Contact Us
Tenable One

Tenable One

Tenable One provides extensive insights for proactive security management.

Basic Information

Tenable One is an Exposure Management Platform designed to unify discovery and visibility into all assets, assessing their exposures and vulnerabilities across the entire attack surface for proactive risk management.

  • Model: Exposure Management Platform
  • Version: Not specified as a single version number; it's a platform integrating multiple Tenable products.
  • Release Date: October 4, 2022.
  • Minimum Requirements:
    • Display: Minimum screen resolution of 1440 x 1024.
    • Supported Browsers: Latest versions of Google Chrome, Apple Safari, Mozilla Firefox, and Microsoft Edge. Mobile browsers are not supported.
  • Supported Operating Systems: Tenable One itself is a platform, but its components (like Tenable Nessus, Tenable Agents, Tenable Security Center) support various operating systems including multiple Linux distributions (e.g., Red Hat Enterprise Linux, AlmaLinux, Amazon Linux, CentOS Stream, Debian, Kali Linux), Windows (various versions including Server), and macOS.
  • Latest Stable Version: As a platform, updates are continuous. Recent release notes indicate updates as of October 30, 2024, November 20, 2024, and December 5, 2024.
  • End of Support Date: Not publicly specified for the platform as a whole; individual components may have their own lifecycle dates.
  • End of Life Date: Not publicly specified for the platform as a whole; individual components may have their own lifecycle dates.
  • Auto-update Expiration Date: Not publicly specified.
  • License Type: Asset-based licensing. Organizations purchase licenses for assets, which are resources identified by or managed in Tenable products. The number of different resource types (e.g., web servers, cloud resources, OT devices) is converted to a number of Tenable One assets based on defined ratios.
  • Deployment Model: Supports cloud, on-premises, and hybrid deployments.

Technical Requirements

Tenable One's technical requirements are largely dependent on the deployment of its integrated components, such as Tenable Vulnerability Management, Tenable Security Center, and Tenable Nessus scanners.

  • RAM:
    • Tenable Nessus Scanner: 4 GB RAM (8 GB recommended) for scanning up to 50,000 hosts.
    • Tenable Nessus Manager: 16 GB RAM.
    • Tenable Agent: Approximately 50-60 MB while idle.
    • Tenable Security Center: Varies by active IPs; for 2,500 active IPs, 16 GB RAM; for 10,000 active IPs, 32 GB RAM.
  • Processor:
    • Tenable Nessus Scanner: 4 x 2GHz cores for scanning up to 50,000 hosts.
    • Tenable Nessus Manager: 4 x 2GHz cores.
    • Tenable Security Center: Varies by active IPs; for 2,500 active IPs, 8 x 2GHz cores; for 10,000 active IPs, 16 x 3GHz cores.
    • Tenable Agent: Uses almost no CPU while idle, but can use up to 100% when available during jobs.
  • Storage:
    • Tenable Nessus Scanner: 30 GB (not including OS), with additional space for scan results, plugin updates, and logs.
    • Tenable Nessus Manager: 5 GB per 5,000 agents per concurrent scan, with additional space for results and updates.
    • Tenable Security Center: Varies by active IPs and data retention; for 2,500 active IPs, 225 GB for 90 days or 400 GB for 180 days; for 10,000 active IPs, 900 GB for 90 days or 1.8 TB for 180 days. High-performance disks (SSDs) are strongly recommended.
    • Tenable Agent: Initial install ~15-70 MB, initial plugin download ~220-301 MB, total footprint ~875 MB including plugin updates. Disk usage can spike up to 3 GB or more under certain conditions.
  • Display: Minimum screen resolution of 1440 x 1024.
  • Ports: Requires various TCP and UDP ports for inbound and outbound communication, depending on the deployed components and their functions (e.g., SSH, HTTPS for UI/API, SMTP for notifications, LDAP for authentication, DNS, sensor communication, plugin updates). Specific ports include TCP 22, 25, 80, 389, 443, 502, 636, 8834, 8837, 8000, 8090, 28303, 28304, 28305 and UDP 53, 123, 161.
  • Operating System: Supported operating systems for components include various Linux distributions (e.g., RHEL, Oracle Linux, CentOS Stream, Debian, AlmaLinux, Amazon Linux, Kali Linux), Windows (including Server versions), and macOS.

Analysis of Technical Requirements: Tenable One, as a comprehensive exposure management platform, has flexible technical requirements that scale with the size and complexity of the environment being monitored. The core platform itself has minimal direct requirements, primarily browser-based. However, the underlying components that perform scanning, data collection, and management (such as Nessus scanners and Security Center) require significant resources, particularly for larger deployments. High-performance storage and sufficient RAM are crucial for optimal performance, especially given the disk-intensive nature of vulnerability management applications. Network connectivity with specific port allowances is also essential for communication between components and with Tenable's cloud services. The platform's ability to integrate with various operating systems through its agents and scanners makes it adaptable to diverse IT environments.

