You know somebody had to: it sounds untenable to me.
Tenable's response to folks upset at AWOL features: A 150-emails-a-minute spam storm
Tenable Security has given itself two problems, by releasing a product its users don't like, and then adding them all to a support email group that's sending uncomfortable volumes of messages. The new product is Nessus Professional v7, which Tenable has declared is just fabulous thanks to new licensing, improved reports, and …
COMMENTS
-
-
Wednesday 13th December 2017 06:34 GMT Anonymous Coward
At JonBays, re: "dumb Americans".
Not ALL of us voted for that man, but thank you for lumping us all into the same pot.
In that same fashion, thanks for being an uppity, know it all, fekking smeghead Brit.
To all the folks that are intelligent enough not to lump an entire group of people into the same boat just because a vociferous minority did something stupid, I thank you & offer a pint.
To everyone whom insists on labeling us "'Muricans" & other such idiocy, may you choke on said pint.
Have a nice day...
*Leaves a twenty on the bar to pay for all the drinks*
-
-
This post has been deleted by its author
-
This post has been deleted by its author
-
-
-
-
Wednesday 14th February 2018 21:45 GMT Tom Paine
It was an absolute bear for the first few years after the fork at least; eventually I gave up on it. The test database wasn't scratching the surface of new vulnerabilities either. I'm also in the market for an alternative now - desperate to get off Qualys but sadly out of touch with the current alternatives. (I guess Retina isn't a thing any more? Has it finally died and had a decent burial?)
-
-
-
This post has been deleted by its author
-
-
-
Wednesday 13th December 2017 14:12 GMT Tanglewood73
Well done Tenable for taking a program we pay for and making it completely useless to us.
The only way we use Nessus is via custom software and the API to extract the resulting scan information into a database which makes is useful to us to automate vulnerability fixes and quickly find which devices need the most work.
-
Wednesday 13th December 2017 14:15 GMT xewill
So, here's the thing.
I won't be buying software from Tenable again.
Yes, I'm annoyed they've removed features I paid for, but who is to say that if I upgrade, they won't remove the features I rely on from that edition too.
I cannot buy from them, if I do not trust them.
A shortsighted move.
-
Thursday 14th December 2017 12:26 GMT ThatOne
O brave new world, that has such people in't.
Once upon a time, companies were proud to make as good a product and have as good a customer support as possible. Their joy and pride was to exceed customer expectations.
Unfortunately marketing took over: Nowadays it's about scamming customers out of as much money as possible, while spending as little effort and money as possible. Unfortunately these aggressive "new style" companies make much more profit than the quaint old ones, so the writing is on the wall: Everyone will eventually abandon the pretenses of caring about customers and just go directly for the money. Keep in mind that the most profitable business plan is one which offers nothing at all for the customers' money, an age-old principle also known as "robbery"...
-
Thursday 14th December 2017 13:04 GMT julian_n
Someone has shot themselves in the foot
We have just cancelled our Tenable order - only for three copies but that is still over $7k - placed last week but will arrive too late for the API cutoff. A pain as we had written a load of Python scripts to manage the scan output. The silly thing is that had we got the Nessus scanners in there was a possibility we would have then moved to something like Security Centre. Now - no chance at all.
I am now looking at OpenVAS - there seem to be a couple of useful APIs in there that can be leveraged - and I suspect if a load of other people move like us and make a few donations the feature set will rapidly increase.
Tenable remind me of Sun Microsystems - some may recall Solaris x86 being canned to help Sun's Cobalt Linux. It did help Linux - RedHat Linux, Suse Linux - but not Cobalt! By the time Sun realised and restarted the Solaris x86 line it was too late - Linux had the market share. Tenable seem to hope killing the API will make everyone rush out and buy their io cloud based product. When they realise it hasn't happened and restart the API it will be too late for them as well - others will have the market share.
Finally, Tenable really have screwed up - not only with the update and the spam but also their brand new support community - currently giving a 404 error and spewing a load of diagnostics. That makes three problems!
