It is very difficult to manage internal servers from the server team. You should go for the cloud if you want to manage any extra hardware or VM.

We were able to integrate with other security solutions, like SIEM, and activate monitoring. There were no challenges in integrating it. However, it doesn't support all types of SIEMs except major SIEMs like IBM QRadar and Splunk.

I recommend first configuring your alert monitoring system and doing the configuration with the advice of OEM support staff. It's very easy to use. If you want to compare it with other solutions, you can use the beta version or demo version, and you will be confident and strong and use it happily and without any pain.

Overall, I rate the solution a nine out of ten.

My advice for anybody who is implementing this product is to search for a certified partner to help with the process. It's not difficult, but it's very important to have a partner who knows the product well. The first steps in the implementation have to be the correct ones. If not, the product will not achieve the objectives that the company usually needs. It would be wrong for someone that doesn't know the product very well to begin implementing it by themselves.

This is the best product that we have found for risk management.

I would rate this solution a nine out of ten.

My recommendation is to stick with the data scanning tool and not worry about downloading the other features. 

I rate this solution nine out of 10. 

I rate Tenable.sc seven out of 10. I typically recommend Tenable.io instead, but Tenable.sc is an option if data regulations require you to use a private cloud or on-prem infrastructure. 

Tenable SC is suitable for medium and large companies, but it's not feasible for small ones. If you're in the US, I advise buying services from Tenable to implement the system instead of trying to implement it yourself. There are always some tricks that come with knowledge of the product that will make for a faster and better installation. Similarly, if you're in EMEA or Asia, please choose a good integrator. I would give Tenable SC a rating of nine out of ten.

I would rate the solution as a nine out of ten. 

This is a good solution for what I use it for. I would recommend it to others.

I rate Tenable SC a seven out of ten.

I would suggest running a proof of concept to evaluate the product's suitability. Test it on a smaller scale over a period of one to two months to see how it works. 

It's essential to assess whether the solution aligns with the organization's specific needs. Our approach involves using agent-based scanning, but this varies based on individual requirements.

Be aware of the network "noise" it might produce. Default scanning intensity might be too much and you might need to alter it in order to prevent network problems (DoS yourself).

My advice would be to give it a trial run before committing. It's hard to tell if it fits without firsthand experience. Additionally, the fact that Nessus, the scanning component of the security center, has been around for decades and even had open-source iterations in the early 2000s provides some confidence in its longevity and reliability. However, for newcomers, I would recommend testing it out on a smaller scale before making a decision.

Overall, I would rate the solution a seven out of ten.

Overall, I rate the solution a nine out of ten.

I would give the product an overall rating of nine out of 10.

The product is a very good solution. I would advise potential users to look at other solutions. The product is our second solution, and we are happy that it meets our requirements.

We are satisfied with the solution. Overall, I rate the product a nine out of ten.

I am dealing with the latest version of the solution. It's a very good product to use. Overall, I rate the product a nine out of ten.

The rule is always garbage in, garbage out. Be sure to configure the solution well and take advantage of technical support to understand how things should work. Mistakes are made when people assume they know how to do things. I believe in using technical support to confirm the process and ensure everything is done correctly. 

I rate the solution a ten out of ten. 

I rate Tenable Security Center a five out of ten. 

I would recommend this solution to others.

I rate Tenable SC an eight out of ten.

In my type of medical environment, when you get into an operational technology environment, PVS or something that's a passive scanner is more the way to go than something that actively goes out and scans and tries to interrogate endpoints, because that can cause impact. When dealing with the healthcare space or, say, the electrical grid, the consequences can be very widespread or can cause significant impact. Something like PVS is a great idea to look into.

If you're scanning operational technology, definitely use connectionless-oriented discovery policies. For example, perform UDP scans instead of TCP scans. From my experience, TCP scans have definitely brought down systems.

When it comes to insight, it helps but, the way we're using it now, scans only pick up what's active on the network, while the scan is occurring. For my environment, I perform most of my scans overnight, so I'm missing a lot of stuff that is used during the day in the clinical environment. That includes point-of-care devices, ultrasonography, and some other stuff. I don't scan the networks during the day, for the most part, so I do miss a lot of that stuff. PVS, the passive scanner, would pick up on a lot of that. When talking about actually detecting intrusion, I think it would be more powerful if we're able to get it deployed everywhere.

