Microsoft Defender for IoT vs. Tenable Vulnerability Management

Companies that are not using Azure cloud exhaustively will struggle with maximizing the potential of Microsoft defender as multiple important features require the use of IoT Hub etc The product definitely shines though, when integrated with it's friends, i.e when used collectively within microsoft ecosystem. Paired with Intune and IoT Hub, it does a phenomenal job at providing global protection including automated threat protection and cross domain network security features

Incentivized

Tenable.io is a cost effective Internal and External scanner. The Internal scanner came with a .ova, so it was very simple and quick to deploy it into our ESXi environment. It has a cloud-based dashboard for management and the internal scanner is configured to auto-update from Tenable.io. The license came with 4 External PCI scans (with remediation) a year.

Incentivized

• Agentless monitoring
• Integration with Sentinel
• Multiple protocol support

Incentivized

• Wide range of capabilities that can be customized to fit each user's environment and needs
• Provides high-quality data and insights into detected vulnerabilities
• Great customer support

Incentivized

• To use it to it's full potential, multiple Azure services are required including but not limited to Intune, VM etc
• Due to a heavy focus on UI rather than Code heavy approach, it sometimes limits itself in terms of features and adds additional complexity when looking for niche network security features.
• Major features like Device inventory and alerting are still in preview mode, which of course can hamper an organisation's trust

Incentivized

• Configuration is not always intuitive, but the comprehensive training and documentation comes to the rescue.
• The mix of classic and beta UIs currently is confusing and we find the classic UI is actually better.

Incentivized

We like to renew tenable each year we have had it so far.

Incentivized

Overall it is good, it took a little while to understand it and figure things out but once you have a good grasp on it then, it is very good.

Incentivized

Support is usually really great at walking you through any steps you need to take when you get stuck on something. There are a few false positives and errors that have come up over the years that required their help to get through. Unfortunately, the steps required to diagnose some problems are more tedious than I think should be necessary. (IE: SQL instances can throw errors that clog up your logs because one plugin affects it in a certain way. The process to diagnose this is to watch timestamps of plugins in a log while monitoring the SQL logs at the same time and using your best guess as to what is causing it.)

Incentivized

Defender being native to MS was the decision maker for us.

Incentivized

I think Tenable and Qualys have a lot of similarities, I continue to go back to Tenable because of my familiarity and comfort level with it. I've also used a company called SecurityMetrics which has vulnerability scanning included but it is not as comprehensive as Tenable.

Incentivized

• With this Microsoft software the protection of our project data is excellent and easy data mining solution.
• Extraction and data analytics generation is very effective.
• Data modeling and preparation of multiple data reports from various projects.

Incentivized

• We're able to mitigate over 90% of our vulnerability risk without too much effort. It helps find where automated patching fails and we can plan a fix from the findings.
• A side effect of our scanning reveals new devices on our network that aren't cleared to be.

Incentivized