AlienVault vs Tenable for Continuous Security

Posted by UpGuard

AlienVault vs. Tenable

As perimeter-based cyber protection falls to the wayside, a new breed of continuous security solutions are emerging that combine traditional endpoint protection with newer technologies like security information and event management  (SIEM) and crowdsourced threat intelligence. These next generation security platforms attempt to address the needs of both traditional on-premise data centers as well as organizations with entire IT infrastructures in the cloud. Two vendors—AlienVault and Tenable—have products on the market that fall in this category. Let's see how they stack up in this comparison.

Both AlienVault and Tenable's security platforms consist of several working components that together form a layered security offering. AlienVault's Unified Security Platform (USM) combines a virtual appliance with both a network and host-based intrusion detection systems (IDS), as well as SIEM and continuous threat intelligence.

alienware.pngThe AlienVault USM Platform. Source:

Similarly, Tenable's SecurityCenter Continuous View (SCCV) combines agent-based vulnerability scanning with several security data acquisition technologies like crowdsourced threat intelligence and vulnerability management.



Learn More: UpGuard + DevOps


AlienVault is perhaps most widely known for its Open Source Security Information Management (OSSIM) project—an early SIEM platform that eventually led to the formation of the company. AlienVault USM is essentially a suite of continuous security solutions developed around the OSSIM offering to augment its capabilities. However, OSSIM pales in comparison the complete USM offering, which offers more along the lines of enterprise features (e.g., long-term forensic storage of events), scalability, and support.  The company also has a secret weapon of sorts in its arsenal: the Open Threat Exchange, purportedly the world's largest crowdsourced security database with over 26,000 participants in 140 countries sharing upwards of a million potential threats daily.


Like AlienVault, Tenable's claim to fame is the product it offers free of charge, not its enterprise security platform. In this case, its Nessus vulnerability scanner is—according to—the world's most popular vulnerability scanner. Nessus continues to be available free of charge, but the source code has been closed since 2005. Tenable's SCCV includes Nessus alongside a host of other continuous security mechanisms including malware detection, anomaly detection, and analytics.


Side-by-Side Scoring: AlienVault vs. Tenable

1. Capability Set

Both USM and SCCV attempt to house all of an organization's continuous security needs under one roof. AlienVault's platform combines several tools for SIEM, IDS (network and host-based), asset discovery, netflow analysis, and vulnerability assessment under one management GUI and mostly succeeds in offering a comprehensive, unified platform for IT security. SCCV is also a holistic security offering that focuses on vulnerability scanning/management and analytics, with strengths in compliance and configuration auditing as well as anomaly and malware detection.  Both platforms succeed at offering an impressive set of capabilities for the price when compared with similar enterprise offerings.

Capability Set

AlienVault score_5.png
Tenable score_1.png

2. Ease of Use

AlienVault USM is widely known for its intuitive, easy-to-use interface—each page of the management console is interactive and customizable. Similarly, Tenable SCCV's web-based interface is streamlined and simple to grasp. The platform's policy wizards in particular make setting up specific monitoring use cases trivial. For example, PCI DSS compliance and Windows environment malware scanning can be quickly configured with out-of-the-box policies. 

Ease of Use

AlienVault score_2.png
Tenable score_4.png

3. Community Support

AlienVault is a more prominent name in the open source community, having maintained the popular SIEM project OSSIM as an open source initiative since its inception. Subsequently, community support resources for OSSIM are plentiful. On the other hand, Tenable closed the source to its award-winning Nessus vulnerability scanner years ago. Though considerable community resources can still be had online, corporate support is by far a more reliable support option.

AlienVault score_4.png
Tenable score_5.png


4. Release Rate

AlienVault USM is currently on version 5, while Tenable SCCV's current version is 5.3. AlienVault's OSSIM has had four major-version releases since its initial release in 2008; Tenable's Nessus project was started in1998 and is currently on version 6. Both products see regular releases and updates, despite the closing of Nessus' source code in 2005.

