Mandiant Advantage Attack Surface Management vs. Tenable Vulnerability Management

Overview
ProductRatingMost Used ByProduct SummaryStarting Price
Mandiant Advantage Attack Surface Management
Score 9.1 out of 10
Enterprise companies (1,001+ employees)
Since 2004, Mandiant has been a partner to security-conscious organizations. Mandiant’s approach helps organizations develop more effective and efficient cyber security programs and instills confidence in their readiness to defend against and respond to cyber threats.N/A
Tenable Vulnerability Management
Score 9.5 out of 10
N/A
Vulnerability management specialist Tenable offers their cloud application and container security platform Tenable Web App Scanning (formerly Tenable.io), a vulnerability management tool that emphasizes visibility of web applications, automatic scanning, and a unified view of cloud infrastructure and possible inconsistencies indicating a vulnerability.N/A
Pricing
Mandiant Advantage Attack Surface ManagementTenable Vulnerability Management
Editions & Modules
No answers on this topic
No answers on this topic
Offerings
Pricing Offerings
Mandiant Advantage Attack Surface ManagementTenable Vulnerability Management
Free Trial
YesNo
Free/Freemium Version
YesNo
Premium Consulting/Integration Services
NoNo
Entry-level Setup FeeRequiredNo setup fee
Additional Details
More Pricing Information
Community Pulse
Mandiant Advantage Attack Surface ManagementTenable Vulnerability Management
Features
Mandiant Advantage Attack Surface ManagementTenable Vulnerability Management
Threat Intelligence
Comparison of Threat Intelligence features of Product A and Product B
Mandiant Advantage Attack Surface Management
7.7
Ratings
3% below category average
Tenable Vulnerability Management
8.4
Ratings
6% above category average
Network Analytics8.20 Ratings10.00 Ratings
Threat Recognition7.30 Ratings10.00 Ratings
Vulnerability Classification7.30 Ratings10.00 Ratings
Automated Alerts and Reporting8.20 Ratings4.00 Ratings
Threat Analysis8.20 Ratings10.00 Ratings
Threat Intelligence Reporting6.40 Ratings5.00 Ratings
Automated Threat Identification8.20 Ratings10.00 Ratings
Vulnerability Management Tools
Comparison of Vulnerability Management Tools features of Product A and Product B
Mandiant Advantage Attack Surface Management
7.6
Ratings
6% below category average
Tenable Vulnerability Management
8.8
Ratings
8% above category average
IT Asset Realization8.20 Ratings8.00 Ratings
Authentication7.30 Ratings10.00 Ratings
Configuration Monitoring8.20 Ratings8.00 Ratings
Web Scanning6.40 Ratings8.00 Ratings
Vulnerability Intelligence8.20 Ratings10.00 Ratings
Best Alternatives
Mandiant Advantage Attack Surface ManagementTenable Vulnerability Management
Small Businesses
Action1
Action1
Score 9.5 out of 10
Action1
Action1
Score 9.5 out of 10
Medium-sized Companies
Action1
Action1
Score 9.5 out of 10
Action1
Action1
Score 9.5 out of 10
Enterprises
CrowdStrike Falcon
CrowdStrike Falcon
Score 9.1 out of 10
CrowdStrike Falcon
CrowdStrike Falcon
Score 9.1 out of 10
All AlternativesView all alternativesView all alternatives
User Ratings
Mandiant Advantage Attack Surface ManagementTenable Vulnerability Management
Likelihood to Recommend
8.2
(0 ratings)
10.0
(0 ratings)
Likelihood to Renew
-
(0 ratings)
9.0
(0 ratings)
Usability
-
(0 ratings)
8.0
(0 ratings)
Support Rating
-
(0 ratings)
8.8
(0 ratings)
User Testimonials
Mandiant Advantage Attack Surface ManagementTenable Vulnerability Management
Likelihood to Recommend
Many companies that have an presence can benefit from using Mandiant ASM to identify and manage their internet facing assets, like web servers, email servers and DNS servers. This helps reduce the risk of cyberattacks targeting these assets.However smaller organizations with exposure might not always need the extensive attack surface monitoring provided by Mandiant ASM. For example a small company with one website may not require much monitoring, as a larger corporation.
