Reviews from AWS Marketplace
0 AWS reviews
-
5 star0
-
4 star0
-
3 star0
-
2 star0
-
1 star0
External reviews
External reviews are not included in the AWS star rating for the product.
Been waiting a long time for meaningful enhancements. You've forgotten about us Compliance users.
What do you like best about the product?
Once a Compliance scan audit template is setup (XML editing is painful and takes the most wasteful effort, & we don't like at all), requesting a scan is easy.
What do you dislike about the product?
Having to manually update a very large population of XML audit files for similar control parameters (i.e. password length = 8 across the environment).
06.05.2023 - with recent updates your engineering team has not considered how we truly use the product or have not designed for ease of use. i.e. when generating reports in the Compliance module, multiple reports are generated for each scan... you literally have to select each one individually, download, then unselect and go select the next, you can not select multiple to download at once - the way you used to be able to. It's rediculous. Personally, I'm frustrated with your Tenable support telling me our audit files are "customized" because of us changing a password length from 12 to 8 and they classify it as a custom XML - and won't provide support unless I go to my account rep and complain. It's just not good customer service. You can do better. Your product could be so much better if you just listed to customers like me who use the Compliance module daily.
06.05.2023 - with recent updates your engineering team has not considered how we truly use the product or have not designed for ease of use. i.e. when generating reports in the Compliance module, multiple reports are generated for each scan... you literally have to select each one individually, download, then unselect and go select the next, you can not select multiple to download at once - the way you used to be able to. It's rediculous. Personally, I'm frustrated with your Tenable support telling me our audit files are "customized" because of us changing a password length from 12 to 8 and they classify it as a custom XML - and won't provide support unless I go to my account rep and complain. It's just not good customer service. You can do better. Your product could be so much better if you just listed to customers like me who use the Compliance module daily.
What problems is the product solving and how is that benefiting you?
Compliance scans for review of baseline, OS and DB security configuration requirements. It could be a whole lot better, but it beats screenprints.
- Leave a Comment |
- Mark review as helpful
Ten years Tenable.sc government sector experience
What do you like best about the product?
Tenable.sc is basically the one-stop shop for everything Tenable, in an on-prem environment. Everything at your fingertips. The Admin side shows you the status of all your configured devices, Nessus Scanners and Agent Managers, Nessus Network Monitors, etc. In contrast, the User side gives you easy access to create and manage scans and all the parts that go into them with easy-to-use, intuitive templates.
What do you dislike about the product?
This is a hard question to answer. Tenable does a great job with its suggestions portal and addresses needs and wants in the tool fairly regularly. Anyone who has seen version 5.23.1 will agree it is probably one of the biggest leaps Tenable.sc has ever made. If I were forced to choose one downside, it would be more of a backend issue than anything else. SQLite...That is all I have to say about that.
What problems is the product solving and how is that benefiting you?
Tenable.sc finds the holes that your patching solution misses. All the patch tool knows is that you need such and such KB or patch version. Tenable.sc and Nessus will let you know that the patch alone did not resolve the issue. It also lets you know which vulnerabilities in your environment pose the most risk, based on whether it is actually being exploited in the wild.
Tenable.io - Reliable and Current
What do you like best about the product?
Tenable.io just works and does what it needs to do. You can deploy internal scanners or use their cloud-hosted scanners for your external perimeter. Tenable stays on top of current events and updates and creates new plugins to detect the latest vulnerabilities.
What do you dislike about the product?
They are continually working on expanding their functionality, so they are tweaking their console. Adding functionality like more reporting, dashboards, and remediation scans. We stay current on their suggested best practices, unfortunately, too many other users did not update to newer and improved functionality and they provided old and new methods of tagging\grouping too long - confusing for new users to know what to use - I believe this is being cleaned up now.
What problems is the product solving and how is that benefiting you?
Scanning, reporting, and checking on remediation progress. Easy to set up schedules and just let Tenable do its thing. It is still best to review in the console, but you can also schedule reports.
Tenable.sc is a must have tool for any company of any size!
What do you like best about the product?
This is, without question, the best way to accurately and quickly keep an eye on the ever-changing landscape of how your devices are vulnerable to attack. I have used many other products and tenable as a company is open to input and always looking at ways to add value to the product. The reporting and dashboards help you know a priority order to remediate and help you look at trends.
What do you dislike about the product?
With all products like this, there is a learning curve. There are features like the ability to pull more detailed remediation that I could give to the the people making the changes exact details of what needs to be done to remove this issue would be great. The ability to know that an issue like log4j was found on this machine within this software or directory easier would be great. THe ability to get a list of here is all the software installed in your ecosystem and the number or exact assets it is installed on.
What problems is the product solving and how is that benefiting you?
The ability to scan automatically for vulnerabilities around the clock so that i have no questions of visibility of the issues. Also, with their team adding data daily, I don't have to wonder if I am getting the best information possible.
Ermetic - The best identity security system for your organization !
What do you like best about the product?
Ermetic have a great UI that will show you exactly what are the vulnerabilities in your cloud accounts.
You can review the vulnerability , Fix it with their automatic remediation tool and in 1 sentence - Make your cloud account more secure.
You can review the vulnerability , Fix it with their automatic remediation tool and in 1 sentence - Make your cloud account more secure.
What do you dislike about the product?
Nothing, Every issue that we had got fixed super quick with Ermetic support.
What problems is the product solving and how is that benefiting you?
Remove known vulnerabilities and reduce potential breaches with overprivileged permissions for users.
Fixing configuration that will fix security vulnerabilities like EKS secrets encryption etc ...
Fixing configuration that will fix security vulnerabilities like EKS secrets encryption etc ...
Teanble is a great Exposure Management tool
What do you like best about the product?
Very detailed software.