Support & Compatibility

  • Latest Version: Tenable One receives continuous updates, with recent releases noted in late 2024.
  • OS Support: The platform integrates with various Tenable products that support a wide range of operating systems, including Linux (e.g., RHEL, AlmaLinux, Amazon Linux, CentOS Stream, Debian, Kali Linux), Windows (client and server versions), and macOS.
  • End of Support Date: Not explicitly stated for the Tenable One platform as a whole. Support lifecycles are typically managed at the individual product level within the Tenable ecosystem.
  • Localization: Not explicitly detailed in public information, but Tenable operates globally, suggesting support for various languages in its interfaces and documentation.
  • Available Drivers: As a software platform, Tenable One does not use traditional "drivers." Instead, it relies on agents, scanners, and APIs for integration and data collection. Tenable offers an open ecosystem with over 300 integrations.

Analysis of Overall Support & Compatibility Status: Tenable One demonstrates strong compatibility across diverse IT, cloud, OT, and IoT environments through its integrated product suite and extensive API/integration ecosystem. The continuous update model ensures ongoing feature enhancements and security improvements. While specific end-of-support dates for the entire platform are not public, the modular nature of Tenable One means that individual components adhere to their own support lifecycles. The platform's ability to unify data from various sources, including on-premises and cloud assets, highlights its broad compatibility and robust support for hybrid environments.

Security Status

  • Security Features:
    • Unified Visibility: Provides comprehensive visibility across IT, cloud, containers, web apps, identity systems, and OT/IoT environments.
    • Attack Path Analysis: Visualizes and prioritizes potential attack paths to critical assets, mapping risks to frameworks like MITRE ATT&CK.
    • Risk-Based Prioritization: Uses AI-powered insights, predictive prioritization technology (VPR, ACR, AES), and threat intelligence to focus remediation efforts on the most critical exposures.
    • Asset Inventory: Centralized view of all assets, eliminating blind spots.
    • Continuous Monitoring: Tracks cloud activities in real-time and continuously assesses environments.
    • Encryption: All customer data in motion is encrypted using TLS v1.2 with a 4096-bit key. Data at rest is encrypted using AES-256.
    • Container Technology: Uses container technology to segregate customer environments, ensuring data privacy and independence.
  • Known Vulnerabilities: As a security platform, Tenable One is designed to identify vulnerabilities in other systems. No specific widespread vulnerabilities in Tenable One itself are publicly highlighted as of the current information, though continuous updates address potential issues.
  • Blacklist Status: Not applicable; Tenable One is a security solution, not a target for blacklisting in the traditional sense.
  • Certifications: Tenable is a recognized leader in exposure management. Specific certifications for Tenable One are not detailed but Tenable products often adhere to industry security standards.
  • Encryption Support: Supports TLS v1.2 with 4096-bit keys for data in transit and AES-256 for data at rest.
  • Authentication Methods: Supports username and password with optional two-factor authentication. Multi-factor authentication is supported via SAML brokers (e.g., Ping, Duo) or SMS one-time codes. User accounts are assigned roles for access control.
  • General Recommendations: Tenable One helps organizations translate technical asset, vulnerability, and threat data into actionable intelligence, enabling proactive risk management and improved communication of cyber risk.

Analysis on the Overall Security Rating: Tenable One offers a robust security posture, acting as a comprehensive exposure management platform. Its core function is to enhance the security of an organization's entire attack surface by providing unified visibility, intelligent risk prioritization, and attack path analysis. Strong encryption for data in transit and at rest, coupled with secure containerization for customer data, underscores its commitment to data protection. The platform's continuous monitoring capabilities and AI-powered insights aim to help organizations anticipate and prevent attacks effectively. While no software is entirely immune to vulnerabilities, Tenable One's focus on identifying and mitigating risks across diverse environments, combined with secure operational practices, positions it as a highly secure and effective tool for cyber risk management.

Performance & Benchmarks

  • Benchmark Scores: Tenable One utilizes various scoring mechanisms to quantify cyber risk, including the Cyber Exposure Score (CES), Assessment Maturity grade, and Remediation Maturity grade. It also incorporates Vulnerability Priority Rating (VPR) and Asset Criticality Rating (ACR) to derive an Asset Exposure Score (AES). These scores provide internal benchmarks for an organization's security posture and allow for comparison against industry peers.
  • Real-world Performance Metrics:
    • Vulnerability Data Aggregation: Aggregates vulnerability data across IT infrastructure, web apps, public cloud, and identity systems.
    • Scan Frequency: More frequent scanning leads to more relevant data for Tenable One.
    • Agent Performance: Tenable Agents are designed to be lightweight, with low impact on endpoints. They typically use 50-60 MB of RAM while idle and minimal CPU, spiking during jobs. Average upload size for scan results is 1.6 MB, with 90% being 2.2 MB or less.
    • Resource Utilization: Tenable Security Center is a disk-intensive application, benefiting significantly from high read/write speed disks like SSDs.
  • Power Consumption: Not directly applicable to the Tenable One platform itself, as it is a software solution. Power consumption would be tied to the underlying hardware infrastructure where its components are deployed.
  • Carbon Footprint: Not directly applicable to the software platform. The carbon footprint would be associated with the data centers and hardware running the Tenable One components.
  • Comparison with Similar Assets:
    • Competitors: Key competitors in the Continuous Threat Exposure Management (CTEM) category include CrowdStrike Falcon Exposure Management, Qualys Enterprise TruRisk Platform, Axonius Platform, XM Cyber, Zafran Threat Exposure Management Platform, and Balbix. Other alternatives include Wiz, Reflectiz, Pentera, Orca Security, and Runecast.
    • Strengths vs. Competitors: Tenable One is often noted for its comprehensive visibility, risk prioritization, and robust threat analysis capabilities. It is praised for its ease of setup and extensive insights.
    • Weaknesses vs. Competitors: Some users report limited reporting capabilities and customization, absence of an agent for enforcing policies, and challenges with sensor updates. XM Cyber is noted for competitive pricing and simpler deployment.