Two people in our organization actively use it for a lot of scanning. Some of the other security guys use it, but for the most part, it's just my colleague and I who use it. I have my scheduled, routine scans that run automatically and there are the scans I schedule for overnight. I run discovery scans daily. I run my vulnerability audit scans every other month. I'm doing the RDP scans now. I log into it daily and I run scans in it several times a week manually, outside of the scheduled scans. I use it heavily.

Right now there is just one person who manages the solution. I handle some of the PVS stuff but it's my colleague who is running the show.

Overall, I would give Security Center a nine out of ten. Of all the tools I've used, when it comes to managing the vulnerabilities and risks of a whole enterprise environment, I don't think I've used a better tool than Security Center. The reason I say nine and not a ten, is because I like to have a lot of control. When I use a Nmap, I'm able to write my own scripts. Security Center has a lot of that built-in, but I feel like there's very deep and more granular control once you know how to use some of the open-source tools out there.

We sell Tenable.

I'm using something around version five. I have installed the demo version of it in my Docker.

The product really stands out in comparison to the competition. However, the price tag is a bit on the higher.

I would advise new users to scan all assets and grab the results and set up all security postures and do stats for mitigating those attacks which are critical. For the first time, I would recommend they go for the critical and high vulnerabilities first in order to mitigate effectively very early on. 

I'd rate the solution nine out of ten.

Go in with open expectations. Companies don't realize how big their infrastructure really is before they can get a single pane of glass view, which Tenable provides. Don't be disheartened when you run that first scan. It is a process. This is not a sprint, this is a marathon. If you're not willing to invest in this for the long run, then maybe your organization just isn't ready.

I don't know how to assess our vulnerability status compared to that of our peers. The defense industry is fairly secretive about what goes on. But I think we're doing the right things. Having the licensing and the investment that we put in place puts us ahead in the industry. I can only really speak for myself, but I think that we are doing the right things, and investing the right dollar. And if our competitors are doing that, good for them. If not, I wish they would.

Security Center is generally run by either the information security manager or the information security officer. There are a few dozen people who have access to it and their roles would be two-fold: There are the lower-level, cybersecurity folks who are dealing with it on a day-to-day basis. And there are the more managerial types who would be getting reports and making decisions off of it. Lastly, the general IT staff would be using the reports or the remediation recommendations for making changes to their environment.

For deployment and maintenance of the solution we don't need that many. We had Professional Services in and we added a team of four to the Professional Services engineer to help us get it stood up over those two weeks. In terms of ongoing support of the solution, we have one or two people who are tasked with updating the vulnerability database and verifying scans and the like. But it's not overly burdensome. They are information security officers or cybersecurity specialists.

I would rate Security Center at eight out of ten. First, it's a little heavy-handed for us from a licensing perspective and second, there are some features and functionality that we'd like to see in the future which would make it more user-friendly for non-technical or more managerial types. It seems that the product is really written for technologists, especially on the reporting side.

The product helps with web application security. I advise others to use Tenable IO and NAS, especially in regions with specific data protection regulations like GDPR and PDPA.

I rate it a nine out of ten.

I rate Tenable.sc nine out of ten.

I don't use the product for compliance support.

In terms of the product's valuable feature for threat detection, I would say that the solution's reporting overview in the dashboard is nice. The prioritization of vulnerabilities in the tool is very nice.

The real-time monitoring capabilities of the product are very useful for our company, as they help us to be more in control and interact more actively.

The tool's dashboard and reporting capabilities match our company's needs since we are able to modify the basic view to create a new dashboard, and it works out very well for our needs.

Speaking about how Tenable Security Center's integration capabilities with other tools have affected our company's security operations, I would say that I have very little experience with the integration part, but from what I can see in the product's documentation and description, it can be really well-integrated with a lot of systems, like service desk in ServiceNow and other security vendors, which is good for our company. I can say that the integration capabilities of the product are good.

I would definitely recommend the product to those who plan to use it.

I rate the tool a nine out of ten.

I would rate the tool a seven out of ten. 

The size of our customers run the gamut, from small medium to large, in certain cases exceeding 5,000 IPs. 

I would definitely recommend the solution. 

I rate Tenable SC as an eight-plus out of ten. 

I would rate the product a nine out of ten. I would advise to focus on partner relationship development and enablement. If your partner is not confident enough or they are not getting training or direct channel attachments, then it becomes difficult for System Integrator professionals. 

For anyone considering implementing Tenable.sc into their organization, I would recommend that they have the proper design of the solution and the proper placement of the scanners before implementing the solution. 

Tenable is a good product, I have no concerns with it as a solution.

I rate this product a nine out of ten overall.