Release Rate

AlienVault score_760.png
Tenable score_570-2-1.png


5. Pricing and Support

AlienVault targets everyone from the SMB to the enterprise, while Tenable clearly has its eyes set on the enterprise. This is certainly reflected in the platforms' respective price points: USM can be had for around $5,000, while Tenable SCCV can run upwards of $20,000. Both offer standard corporate support options for a cost.

Pricing and Support

AlienVault score_570-2-1.png


6. API and Extensibility

Tenable offers a RESTful API for integrating SCCV with other platforms and custom web applications; AlienVault has no such API for integrating/customizing its USM Platform but does offer an API written in Golang for its OTX crowdsourced intelligence platform. USM can also be extended through a selection of 3rd-party datasource plugins available in its USM plugin library.

API and Extensibility

AlienVault score_570-2-1.png
Tenable score_570-2-1.png

7. 3rd Party Integrations

Interestingly, AlienVault's OSSIM is in fact made up of a series of open source integrations: Snort for IDS, Nagios for monitoring, OpenVAS for vulnerability assessment, among others. USM also integrates with a number of security devices and—as mentioned previously—offers 3rd-party datasource plugins from its plugin library.

Tenable's enviable list of integrations are detailed on its corporate website and has everything from AirWatch mobility management integration to FireEye and Fortinet device auditing. Additionally, nessus can be easily integrated with the majority of popular patch management systems on the market.


3rd Party Integrations

AlienVault score_570.png
Tenable score_570.png

8. Companies that Use It

Both AlienVault USM and Tenable SCCV are in use by numerous organizations small and large—including many of the Fortune 500s. Subaru, Focus Brands, Hulu, and the U.S. Air Force are among some of AlienVault's more notable customers while Tenable is in use by Starwood, the U.S. Department of Defense, and Healthdirect Australia, among others.

Companies that Use It

AlienVault score_570.png
Tenable score_570.png

9. Learning Curve

AlienVault USM's wizard-driven set up and intuitive management console makes getting up to speed with the platform a lot easier than other similar solutions on the market. Tenable SCCV also sports a modern, streamlined web interface; that said, configuring and gaining proficiency with the platform requires significantly more effort than USM. And because of its modular nature, each of SCCV's components must be installed and configured separately.

Learning Curve

AlienVault score_570.png
Tenable score_570.png


Scoreboard and Summary

  AlienVault Tenable
Capability Set score_570.png score_570.png
Ease of Use score_570.png score_570.png
Community Support score_570.png score_570.png
Release Rate score_570.png score_570.png
Pricing and Support score_570.png score_570.png
API and Extensibility score_570.png score_570.png
3rd Party Integrations score_570.png score_570.png
Companies that Use It score_570.png score_570.png
Learning Curve score_570.png score_570.png
Total  4.1 out of 5  3.9 out of 5

In short, both AlienVault USM and Tenable SCCV offer comprehensive cyber protection in the form of layered security mechanisms working in concert: SIEM, IDS, vulnerability scanning, and the like. From a cost and implementation perspective, USM is generally a more accessible security platform than SCCV for SMBs. On the other hand, SCCV—with its REST API, robust policy-driven features, and significantly higher price point—is an offering in line with the needs of today's enterprise.

Read next: UpGuard vs. Tripwire


More Articles

How CSTAR Works

All the information needed to perform a CSTAR assessment is bundled into the UpGuard platform. Learn more about CSTAR.
Read Article >

What's In the Website Risk Grader?

The UpGuard Website Risk Grader provides a low friction way to get an initial assessment of a business' risk profile.
Read Article >

Understanding Risk in the 21st Century

And as we enter 2016, the risk of data breaches in particular threatens to hamper business innovation.
Read Article 


Topics: compliance, monitoring, continuous security


  Featured Download – The DevOps Toolchain eBook
UpGuard customers