Analysis of the Overall Performance Status: Tenable One is engineered for high performance in aggregating and analyzing vast amounts of vulnerability data across diverse environments. Its performance is intrinsically linked to the underlying infrastructure hosting its components, with recommendations for high-performance storage and sufficient processing power for optimal operation. The platform's scoring mechanisms (CES, VPR, ACR, AES) provide clear metrics for assessing and improving security posture, allowing organizations to benchmark their progress. While some user feedback points to areas for improvement in reporting and policy enforcement, the platform's core strength lies in its ability to provide comprehensive visibility and risk-based prioritization, enabling efficient remediation efforts. Tenable One aims to streamline security operations by focusing on critical exposures, making it a powerful tool for managing cyber risk.

User Reviews & Feedback

User reviews highlight Tenable One's strengths in providing extensive insights and effective vulnerability management and discovery features. Users find the setup process straightforward. The platform is considered effective for risk-based or exposure-based vulnerability management. It offers comprehensive vulnerability scanning and risk management, with users praising its broad coverage and risk prioritization. Tenable One is seen as a strong choice for security-conscious organizations needing a unified platform.

However, some users note concerns regarding limited reporting capabilities and a lack of customization in reports. The absence of an agent for enforcing policies is also mentioned as a weakness. Challenges with sensor updates and occasional erratic behavior requiring reinstallation on endpoints are significant concerns. Some users report slow support response times and unhelpful advice, along with a high price and complex licensing model that can be a barrier for smaller companies. While the interface is generally user-friendly, customization for dashboards and reporting is sometimes limited.

Recommended use cases for Tenable One include gaining comprehensive visibility across the modern attack surface, anticipating threats, prioritizing efforts to prevent attacks, and communicating cyber risk effectively to make better decisions. It is particularly useful for organizations seeking to unify security visibility, insight, and action across IT infrastructure, cloud environments, and critical infrastructure. The platform helps translate technical asset, vulnerability, and threat data into clear business insights and actionable intelligence for security executives and practitioners.

Summary

Tenable One is a comprehensive Exposure Management Platform that unifies visibility, insight, and action across an organization's entire attack surface, encompassing IT assets, cloud resources, containers, web applications, identity systems, and operational technology (OT)/IoT environments. Released in October 2022, it operates on an asset-based licensing model and supports cloud, on-premises, and hybrid deployments.

The platform's strengths lie in its ability to provide extensive insights, risk-based prioritization using AI-powered analytics (VPR, ACR, AES), and detailed attack path analysis, which helps organizations focus remediation efforts on the most critical exposures. It offers robust security features including TLS v1.2 encryption for data in transit, AES-256 for data at rest, and containerization for data segregation. The continuous update model and broad compatibility with various operating systems through its integrated components ensure adaptability to diverse IT landscapes.

However, user feedback indicates some weaknesses, particularly concerning limited reporting customization, the absence of a policy enforcement agent, and occasional challenges with sensor updates. The cost and complexity of its licensing model can also be a barrier for smaller enterprises. Performance, while generally strong, is dependent on adequate underlying hardware resources, with recommendations for high-performance storage and sufficient RAM for its disk-intensive components.

Overall, Tenable One is a powerful tool for large and security-conscious organizations seeking a unified approach to cyber risk management. It excels at providing a holistic view of cyber exposure and prioritizing vulnerabilities based on business impact. While there are areas for improvement in reporting and policy enforcement, its core capabilities make it highly effective for proactive security posture management. Recommendations for optimal use include ensuring robust infrastructure for its components, leveraging its extensive integration ecosystem, and actively utilizing its risk-based prioritization features to streamline remediation workflows.

The information provided is based on publicly available data and may vary depending on specific device configurations. For up-to-date information, please consult official manufacturer resources.

Simplify your IT ecosystem with InvGate Asset Management

30-day free trial - No credit card needed

Get started

Clear pricing

No surprises, no hidden fees — just clear, upfront pricing that fits your needs.

View Pricing

Easy migration

Our team ensures your transition to InvGate is fast, smooth, and hassle-free.

View Customer Experience