Tenable.io

The most helpful feature included in Tenable.io is the Vulnerability Priority Rating (VPR) applied to vulnerabilities. It helps us prioritize our vulnerabilities based on threat intelligence and not just based on CVSS. It goes beyond identifying vulnerabilities that are exploitable; it helps put the vulnerability into context like how often is the vulnerability being exploited? Or how old the vulnerability is and how recently it's being exploited.

The workflow to help stakeholders who are responsible for patching could be better. Such as allowing different teams to log into the console, see only their vulnerabilities, launch their own scans, and mark which ones are remediated. As an administrator, it would help to have a simple pane of glass to see which teams are doing well in remediation activities and which teams are lagging. And it would help to see trending information displayed on remediation activates based factors such as remediation groups, types of vulnerabilities, and etc. Also, being able to customize reports could be improved as well. Their new product, Lumin, helps to prioritize based on asset criticality, but it's expensive.

Be sure to put the product through its paces but running various types of scans and being able to generate the reports you need as well as what the remediation workflows will look like.

Tenable.io is helping us reduce business risk. By using VPR, we can reduce vulnerabilities using a risk-based approach. This allows us to focus on the vulnerabilities that pose the greatest risks and reduces the resources spent on remediation activities that are low risk. Tenable.io also makes it easy to sort and search based on vulnerabilities or assets.

In Tenable.IO Console, I find that we have Clear visuals, clear scans, clear assets !

Direct targeted resolutions!!

Great resolutions in the reports: facilitates the infra structure team in resolving the issues...

Keep on it, team!!!

Was a great idea to review all the features in the last webinar.

Many features openned a new horizon within our team.

Please continue to give us more insights for Tenable.io, this is very usefull.

Great visibility in a whole context.

Great detailed report resolutions when it comes to resolving vulnerabilities.

Was used to the old Used Classic view, but it is usefull still reachable :)

But the new version has more info and the since the widgets are customisable ... this is good !!

Go or it!!!!

My colleagues and I use the Vulnerabilities discovery to enhance our security in the enterprise.

Infra team is way better in his moves.

We discovered unrevealed issues in our infrastucture.

Infra was reluctant at the beginning, but realized that the info Tenable reveled was very precious in securing our environment.

I use the console almost every day...

I generate weekly reports from the console for the management, very usefull for the decision makers.

We do not need to go and search how to resolve issues : all details are ready to be consumed inside the reports: infra team has only to read and implement the resolution: very usefull in accelerating the resolution specially in these time of a broken secueiry and fast evelvingtechnologies.

You can easily schedule Vulnerability Assessments for your most critical infrastructure.

Reports are easy to understand and easy to be shared either to technical teams or even to senior management.

The post-sales support by having access to the Tenable University is really usefull.

The tool is very flexible in terms of grouping the infrastructure devices in order to schedule vulnerability assessments in many different ways, according to priorities.

During the Tenable webinars the technical explaination was a bit fast.

The configuration is a bit tricky and requires specialized personnel in order to have a successful and faster implementation.

We are covering a regulatory requirement that demand us to perform monthly vulnerability assessments over our payment system's infrastructure.

Additionally we must perform an annual vulnerability assessment over the rest of our critical infrastructure, however with this tool we are able to performe it in a monthly basis.

The follow up of the remediation plans to solve the vulnerability findings is easyer through the vulnerability reports generated automatically by the tool.

Providing compliance reports for internal/external audits or either to regulators is a lot easyer since the tool generates the reports automatically.

The new UI is getting more usable with the code migration from Tenable.sc

Permission Migrations and getting used to Access Groups. Just getting used to the new permission configurations is a bit of a learning curve.

Permissions with previous Target Groups

Proactive identity the prioritizing the vulnerabilities is what i love most. Tracking the vulnerabilities are difficult especially the setup or environment of the company. Given the man power challenges so maximizing its feature to track and asses known and unknown assets and their vulnerabilities are beneficial especially for assets like mobile devices, virtual machines and cloud instances.

Depend on setup how you deploy and configure the scanners sometimes it will generate a lot of noise and fp but once correctly isetup it will lessen the risk on environment thru discovery and assessment.

Please just try. Maximize the Free Trial. Also there are a lot of resources from the company site you can use. Create use cases that surely beneficial for your company.

Asset discovery and Vulnerability prioritization. The Active scanning agents and in cloud cnnectors helps determine assets on our environment even the unknown one. This helps especially we are in cloud.