001-5,000 employees
Real User
Top 5Leaderboard
User-friendly GUI, simple to manage, the support is excellent and quick to respond

Pros and Cons

  • "Tenable.io Web Application Scanning is very easy to use."
  • "The reporting has a very limited customization capability."

What is our primary use case?

Tenable.io Web Application Scanning is very useful for scanning container exposure, and also for scanning all of the external IP addresses for any organization using Tenable predefined scanners.

What is most valuable?

It's a good product. It works as expected.

Tenable.io Web Application Scanning is very easy to use.

It provides very reliable results.

It is very useful. 

The GUI is very easy to use, for anyone.

It is easily managed by someone who lacks prior knowledge, information, or experience.

What needs improvement?

The reporting in Tenable.io Web Application Scanning is not as good as the reporting in Tenable SC. Tenable SC's reporting is extremely powerful.

The reporting has a very limited customization capability. It would be beneficial if this feature could be enhanced.

For how long have I used the solution?

I have been using Tenable.io Web Application Scanning for three years.

What do I think about the stability of the solution?

Tenable.io Web Application Scanning is extremely stable.

What do I think about the scalability of the solution?

Tenable.io Web Application Scanning is very easy to scale. 

The scalability surpasses Tenable.sc. All of the resources are based on the cloud. You don't need to add any extra resources if you want to add any external scanning or any internal scanners for the hardware specifications. This solution is very scalable.

How are customer service and support?

I have dealt with technical support once. They were very good and very responsive.

Which solution did I use previously and why did I switch?

I have also worked with Tenable SC. Asset management is a bit different.

How was the initial setup?

There is no need to install anything. You get it pre-installed from the vendor.

You have access to the GUI, and log in with your credentials.

What's my experience with pricing, setup cost, and licensing?

It follows the same licensing scheme as Tenable.io and Tenable SC.

A separate license is required for support.

I can't be certain, but I believe the fees are determined by the number of IP addresses or users.

What other advice do I have?

I would recommend this solution to others who are interested in using it.

I would rate Tenable.io Web Application Scanning an eight out of ten.

Which deployment model are you using for this solution?

Public Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
Find out what your peers are saying about Tenable Network Security, PortSwigger, Acunetix and others in Application Security. Updated: November 2021.
553,954 professionals have used our research since 2012.
KV
Security Consultant at a tech consulting company with 51-200 employees
Consultant
Top 20
Multi-faceted solution that offers good replication testing and vulnerability assessment

Pros and Cons

  • "Our customers adopt this solution because of the replication testing and the vulnerability assessment it can do. It is a multi-faceted product."
  • "I would like for them to add proxy filtering, where you can transfer and alter the package. It is fully automated. Other web application testers programs are actually proxy software, and the proxy software gives you the flexibility of modifying the outgoing package, which will actually help you in exploiting any vulnerability in detail."

What is most valuable?

Our customers adopt this solution because of the replication testing and the vulnerability assessment it can do. It is a multi-faceted product. 

What needs improvement?

I would like for them to add intervening proxy, whereby you can alter the get/put requests. It is fully automated. Other web application testers programs are actually proxy software, and the proxy software gives you the flexibility of modifying the outgoing traffic packets which will actually help you in exploiting any vulnerability in detail.

What do I think about the stability of the solution?

It is quite stable. We haven't had any bugs. 

What do I think about the scalability of the solution?

There is no need to scale, because generally the customers, whenever they scan their applications, they generally take a couple of applications at a time. And Tenable.io is already cloud instituted so you don't have to worry about that aspect.

How are customer service and technical support?

I never needed to contact support. It is very easy to understand and easy to configure. 

What other advice do I have?

I would rate it an eight out of ten. 

To make it a ten, I would like for there to be more flexibility for the testers. 

Which deployment model are you using for this solution?

Public Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Product Categories
Application Security
Buyer's Guide
Download our free Application Security Report and find out what your peers are saying about Tenable Network Security, PortSwigger, Acunetix, and more!