Very good CIEM product
What do you like best about the product?
The identity and permissions features (CIEM) are amazing. Very detailled and covering GCP, AWS and Azure, it's a very complete solution.
What do you dislike about the product?
The Threat detection part is maybe the least powerful feature of this CNAPP.
What problems is the product solving and how is that benefiting you?
It helps to detect misconfigurations and issues with entitlement management in Cloud platforms
Easy to use tools
What do you like best about the product?
Very easy to use, solve our problems with relatively low cost
What do you dislike about the product?
If there are more features in the product that could help us automate security tasks, that would be even better.
What problems is the product solving and how is that benefiting you?
Automatic scan of our sytem for compliance purposes
Offers flexibility and cost-effectiveness to users
What is our primary use case?
Right now, I use Tenable as CNAPP, and it is good for the product as it offers enhanced security to users. We did use the tool on the cloud. I am not sure if some models, like CIEM, are available as a feature for users. When it comes to a module in CNAPP, I think it is fairly good for using and monitoring on the cloud while also being easy to deploy.
I am not sure how the tool is used in my company because I got transferred to another team that is involved only in monitoring. I use the reporting part on CNAPP. I only use the tool for customized reports. The tool had a fairly easy way to get customized reports.
What needs improvement?
Another team uses the tool. Tenable acquired Ermetic. I think Tenable has features, stays up to date, and upgrades every few months. I am not sure of the tool's use case, as another team uses it. I think another team in my company wants to use the tool for use cases associated with patching and testing. For use cases, Tenable needs to offer a patch-based solution since it is an area where the tool lacks a bit.
For how long have I used the solution?
I have experience with Tenable Cloud Security.
What do I think about the stability of the solution?
There are no stability or bug-related issues in the tool.
How was the initial setup?
The product's deployment phase is easy.
What was our ROI?
The tool is cost-effective.
What's my experience with pricing, setup cost, and licensing?
The tool's price is good compared to other brands. The tool's subscription is for a year.
What other advice do I have?
The tool can be used in the area of vulnerability management to improve our company's security.
I saw some impacts on our finances, especially on the banking side. In our company, we forecast the point for maturity and performance through assessments and security vulnerabilities in the cloud. Before I bought Tenable, I compared it with another band. The tool has been a really good point for the price.
One of the teams in my company would like to use the tool and integrate it with other products used for patching and vulnerability assessment tools.
The tool is a good product that is flexible and on the cloud.
I rate the tool an eight out of ten.
Great visibility of cloud misconfigurations and vulnerabilities
What do you like best about the product?
Tenable Cloud Security excels in providing real-time visibility and continuous monitoring of cloud environments. Its automated compliance checks and risk assessments help ensure security and regulatory adherence. The platform's intuitive interface and integration with existing cloud services make managing cloud security straightforward and efficient.
What do you dislike about the product?
Tenable Cloud Security can be challenging to set up initially, requiring in-depth configuration and expertise. Its pricing may be a concern for smaller organizations with limited budgets. Additionally, the platform occasionally faces performance issues with large-scale environments, which can hinder real-time monitoring and responsiveness.
What problems is the product solving and how is that benefiting you?
Tenable Cloud Security solves the challenge of securing complex cloud environments by providing real-time visibility, automated compliance checks, and risk assessments. This enhances cloud security posture, ensures regulatory compliance, and simplifies management, benefiting organizations with streamlined, effective cloud security operations.
Provides excellent features and helps identify and mitigate risks
What is most valuable?
The solution is good. We integrated our AWS account with Tenable Cloud Security for security and compliance. The IAM features are valuable. We can analyze the permissions of the users in all the aspects of AWS. The solution’s vulnerability management feature has helped us identify and mitigate risks well. I can do the scans from the on-premise and cloud solutions. The tool integrates well with our existing products. We have integrated it with ServiceNow. It works well.
What needs improvement?
The product must provide more features. It must integrate with AI. The reporting features are bad. The reports do not have detailed information. We cannot do CI/CD with the tool.
For how long have I used the solution?
I have been using the solution for one and a half years.
What do I think about the stability of the solution?
I rate the product’s stability seven and a half out of ten. It must be improved.
What do I think about the scalability of the solution?
I rate the product’s scalability seven and a half out of ten. It must be improved.
How was the initial setup?
The setup has a few steps. I rate the ease of setup a nine out of ten.
Which other solutions did I evaluate?
