Tenable SC Overview

Tenable SC is the #3 ranked solution in our list of top Vulnerability Management tools. It is most often compared to Tenable.io Vulnerability Management: Tenable SC vs Tenable.io Vulnerability Management

What is Tenable SC?

Tenable SC consolidates and evaluates vulnerability data across the enterprise, prioritizing security risks and providing a clear view of your security posture. With SecurityCenter, get the visibility and context you need to effectively prioritize and remediate vulnerabilities, ensure compliance with IT security frameworks, standards and regulations, and take decisive action to ensure the effectiveness of your IT security program and reduce business risk.

Tenable SC is also known as Tenable Unified Security, Tenable SecurityCenter.

Tenable SC Buyer's Guide

Download the Tenable SC Buyer's Guide including reviews and more. Updated: May 2021

Tenable SC Customers

IBM, Sempra Energy, Microsoft, Apple, Adidas, Union Pacific

Tenable SC Video

Filter Archived Reviews (More than two years old)

Filter by:
Filter Reviews
Industry
Loading...
Filter Unavailable
Company Size
Loading...
Filter Unavailable
Job Level
Loading...
Filter Unavailable
Rating
Loading...
Filter Unavailable
Considered
Loading...
Filter Unavailable
Order by:
Loading...
  • Date
  • Highest Rating
  • Lowest Rating
  • Review Length
Search:
Showingreviews based on the current filters. Reset all filters
Joey Smith
Medical Device Cybersecurity Analyst at a healthcare company with 10,001+ employees
Real User
Enables very customized policies to routinely scan, while simultaneously not causing impact

What is our primary use case?

I'm the one who scans and performs assessments on clinical and medical equipment in our environment. I manage the clinical endpoint devices: MRI systems, bedside monitoring, Alaris pumps, fusion pumps, CTUs, EEGs, EKGs, wireless defibrillators, and a lot of IP cameras that are part of operation room labs. My colleague handles all the regular enterprise IT, database servers, etc. From a scanning standpoint, I do everything from discovery scanning to full-credential auditing and anything and everything in between. That's just for the medical space in a 24/7 production medical environment. We're… more »

Pros and Cons

  • "What is useful to me is being able to fulfill very customized scanning policies. In the clinical environment, because of vendor control, we can't perform credential-vulnerability scanning. And network scans, which I've done before, can cause a lot of impact. Being able to create very customized policies to be able to routinely scan and audit our clinical networks, while simultaneously not causing impact, is important to us."
  • "If I want to have a very low-managed scan policy, it's a lot of work to create something which is very basic. If I use a tool like Nmap, all I have to do is download it, install it, type in the command, and it's good to go. In Security Center, I have to go through a lot of work to create a policy that's very basic."

What other advice do I have?

In my type of medical environment, when you get into an operational technology environment, PVS or something that's a passive scanner is more the way to go than something that actively goes out and scans and tries to interrogate endpoints, because that can cause impact. When dealing with the healthcare space or, say, the electrical grid, the consequences can be very widespread or can cause significant impact. Something like PVS is a great idea to look into. If you're scanning operational technology, definitely use connectionless-oriented discovery policies. For example, perform UDP scans…
DN
Senior Information Security Analyst at a financial services firm with 1,001-5,000 employees
Real User
A scalable solution for detecting and pro-actively mitigating network vulnerabilities

What is our primary use case?

The primary use case is to perform vulnerability assessments across the entire network.

Pros and Cons

  • "I think that this is a good solution for evaluating vulnerability in the network."
  • "The web application scanning area can be improved."

What other advice do I have?

This is a good solution for evaluating vulnerability in the network. It gives wide coverage, and it is able to scan most platforms on the network. I would rate this product an eight out of ten.
Learn what your peers think about Tenable SC. Get advice and tips from experienced pros sharing their opinions. Updated: May 2021.
512,221 professionals have used our research since 2012.
BJ
Information Security Expert at a comms service provider with 5,001-10,000 employees
Real User
Quick turnaround time but needs a good plugin editor

What is our primary use case?

I primarily use this solution for vulnerability assessment on the assets that we have. This includes servers, network equipment, appliances, routers, firewalls, and switches.

Pros and Cons

  • "We really love the Security Center dashboard. It basically performs vulnerability scanning and then outputs a vulnerability data."
  • "A good plugin editor would be a good additional option for the Security Center."

What other advice do I have?

Before, just preparing the monthly scans alone would take us about two weeks to set up. Then, we would have to wait for at least another two weeks for those assessments to be done, for the scanning to be done, and then it will take us about another two weeks to generate the report before we can send them out to the system owners. That's the reason why those were our main drivers, as well, for us to push the use of the Tenable Security Center as a self-service platform to the system owners. The quick turnaround time in terms of generating reports and sending them out to the respective system…
Abill Nerry
Senior Manager, IT Security at a financial services firm with 5,001-10,000 employees
Real User
With the Assurance Report Cards, we can have a quick review of security concerns in a simple glance.

What is our primary use case?

Basically it reviews our threat landscape vulnerability. So, we just want to be sure that we check compliance in terms of our configuration and compliance to our policies. But, the key is to make sure that we are not exposed to vulnerabilities that can be exploited. So, it's more of just securing our threat landscape.

Pros and Cons

  • "The most valuable feature of the product is the Assurance Report Card, which gives us an overview of the security poster in just a simple glance."
  • "Initial setup was pretty straightforward."
  • "It basically reviews our threat landscape vulnerability."
  • "In terms of configuration, there is some level of flexibility that we are not able to achieve."
  • "At times we have had the typical bugs."

What other advice do I have?

If you are considering a product like this, you must take into account and properly plan, scope, and scan. You need to know how to properly place your scanners and how to schedule automatic scans. You need to properly schedule your scans, so for example you don't need to scan your data center during that day when your business is most active, you can schedule your scans to run in the middle of the night, when your systems are least active. If you wake up on LAN, then you can even scan clients during the night. You schedule wake up on LAN, your boxes are woken up on LAN, then the scanning is…
CV
Network Security Analyst at Arkansas Department of Finance and Administration
User
Lacks a powerful and flexible query engine, not a useful solution for network event investigations

What is our primary use case?

I use SecurityCenter currently to investigate daily network security events from reports I receive. Our network support team uses it to track, manage, and remediate system vulnerabilities. It works well for the latter, not so much for the former.

What other advice do I have?

Know what you're getting into, and know the difference between security compliance suites and SIEM suites. The two are very different, which is why I'm very unhappy using SecurityCenter, because it's been forced upon me as a replacement for a product that it doesn't even compete with.
Product Categories
Vulnerability Management
Buyer's Guide
Download our free Tenable SC Report and get advice and tips from experienced pros sharing their opinions.