Tenable One

The plugins for new threats are published very quickly, we have tested Cloud Integration with AWS for cloud security and it's working perfectly to analyze IAM and cloud logging. Threat Intelligence module in showing the up to date risk landscape helping prioritize base on business criteria. However, a watch list of emails, technologies, and supply chain is missing to have a wider Threat Intelligence view. Regarding Issue prioritization, the vendor provides a good support willing to help, we had the basic support and then the Elite support and in both setups they were very helpful. In the reporting perspective the dashboards are very basic, there is missing to add historical data based on labels, remediation owners to relate it to the risk discovered. However, the API integration is very powerful, we perform calls every hour and we don't have restrictions and we are building a complex dashboard with the API but not using the dashboards that the platform offers due to the lacks mentioned. Regarding Asset Discovery is useful but expensive, basic network discovery can be done easily but integrating third party connectors or discovering assets with Attack surface management can be expensive since even if the asset already exists in one source it will be extra charge if it's discovered in other sources.

Tenable One is the core of our security stack, fundamentally changing the old fragmented vulnerability management workflow and embracing exposure management that enables us to pivot to a continuous threat exposure management (CTEM) model for how we approach risk. The holistic exposure view across Cloud, Identity, Vulnerability, etc ensures the team is really prioritising what actually matters. the addition of Hexa has also been a game changer for us in such a large environment. conversational AI to assist with discovery, tagging and understanding has really opened the door for more of the team to contribute. Finally we are loving the AI Exposure component, a view into a new exposure area and to have it customisable to how our organisation works is fantastic. Highly recommend Tenable One to any organisation looking to move beyond traditional vulnerability management and want to adopt a proactive, exposure driven approach to cyber risk.

My experience has been very positive with Tenable Products as I am using the Tenable ONE (Tenable .IO and Tenable .SC. ) for quite a long time. The vast plugin database, the simplicity of the asset mapping structure and the granular view of the vulnerabilities that gets published in Tenable dashboards are good. The comprehensive attack surface management is a feature that stands out and helps us analyze the root cause of every issue we come across. Switching to TenableOne was a good decision and the reason behind it was the vast plugin database. The discovery of all types of vulnerabilities is readily available due to the industry standard attack path analysis. This was choosing Tenable One over other solutions was helpful for my organization. The implementation was not very easy though, but it's straightforward for simple environments. But for complex environments with custom requirements its a hell lot of work and requires expert level of knowledge to establish the initial setup. Tagging, asset grouping etc is good. We have not encountered any issues so far and the support is good. We are still testing the product post deployment. Tenable One is a good solution, but as a customer what I feel is there are some areas where Tenable needs to bring up new features that it can match the technical capabilities similar to its competitors. We are seeing some lack in the features in dashboarding, reporting, configuration etc. But overall it is a good experience and with time I am expecting that the features will enhance.

Tenable One has significantly improved our ability to manage cyber exposure across our environment. The unified platform brings together vulnerability data, asset discovery, and threat intelligence in a single console, which has reduced the time our team spends correlating data from multiple tools. Issue prioritization using risk-based scoring has been particularly valuable, as we can now focus remediation efforts on what truly matters rather than chasing every CVE. Cloud Integration works well across major providers, though onboarding took some effort. reporting is flexible and useful for both technical teams and executive stakeholders.

My experience with Tenable has been very positive. It gives us clear visibility into vulnerabilities and our overall attack surface, helping us understand risk in one unified view. The Lumin module is especially helpful for comparing our risk level with other companies in the same sector. Risk-based prioritization and easy integrations simplify remediation and daily workflow. Its scalability and broad asset coverage make it a reliable solution. We are not currently the VPR, but the overall risk scoring provides an overview for comparing risk quarters