Tenable.io was designed to provide unified visibility and vulnerability prioritization insight to organizations to protect their environment through the monitoring of their entire attack surface with a single solution. It uses unique data collection approaches to provide this continuous visibility across all assets, managed or unmanaged, and supports compliance management.
This solution has been engineered to deliver comprehensive scanning, passive network monitoring and true asset tracking to eliminate vulnerabilities and blind spots to help organizations see and do more. Tenable accomplishes continuous visibility into both managed and unmanaged assets on a network through passive monitoring while agents monitor endpoints. It also delivers real-time visibility into dynamic, short-lived cloud assets by discovering them through Cloud Connectors.
Dashboards are simple, colorful, intuitive and fully customizable to your specific needs to analyze vulnerability data most critical to an organization and its individual business practices and needs. It provides a lot of rapidly digestible information. The solution offers a variety of pre-configured, out-of-the-box dashboards alongside the option for to custom design with “blank canvas” dashboards. This top-to-bottom customizability ensures all reporting needs are met. The offering also supports role-based access so security teams can assign user access.
APIs, SDK and third-party integrations make it simple for organizations to programmatically access the product for use in broader, automated business processes. The solution provides different scanners for different scan types, including passive scanning. These scans are easy to set up and extremely scalable and can also leverage imported data for easy transitions. We ran into some trouble installing the Nessus scanner on Ubuntu and found the supporting documentation to be outdated. Once we found the correct version, installation was very straightforward. Scan templates are also offered as an option. You will need to add credentials for each new scan you create. Other products used a password vault accessible by all the scans to save on input time.
Vulnerabilities are classified as critical, high, medium or low risk and the product provides suggested remediation patches to these vulnerabilities. You can parse down to small groups of patches to view a “hit list” of your vulnerabilities. Dynamic scoring takes 150 data points into consideration.
Tenable offers report templates that can render as a PDF, including CVE, critical and exploitable vulnerabilities, exploit frameworks, exploitability by malware, detailed vulnerability and wireless configuration reports.
Pricing is based on the number of assets, starting at $2,190 per year for 50 assets. Advanced and Elite Support options are offered. Advanced is included with an active subscription and includes free product and software updates and 24/7 phone, email, and chat support. Organizations also have access to the knowledgebase and Support Portal. Elite Support costs 20 percent of the subscription and includes the same support as the Advanced option with accelerated response time, Level 1 support bypass, and optional add-ons. A free, 60-day trial is also offered.
Tested by Tom Weil