Make sure that your sizing is done correctly, in terms of the hardware size. When you do buy Tenable, a lot of times you'll use Professional Services to help you implement the tool. Whatever advice Tenable has, listen to it very specifically and also talk to them specifically about what your goals are. Instead of talking tactics, talk about goals. What's going to happen is that they may say "Hey, we're going to do things slightly differently than how you used to do it," but in a lot of instances, they're going to be right.

In terms of features that we're looking forward to, VPR is one that we're going to start using more. And they also recently had a SAML integration for single sign-on. That was a new feature in 5.9.

Overall, Tenable is easily a nine out of ten. It's not a ten because there is no perfect tool out there, and Tenable SecurityCenter does have its limitations.

This is a good solution for evaluating vulnerability in the network. It gives wide coverage, and it is able to scan most platforms on the network.

I would rate this product an eight out of ten.

If you are considering a product like this, you must take into account and properly plan, scope, and scan. You need to know how to properly place your scanners and how to schedule automatic scans. You need to properly schedule your scans, so for example you don't need to scan your data center during that day when your business is most active, you can schedule your scans to run in the middle of the night, when your systems are least active.

If you wake up on LAN, then you can even scan clients during the night. You schedule wake up on LAN, your boxes are woken up on LAN, then the scanning is run, and then the boxes are shut down once the scan is over. So that's proper scoping and planning with this solution.

Two or three engineers in my company are involved in the maintenance of the solution.

I recommend the solution to those planning to use it.

I rate the overall product an eight out of ten.

It has been good so far. I would rate it an eight out of 10.

I like this tool a lot but I work in the security area, so my concerns are always about security and how we can increase the security of everything that we have. It's important to be cautious about who gets access to what. 

I rate this solution eight out of 10. 

I rate Tenable SC nine out of 10. It needs some improvements in the reporting engine and training. For example, I need the ability to easily check what happened on Tenable specific dates.

I can easily recommend Tenable SecurityCenter, and I have nothing really bad to say about it. I think it's a great tool for what it does. I enjoy the webinars, and the people that run the company seem very engaged with what's going on when you're into current events and the overall security climate, and they're continuously looking to improve.

I can't speak to every option that they have, but I have no reservations recommending them.

I would rate Tenable SecurityCenter an eight out of ten.

I would rate the tool an eight out of ten. The tool has community support. From my experience of using the solution, I would recommend it to anyone looking to use it.

I recommend the solution as it is a very good and user-friendly product. I rate it as a nine.

Before, just preparing the monthly scans alone would take us about two weeks to set up. Then, we would have to wait for at least another two weeks for those assessments to be done, for the scanning to be done, and then it will take us about another two weeks to generate the report before we can send them out to the system owners. That's the reason why those were our main drivers, as well, for us to push the use of the Tenable Security Center as a self-service platform to the system owners. The quick turnaround time in terms of generating reports and sending them out to the respective system owners is significant.

Know what you're getting into, and know the difference between security compliance suites and SIEM suites. The two are very different, which is why I'm very unhappy using SecurityCenter, because it's been forced upon me as a replacement for a product that it doesn't even compete with.

I would rate Tenable eight out of ten.

We are just customers and end-users of the product.

If a company does decide to implement the solution, I'd advise working with Tenable engineers during the process, and even afterward, in order to ensure everything is set up appropriately.

I'd rate the solution at an eight out of ten We've had a largely very positive experience with the solution so far.

Tenable SC is without a doubt a good choice.

I would rate Tenable SC a nine out of ten.

I would say there are approximately 30 users in our organization using the Tenable SC product. 

I rate Tenable SC an eight out of ten.

I would rate it a seven out of ten.

It is a much better solution than other competitors. It provides almost everything that is required in terms of vulnerability management. If you are looking for overall enterprise security in terms of integrations and vulnerability management, you should go for Tenable SC or Tenable SCCV.

I would rate Tenable SC a nine out of ten. 

I would give Tenable.sc a rating of eight out of ten.

Nessus is for a single company and tenable SC is for when you've got multiple repositories. SC is the same as Nessus, except it's got central logging. It's the same thing. For large widespread companies, you use SC, if you're a small to medium-sized company, you use Nessus.

I would rate it an eight out of ten. Not a ten because of the reporting. It needs improvement. 

I would definitely recommend the solution but I would tell people that it requires dedicated staff. You need to have someone looking at what's going on when you scan and you need somebody to go through all the results, otherwise it just sits there.

I would rate this solution an eight out of 10.