The deployment was easy.
If I get a vulnerability it will show me which devices were affected and how many devices.
The remediation steps are great, it gives you collected information about the vulnerability and the remediation steps.
Very detailed information about the asset like, IP, vulnerability count by severity, asset criticality rating, asset exsposure score, scan information.
Can Run custom scans for the assets.
Can run scan is my devices complied for CIS benchmarks etc. very handy tool to improve your enterprise security posture.
Super easy to use because instructions are included on the platform. Much easier than Microsoft Defender.
The threat intelligence what the software has is exceptional.
They got very good trainings and webinars. On Tennable University you can get free and quality tranings, if you want to get certificate you get as well (not for free).
Very rarely getting false positive vulnerabilities.
Often Tenable software's are on the top in independent tests so you can trust their tools are great.
The deployment was easy.
If I get a vulnerability it will show me which devices were affected and how many devices.
The remediation steps are great, it gives you collected information about the vulnerability and the remediation steps.
Very detailed information about the asset like, IP, vulnerability count by severity, asset criticality rating, asset exsposure score, scan information.
Can Run custom scans for the assets.
Can run scan is my devices complied for CIS benchmarks etc. very handy tool to improve your enterprise security posture.
Super easy to use because instructions are included on the platform. Much easier than Microsoft Defender.
The threat intelligence what the software has is exceptional.
They got very good trainings and webinars. On Tennable University you can get free and quality tranings, if you want to get certificate you get as well (not for free).
Very rarely getting false positive vulnerabilities.
Often Tenable software's are on the top in independent tests so you can trust their tools are great.
What do you dislike about the product?
You can make literally endless amount and variations of the dashboard but I quite miss more graphs that shows in the timeline the vulnerability count for the asset, for the asset.
Some of the changes made it harder to use it, but I sent feedback, so we will see.
Some reason almost every day for the website is super slow, or down for a few minutes for me. Could be quite annoying.
Some of the dasboard data is not updating requrarly, but i was told on the support it is a known issue so I hope very soon it will remediated.
Scan speeds/resource utilization at times
Have to switch between interfaces to access certain functionality
Quite expensive.
Some of the changes made it harder to use it, but I sent feedback, so we will see.
Some reason almost every day for the website is super slow, or down for a few minutes for me. Could be quite annoying.
Some of the dasboard data is not updating requrarly, but i was told on the support it is a known issue so I hope very soon it will remediated.
Scan speeds/resource utilization at times
Have to switch between interfaces to access certain functionality
Quite expensive.
What problems is the product solving and how is that benefiting you?
First, found out what vulnerabilities, and security issues are on assets and after it can helps to mitigate the vulnerabilities. We can run scans against frameworks, benchmarks so very handy. The helps of the software we mitigated thousands of vulnerabilities.
Awesome review of Tenable.io
What do you like best about the product?
The simplicity of the product, compared to its incredible power.
What do you dislike about the product?
Reporting can get a little boring sometimes
What problems is the product solving and how is that benefiting you?
Keeping my customers safe by being able to give them real-time internal and external vulnerability reports as well as the ability to identify assets on their networks that they might even know about
Tenable.sc for vulnerability management
What do you like best about the product?
It is one of the best user friendly tools for automating the vulnerability identification. The analysis and dashboard creation is highly convenient and insightful.
What do you dislike about the product?
The support team will take some time to review your requests.
The false positives for legacy servers which are superceded would be discovered in the vulnerability report.
If we view only the superceded patches, this would not give us the current and correct security posture of our system.
The false positives for legacy servers which are superceded would be discovered in the vulnerability report.
If we view only the superceded patches, this would not give us the current and correct security posture of our system.
What problems is the product solving and how is that benefiting you?
Tenable.sc is making it easy for us to view and analyse out network's security posture. This helps us with prioritising the remediation process as well by the use of VPR (Vulnerability priority Rating).
Competent Vulnerability Management
What do you like best about the product?
Tenable.io performs multiple helpful functions, including cloud scanning, vulnerability scanning, and web application scanning. I like that the built-in dashboard helps to convey current events and present information in more than just a table. We have also used the API they make available to automate functionality into our existing processes.
What do you dislike about the product?
The rate of change that tenable.io's interface goes through can sometimes be a bit disorienting. For example, when releasing new UI's for asset viewing/filtering, some previous filters were missing.
What problems is the product solving and how is that benefiting you?
Tenable.io primarily solves the vulnerability management portion of our security program. By presenting issues in a way that can be quantified and sorted, tenable.io helps us reduce our attack surface.
Ermetic facilitate us to achieve least privilege policy & subdue cloud security risk in AWS platform
What do you like best about the product?
Ermetic adheres to the Zero Trust security model for threat prevention & managing access to our customer applications. It is pivotal since we need to handle our workload utilization policies & access privileges across multiple users & their login devices. Ermetic also offers comprehensive security monitoring features so that authentication, authorization and validation of users are done properly before access provisions.
What do you dislike about the product?
The learning curve for implementing Ermetic in our AWS environment is steep. We require experience in configuring policies so that we protect our customer applications from advanced security threats. Setting up user access privileges should be done with adherence to customer compliance governance & to prevent conflicts between the security team & business processes.
What problems is the product solving and how is that benefiting you?
Ermetic benefits our organization as it eliminates several vulnerabilities such as credential risk, inactive IAM permissions & data breaches thanks to its unified policy management dashboard. It also provisions visibility, remediates potential risks & promotes custom policy creation. We attach IAM policies for resource definition & user access control through the Ermetic platform. It's also easy to establish account-level boundary permissions & overview the access privileges granted to third-party tools. All these features of Ermetic aid in attaining the least privileged policy which is absolutely necessary for our AWS environment.
showing 71 - 80