CAST Highlight vs. Tenable Vulnerability Management

CAST Highlight

Tenable Vulnerability Management

Overview
Product	Rating	Most Used By	Product Summary	Starting Price
CAST Highlight	Score 8.2 out of 10	Enterprise companies (1,001+ employees)	CAST headquartered in New York offers Highlight, an application portfolio management solution providing software component analysis , application security, application benchmarking, and technical due diligence.	$25,000 per year
Tenable Vulnerability Management	Score 9.0 out of 10	N/A	Vulnerability management specialist Tenable offers their cloud application and container security platform Tenable Web App Scanning (formerly Tenable.io), a vulnerability management tool that emphasizes visibility of web applications, automatic scanning, and a unified view of cloud infrastructure and possible inconsistencies indicating a vulnerability.	N/A

Pricing

CAST Highlight

Tenable Vulnerability Management

Editions & Modules

Cloud: 25k
Portfolio Size 25
SCA: $26k
Portfolio Size 25
Complete: 33k
Portfolio Size 25

No answers on this topic

Offerings

Pricing Offerings
CAST Highlight	Tenable Vulnerability Management
Free Trial
Yes	No
Free/Freemium Version
No	No
Premium Consulting/Integration Services
Yes	No

Entry-level Setup Fee

Optional

No setup fee

Additional Details

Annual Pricing by Size of Application Portfolio

—

More Pricing Information

Community Pulse
	CAST Highlight	Tenable Vulnerability Management
Top Pros	Pro Industry best Pro Data privacy	Pro Vulnerability scanning Pro Ease of deployment Pro Configuration options
Top Cons	Minus Code base Minus Broken down Minus Spent a lot	Minus Renewal process Minus Resource utilization Minus Options available

Features

CAST Highlight

Tenable Vulnerability Management

Threat Intelligence

Comparison of Threat Intelligence features of Product A and Product B
	CAST Highlight - Ratings	Tenable Vulnerability Management 9.6 1 Ratings 17% above category average
Network Analytics	00 Ratings	9.01 Ratings
Threat Recognition	00 Ratings	10.01 Ratings
Vulnerability Classification	00 Ratings	10.01 Ratings
Automated Alerts and Reporting	00 Ratings	10.01 Ratings
Threat Analysis	00 Ratings	9.01 Ratings
Threat Intelligence Reporting	00 Ratings	9.01 Ratings
Automated Threat Identification	00 Ratings	10.01 Ratings

Vulnerability Management Tools

Comparison of Vulnerability Management Tools features of Product A and Product B
	CAST Highlight - Ratings	Tenable Vulnerability Management 8.8 1 Ratings 5% above category average
IT Asset Realization	00 Ratings	8.01 Ratings
Authentication	00 Ratings	8.01 Ratings
Configuration Monitoring	00 Ratings	9.01 Ratings
Web Scanning	00 Ratings	9.01 Ratings
Vulnerability Intelligence	00 Ratings	10.01 Ratings

Best Alternatives
	CAST Highlight	Tenable Vulnerability Management
Small Businesses	No answers on this topic	ThreatDown, powered by Malwarebytes Score 8.7 out of 10
Medium-sized Companies	Palo Alto Networks Prisma Cloud Score 8.1 out of 10	CrowdStrike Falcon Score 9.1 out of 10
Enterprises	Palo Alto Networks Prisma Cloud Score 8.1 out of 10	CrowdStrike Falcon Score 9.1 out of 10
All Alternatives	View all alternatives	View all alternatives

User Ratings
	CAST Highlight	Tenable Vulnerability Management
Likelihood to Recommend	10.0 (1 ratings)	9.0 (6 ratings)
Likelihood to Renew	- (0 ratings)	9.0 (1 ratings)
Support Rating	10.0 (1 ratings)	8.8 (2 ratings)

