Forescout Technologies headquartered in San Jose actively defends the Enterprise of Things by identifying, segmenting and enforcing compliance of every connected thing. Forescout boasts a widely deployed, enterprise-class platform at scale across IT, IoT, and OT managed and unmanaged devices. Forescout arms customers with device intelligence, in order to allow organizations across every industry to classify risk, detect anomalies and quickly remediate cyberthreats without disruption of critical…
N/A
Tenable Vulnerability Management
Score 9.5 out of 10
N/A
Vulnerability management specialist Tenable offers their cloud application and container security platform Tenable Web App Scanning (formerly Tenable.io), a vulnerability management tool that emphasizes visibility of web applications, automatic scanning, and a unified view of cloud infrastructure and possible inconsistencies indicating a vulnerability.
It was able to relieve us of some of the duties performed by the operations team as it made it easy to do those tasks. It allows us to view devices that are connected to our network and segregate those that are not company owned and also account for guests' logins as are signed …
Better intergration with patch management tools. Forescount Platfform (CounterAct) is easily compatible with diverse network infrastructure to offer better service and efficiently ensure seamless operations. Its automation capabilities have also enabled us to depend less on the …
Forescout Platform (CounterACT) is capable to perform intelligent device classifications which able to group and segmentize the assets effectively. Besides, the classification techniques can be customized according to the organization requirements. With agentless deployment, …
When I got here, they already had this product in place, so I was not part of the final decision, but after using this for a couple of years, I can say that it was an intelligent decision for the business!!
Heterogeneous compatibility with switches and other network infrastructure setup is a major advantage. There are many companies where there is a legacy network combined with different OEM deployed. Integration of network devices like switches, FW, routers, AP's gives complete …
We selected CounterACT because it didn't require 802.1x and it didn't require any switch upgrades. To use 802.1x we would have to assume all endpoints are guilty until proven innocent. With CounterACT we can detect quickly if endpoints are not compliant and remediate without …
CounterACT was the product that was able to do exactly what we were looking to accomplish and that was to block non-company owned devices from connecting to our network based on our criteria. It will allow us to decide if a blocked device should be allowed on our network …
I think Tenable and Qualys have a lot of similarities, I continue to go back to Tenable because of my familiarity and comfort level with it. I've also used a company called SecurityMetrics which has vulnerability scanning included but it is not as comprehensive as Tenable.
Tenable.io was a clear winner in regards to features and capability when compared to OpenVAS, Qualys, and Nexpose. OpenVAS is a fork of an older version of Nessus Scanner(from Tenable) and has been updated over the years to a great free alternative. It takes a lot more manual …
Tenable.io has a comparable set of features, with excellent support and a competitive price. After less than desirable experiences with another company, we moved to Tenable and haven't looked back since.
Rapid7 is actually very comparable to Tenable.io in terms of automated scans, automated reporting, internal and external scanners, and remediation of external scans. But for less than the cost of a Rapid7 solution that comes with internal scans only, I received more hosts …
I strongly recommend using it in networks where many machines enter, it is essential to have a capture of all ids, mac etc to prevent and detect unauthorized machines.We are in the technological era and there is a lot of technological robotization looking for weak systems to enter.Invest in greater security and that does not happen to you.
Tenable.io is a cost effective Internal and External scanner. The Internal scanner came with a .ova, so it was very simple and quick to deploy it into our ESXi environment. It has a cloud-based dashboard for management and the internal scanner is configured to auto-update from Tenable.io. The license came with 4 External PCI scans (with remediation) a year.
They are prompt in their response with a complete resolution once they have identified the problem. Other OEM's generally give stop-gap arrangements and then later come with new upgrade versions. This gives downtime tasks to customers often, which isn't appreciated. Given the criticality of this software, their support is prompt.
Support is usually really great at walking you through any steps you need to take when you get stuck on something. There are a few false positives and errors that have come up over the years that required their help to get through. Unfortunately, the steps required to diagnose some problems are more tedious than I think should be necessary. (IE: SQL instances can throw errors that clog up your logs because one plugin affects it in a certain way. The process to diagnose this is to watch timestamps of plugins in a log while monitoring the SQL logs at the same time and using your best guess as to what is causing it.)
CounterACT was the product that was able to do exactly what we were looking to accomplish and that was to block non-company owned devices from connecting to our network based on our criteria. It will allow us to decide if a blocked device should be allowed on our network temporarily
I think Tenable and Qualys have a lot of similarities, I continue to go back to Tenable because of my familiarity and comfort level with it. I've also used a company called SecurityMetrics which has vulnerability scanning included but it is not as comprehensive as Tenable.
We're able to mitigate over 90% of our vulnerability risk without too much effort. It helps find where automated patching fails and we can plan a fix from the findings.
A side effect of our scanning reveals new devices on our network that aren't cleared to be.