We compared the solution with other tools but chose Tenable Cloud Security because it fit our requirements.
What other advice do I have?
We haven’t used the workload features yet. I will recommend the solution to others based on their organization’s requirements. Overall, I rate the tool an eight out of ten.
A tool that helps users to do compliance verifications for the cloud environment
What is our primary use case?
The use cases attached to Tenable Cloud Security include compliance verifications for the cloud environment.
What needs improvement?
The product lacks automatic remediation features. From an improvement perspective, the tool should be able to offer automatic remediation features.
There is a need for the support team to improve their response time since it is one of the areas where the product's technical team has certain shortcomings.
For how long have I used the solution?
I have been using Tenable Cloud Security for around ten years. My company sells solutions like Fortinet, Qualys, Tenable, and SentinelOne. My company has a partnership with Tenable.
What do I think about the stability of the solution?
Stability-wise, I rate the solution an eight out of ten.
What do I think about the scalability of the solution?
Scalability-wise, I rate the solution an eight out of ten.
How are customer service and support?
The solution's technical support is not good. I rate the technical support a three out of ten.
How would you rate customer service and support?
Which solution did I use previously and why did I switch?
Products like Fortinet, Qualys, and Rapid7 offer the same set of services. The only common issue I found between all the products was that though the tools can be deployed on the cloud services offered by Microsoft, AWS, and Google, the products cannot be deployed on Oracle.
I am in the process of testing different solutions from vendors like Rapid7 and Qualys.
How was the initial setup?
I rate the product's initial setup phase an eight on a scale of one to ten.
The solution can be deployed in a couple of minutes.
What's my experience with pricing, setup cost, and licensing?
There is a need to opt for a subscription-based pricing model to use Tenable Cloud Security. I rate the product price an eight on a scale of one to ten, where one is low price and ten is high price.
What other advice do I have?
Tenable Cloud Security is a basic tool for security engineers since most of the cloud solutions do not offer high standard compliance, like PCI DSS compliant. Most of the cloud solutions use CIS as a benchmark or reference. Microsoft has its own compliance tool.
Tenable Cloud Security is a new solution in the market and cannot be compared with the other vulnerability tools.
Speaking about how the product has improved the security posture, I would say that Tenable Cloud Security is usually installed on a person's computer, so one needs to be very careful not to make any mistakes during configuration. The cloud providers don't offer security, so it is important for a potential buyer to read the information on the way the services are provided to them by the cloud.
The product's visibility and remediation work fine for me.
Around two people are required for the maintenance of the product, considering that there are changes in cloud products and every customer is different. It is not a static solution.
I rate the overall tool an eight out of ten.
easy to use and good for investigating the cloud infrastructure
What do you like best about the product?
the dashboard is very explainable and easy to understand and take action out of it.
What do you dislike about the product?
the deep dive into the new features would give a better visibility
What problems is the product solving and how is that benefiting you?
AWS infrastructure . visibility on our product
Great product, very responsive
What do you like best about the product?
Their flexibility with suggestions and responsiveness if we have a question.
What do you dislike about the product?
The product seems to be still maturing at times.
What problems is the product solving and how is that benefiting you?
It allows us to have Just in Time access to AWS via audited role assignment.
The end to excessive permissions
What do you like best about the product?
Ermetic makes it very easy to understand and remediate excessive permissions
What do you dislike about the product?
Missing some key features in CSPM like disk scanning
What problems is the product solving and how is that benefiting you?
Ermetic CIEM is a good product and help us with excessive permissions mostly, No other tool we have tested was as helpful with that like Ermetic
Ermetic - Great CIEM & CSPM Tool
What do you like best about the product?
Ermetic gives us great insight into our Cloud Security and Cloud Infrastructure Risks. With the ability to manage access permissions, ensure cloud compliance, and provide recommendations for the principle of least privilege, Ermetic has quickly become a daily tool for us to use in monitoring our Cloud environment. The support team has been great in resolving problems quickly. Their quick response to each question has been tremendous as well.
What do you dislike about the product?
One downside we've noticed involves some findings/issues not being resolved when remediating the problem manually in the Cloud environment. Working with the Support team has been a great help in getting these issues resolved quickly.
What problems is the product solving and how is that benefiting you?
Implementing the privilege of least privilege in our Cloud environment has been a challenge in the past. With the Ermetic Platform, the process has become much easier for us.
