Tenable Vulnerability Management vs. Tripwire IP360

Tenable.io is a cost effective Internal and External scanner. The Internal scanner came with a .ova, so it was very simple and quick to deploy it into our ESXi environment. It has a cloud-based dashboard for management and the internal scanner is configured to auto-update from Tenable.io. The license came with 4 External PCI scans (with remediation) a year.

Incentivized

I think Tripwire IP360 is suited for any environment as long as the leadership is willing to support the outcome.

Incentivized

• Wide range of capabilities that can be customized to fit each user's environment and needs
• Provides high-quality data and insights into detected vulnerabilities
• Great customer support

Incentivized

• I find the Tripwire IP360 reporting features extraordinary. I can run various audit and inventory reports at any point since the inception of the tool. For example, I can execute a report on the history of an asset, which establishes a baseline and can be used to support many security objectives.
• Scan scheduling. This feature allows the tool to run independently without human intervention. I don’t have time to manually run scans of different departments. Therefore, I schedule all my audits and check the report the next day. This has worked brilliantly for 3 years now.
• Automated update of the vulnerability rules. Automatically updating these rules and binding them to the scans preserves the tool relevancy during audits

Incentivized

• Configuration is not always intuitive, but the comprehensive training and documentation comes to the rescue.
• The mix of classic and beta UIs currently is confusing and we find the classic UI is actually better.

Incentivized

• I’d like to see IP360 have the ability to discover additional security appliances such as PaloAlto and Fortinet appliances.

Incentivized

We like to renew tenable each year we have had it so far.

Incentivized

Overall it is good, it took a little while to understand it and figure things out but once you have a good grasp on it then, it is very good.

Incentivized

Support is usually really great at walking you through any steps you need to take when you get stuck on something. There are a few false positives and errors that have come up over the years that required their help to get through. Unfortunately, the steps required to diagnose some problems are more tedious than I think should be necessary. (IE: SQL instances can throw errors that clog up your logs because one plugin affects it in a certain way. The process to diagnose this is to watch timestamps of plugins in a log while monitoring the SQL logs at the same time and using your best guess as to what is causing it.)

Incentivized

I think Tenable and Qualys have a lot of similarities, I continue to go back to Tenable because of my familiarity and comfort level with it. I've also used a company called SecurityMetrics which has vulnerability scanning included but it is not as comprehensive as Tenable.

Incentivized

I chose Tripwire IP360 because of its flexible reporting features

Incentivized

• We're able to mitigate over 90% of our vulnerability risk without too much effort. It helps find where automated patching fails and we can plan a fix from the findings.
• A side effect of our scanning reveals new devices on our network that aren't cleared to be.

Incentivized

• The biggest impact Tripwire has had in the organization is risk reduction. Since the inception of the tool our vulnerabilities have been reduced by 40%.

Incentivized