Read full review
Tenable.io is a cost effective Internal and External scanner. The Internal scanner came with a .ova, so it was very simple and quick to deploy it into our ESXi environment. It has a cloud-based dashboard for management and the internal scanner is configured to auto-update from Tenable.io. The license came with 4 External PCI scans (with remediation) a year.
Read full review
Pros
  • Mandiant ASM combines sources of information such, as assets through the internet cloud resources and suppliers from third parties. This comprehensive approach provides organizations with an understanding of their external attack surface.
  • With scanning Mandiant ASM identifies threats and vulnerabilities present on the external attack surface and promptly notifies users. Whenever a new threat or vulnerability is detected an alert is generated to empower enterprises to take action in mitigating the risks.
  • Mandiant ASM assesses risks based on their likelihood of exploitation impact on organizations and severity. This prioritization enables organizations to focus their efforts, on addressing the risks effectively.
Read full review
  • Wide range of capabilities that can be customized to fit each user's environment and needs
  • Provides high-quality data and insights into detected vulnerabilities
  • Great customer support
Read full review
Cons
  • To enhance user experience it would be beneficial to make the interface more user friendly and easier to navigate. This can be achieved by simplifying the layout offering help when needed and utilizing terminology that's easily understandable.
  • Additionally incorporating reporting features that are customizable will empower users to generate reports tailored to their individual requirements.
  • In order to enhance the solutions efficiency optimizing the code and implementing data structures would prove valuable.
Read full review
  • Configuration is not always intuitive, but the comprehensive training and documentation comes to the rescue.
  • The mix of classic and beta UIs currently is confusing and we find the classic UI is actually better.
Read full review
Likelihood to Renew
No answers on this topic
We like to renew tenable each year we have had it so far.
Read full review
Usability
No answers on this topic
Overall it is good, it took a little while to understand it and figure things out but once you have a good grasp on it then, it is very good.
Read full review
Support Rating
No answers on this topic
Support is usually really great at walking you through any steps you need to take when you get stuck on something. There are a few false positives and errors that have come up over the years that required their help to get through. Unfortunately, the steps required to diagnose some problems are more tedious than I think should be necessary. (IE: SQL instances can throw errors that clog up your logs because one plugin affects it in a certain way. The process to diagnose this is to watch timestamps of plugins in a log while monitoring the SQL logs at the same time and using your best guess as to what is causing it.)
Read full review
Alternatives Considered
I decided to go with Mandiant Advantage Attack Surface Management because it offers a range of features performs excellently and is easy to use. What I really appreciate about Mandiant is their commitment, to innovation and their proven track record, in ensuring security.
Read full review
I think Tenable and Qualys have a lot of similarities, I continue to go back to Tenable because of my familiarity and comfort level with it. I've also used a company called SecurityMetrics which has vulnerability scanning included but it is not as comprehensive as Tenable.
Read full review
Return on Investment
  • .
  • Automation plays a role in saving time by streamlining operations related to attack surface management. These include automated asset discovery, vulnerability scanning and continuous monitoring of threat intelligence. As a result security teams can allocate their efforts towards projects such as security planning and incident response.
  • ASM provides a view of the external attack surface, for businesses encompassing internet facing assets, cloud resources and third party vendors. This enhances the understanding of assets enabling organizations to identify and prioritize risks effectively and make decisions on security investments
  • One notable advantage is cost savings. By eliminating the need to purchase and maintain security tools ASM becomes a solution for enterprises. It can replace products, like asset discovery tools, vulnerability management tools and threat intelligence feeds with its capabilities.
Read full review
  • We're able to mitigate over 90% of our vulnerability risk without too much effort. It helps find where automated patching fails and we can plan a fix from the findings.
  • A side effect of our scanning reveals new devices on our network that aren't cleared to be.
Read full review
ScreenShots