User Testimonials
	CAST Highlight	Tenable Vulnerability Management
Likelihood to Recommend	CAST I think CAST is a great tool to give insight into your applications. The tool can be met with resistance from team members as the tool is going to expose defects that should be addressed. Out of the box, it may need some tailoring to focus on certain areas so that you are not overwhelmed with defects the first time you scan your code. But ultimately, you will want to eliminate all defects in the code and have all violations turned on. Incentivized Gene Baker Vice President, Chief Architect, Development Manager and Software Engineer Read full review	Tenable I've been using this product since it began as an open source product, I really like it and for the money, I think it's probably the best choice for most companies who need a product like this. Over the years I've seen the interface change quite a bit and sometimes I think it's a bit unclear how to do certain things and the different packages can be confusing, these are the only reasons I'm giving it a 9 instead of a 10. Incentivized Verified User Anonymous Read full review
Pros	CAST Identifies common coding vulnerabilities. Compares code to industry best practices. Assesses the code for data privacy compliance. Incentivized Gene Baker Vice President, Chief Architect, Development Manager and Software Engineer Read full review	Tenable Setup of the internal scanner was fairly simple and straight forward. An update came out for the internal scanner that allows you to add an Internal Certificate Authority for lookup. Has automated reporting to keep executives and compliance departments informed. Internal scanner can be configured to auto-update itself. "Recast Rules" allows your organization to redefine a vulnerabilities' classification, if it is not applicable or your disagree. External PCI scans allow you to remediate before submitting to Tenable.io for review. Tenable.io staff was very patient and helpful. They provided some limited guidance with remediation. Internal and External scans can be automated. schedule for the automated scans is very granular. Incentivized Verified User Anonymous Read full review
Cons	CAST Code scans could be faster. A large application may need to be broken down into smaller sub-applications in order to facilitate faster code scans. We spent a lot of time trying to figure out how to best structure our code base in the application for ultimate performance. Incentivized Gene Baker Vice President, Chief Architect, Development Manager and Software Engineer Read full review	Tenable Expensive - You do pay a slight premium for the best product in the space. Asset management is difficult to work with if you have a lot of asset turnover, the license can be ''held'' for 3-6 months after the asset is gone from your environment. Incentivized Randy Munroe Information Security Analyst Read full review
Likelihood to Renew	CAST No answers on this topic	Tenable We like to renew tenable each year we have had it so far. Incentivized Verified User Anonymous Read full review
Support Rating	CAST Tech support and pro services are top-notch. Incentivized Gene Baker Vice President, Chief Architect, Development Manager and Software Engineer Read full review	Tenable Support is usually really great at walking you through any steps you need to take when you get stuck on something. There are a few false positives and errors that have come up over the years that required their help to get through. Unfortunately, the steps required to diagnose some problems are more tedious than I think should be necessary. (IE: SQL instances can throw errors that clog up your logs because one plugin affects it in a certain way. The process to diagnose this is to watch timestamps of plugins in a log while monitoring the SQL logs at the same time and using your best guess as to what is causing it.) Incentivized Randy Munroe Information Security Analyst Read full review
Alternatives Considered	CAST These other tools only do a part of what CAST does. CAST gives a comprehensive view into the code looking at all aspects, code quality, security, maintainability, vulnerability, privacy, reuse, etc. These other tools only focus on one or two dimensions. Incentivized Gene Baker Vice President, Chief Architect, Development Manager and Software Engineer Read full review	Tenable Tenable.io has a comparable set of features, with excellent support and a competitive price. After less than desirable experiences with another company, we moved to Tenable and haven't looked back since. Incentivized Matthew White Cloud Security Architect/SQL Server DBA Read full review
Return on Investment	CAST I believe once we had the tool working for our code base, we immediately saw positive ROI. We spent some time getting to where our code code be scanned efficiently but some of that was trying to do things ourselves instead of fully utilizing Cast Professional Services. I highly recommend to do an engagement with CAST to have them help setup the tool in your environment or to run it in the cloud for you. Incentivized Gene Baker Vice President, Chief Architect, Development Manager and Software Engineer Read full review	Tenable Since this is a requirement for our PCI compliance and the cost is relatively low, the ROI isn't really something we need to think too much about, Tenable's pricing is fair and affordable. Incentivized Verified User Anonymous Read full review
ScreenShots	CAST Highlight Screenshots