Gun - foot - aim - fire!
-
Saturday 16th December 2017 00:11 GMT RobinCM
Re: Someone has shot themselves in the foot
So what else is out there? Aside from OpenVAS, which I've heard of but not used.
Somebody commented by saying that there are loads of alternatives, but conveniently mentioned precisely none of them.
Don't care if it's paid or free, but it needs to be good and to "just work".
Thank you!
-
Monday 18th December 2017 17:28 GMT whitehatlion
There are many options
Either you work for Tenable or you don't know about vulnerability scanners. Qualys is a lot bigger than Tenable and it sells an excellent vulnerability scanner (with more features than Nessus and with less false positives than Nessus), Rapid7 also sells an excellent vulnerability scanner, Outpost24 also. Just Google it or maybe you won't even try it because you already knew and are here on "damage control". At least, try to know the industry before you open your mouth.
-
Thursday 15th February 2018 10:57 GMT Tom Paine
Re: There are many options
As he made a polite request for suggestions for alternatives, "don't know about vulnerability scanners", obvious. Dial down the paranoia and maybe try to grasp that not everyone in the world is an expert on the tiny corner of the world you rule as a god-emperor of knowledge, maybe?
-
-
-
-
Friday 15th December 2017 15:08 GMT Anonymous Coward
Not knowing your customer
When a CEO comes on the company website with a video on how excited they are, it's either a feature cut or a cloud move. I have no confidence in the engineers managing their cloud systems given their lax attention on their email bomb fiasco. Tenable need to reverse their decision in order to remain credible as a security tool. Not only have they pushed their customers to seek alternatives, they've given their competition the features needed to win their customers over!
-
Friday 15th December 2017 18:01 GMT whitehatlion
We are done for good with Tenable
We were planing to buy new licenses and renew several licenses, thanks to these news we won't do it. Simply put, Tenable cannot be trusted even if they reverse the decision to remove the API and multi-user support. On top of that, we were tired of chasing false-positives with Tenable but we still used it because of the API and multi-user, now that we won't have those features we are done for good with Tenable. To add insult to the injury, Renee's post only makes thing worst because or they don't know how to mask their intentions of they are simply treating the customers as if the customers are naive. Good riddance, Tenable only made the competition a lot stronger and more reliable. An advice to Tenable: Don't even try to reverse your decision, it will make things only worse and you know it.
-
Tuesday 19th December 2017 07:46 GMT julian_n
Re: We are done for good with Tenable
I have to disagree about the false positives - Nessus is no better and no worse than Qualys. Personally I preferred the Nessus interface - Qualys tries to do everything and ends up as a jack of all trades master of none - leaving users having to hop around between different parts in an inconsistent manner.
Furthermore, Nessus here picked up an error Qualys missed caused by our desktop team having the wrong CAB file in SCCM.
BUT all this is no use if the tool is unmanageable or the vendor cannot be trusted - which is where we now are with Nessus.
Finally, taking the fingers-in-ears approach and shutting down the community server to avoid adverse discussion shows a company that seriously just does not get it.
Very sad. Good product. Crap company.
-
-
Thursday 15th February 2018 11:17 GMT Tom Paine
One more lost sale here
Employer merged with an equivalently sized peer. I went to kick the tyres of the Nessus install on the other side, as I was looknig forward to ditching the bloated, "quirky", wildly over-complicated Qualys system we have on "our" side.
and couldn't for the life of me figure out why there was no "add new user" button. When support told me I couldn't really believe it, I assumed I was talking to clueless first-line - but no. Srsly?
Maybe they don't realise that accountability for actions via individual named accounts associated with a single natural person has been a mandatory enterprise security requirement for, what,.. 25 years? 30?
Anyway, they've walked away from a deal for 5000 users / 30,000 devices. We'd probably need a couple of dozen scanners, maybe more (it's a sprawling multi-national with dozens of obscure business units and branch offices.)
Walk away, Rene...