Greetings! Check out our December newsletter to learn about the latest product and research updates, upcoming and on-demand webinars and educational content — all to help you get more value from your Tenable solutions. 

Tenable One

What's new in Tenable One: November 2025 release

This month's release delivers broader visibility, deeper insights, and more tailored data analysis to help you manage and reduce risk.

Release highlights: 

• New Tenable One Connector: Connect Tenable One with your Claroty platform to manage OT risks alongside the rest of your attack surface to reveal how IT exposures can directly impact industrial control systems and critical infrastructure. Protect uptime and safety by viewing IT and OT as a single, connected environment.
  
  
• Edit widgets: Edit and update widgets on dashboards you own. Customize all configuration parameters, including widget type, categories, values, data labels, stacking, and filters, to tailor insights to your specific needs.
  
  
• RBAC new roles: Unlock more precise access control with a new custom exposure management role for more granular access to the different modules in Tenable One, including tag enforcement, along with a dedicated read-only role for improved oversight.

See all platform enhancements >>

Tenable Is a Leader in the First-Ever Gartner®️ Magic Quadrant™️ for Exposure Assessment Platforms

We’re proud to share that Tenable has been named a Leader in the first-ever 2025 Gartner Magic Quadrant for Exposure Assessment Platforms, ranking highest for both Ability to Execute and Completeness of Vision.

Tenable was also positioned as a Leader in both the IDC MarketScape: Worldwide Exposure Management 2025 Vendor Assessment and The Forrester Wave™️: Unified Vulnerability Management, Q3 2025.

This recognition wouldn’t be possible without you — our customers. Your insights, feedback, and collaboration have been instrumental in shaping Tenable One, helping organizations around the world reduce exposure risk across their entire attack surface.

Get the report >

Tenable Cloud Security

• Console | Unified cross-cloud view: Explorer is the new unified page. Get a complete cross-cloud view of all resources and findings. Query across objects, export results, and use Graph view to visualize risk paths.
• Network | Validate real-world exposure: Network Scanner now validates actual external exposure to identify truly reachable cloud resources and exposed endpoints. Use real-world data to cut false positives and sharpen prioritization.
• IAM | Full entitlement insight: Inventory now displays all roles and identity-based policies across AWS, Azure, GCP, Entra ID, and Google Workspace, including unused ones. Proactively reduce entitlement risk by creating custom least-privilege policies for any supported role.
• Vulnerability management | Public AMI scanning: Expanded AWS coverage now supports scanning public AMIs (cloud-managed AMIs), including vendor and AWS-published images in your posture assessments for a comprehensive security view.

View all updates>> 

Tenable Vulnerability Management

Mobilize your VM data 

Unify teams and streamline remediation workflows with the initial release of mobilization services, beginning with ticketing integrations in Tenable Vulnerability Management. 

Automatically or manually create bi-directional tickets in Jira Cloud via Exposure Response Initiatives. This capability accelerates response times by synchronizing your security findings with tickets in Jira Cloud. 

See mobilization in action: Watch this walkthrough to see how to set up and use the new ticketing integration. Review the documentation and Quick Reference Guide for detailed steps. Note: ServiceNow ITSM ticketing mobilization is coming soon.

Tenable Security Center

What’s new in Tenable Security Center 6.7

See your environment more clearly and act faster on what matters most. This release delivers a modern, intuitive experience that improves usability, scalability, and efficiency across your operations.

Here’s what’s new:

• Explore – Assets (preview): Get a modern view of your assets with advanced filtering and improved navigation that helps you identify risks faster.
• Triggered agent scanning: Automate Tenable Agent scans based on conditions you define, so you can catch vulnerabilities sooner and respond confidently.
• Credential verification scan policy: Quickly validate Windows and Unix credential pairs with a built-in template that confirms authentication success.
• Performance and reporting enhancements: Experience faster scan ingestion, faster reporting, and improved backend performance that keeps pace with your team.

Before you upgrade: Tenable Security Center 6.7 supports upgrades from version 6.3.0 and later. Hardware specifications are updated for this release. Systems below the new recommendations will still upgrade successfully, but performance may vary.

Upgrade now and read the release notes to take advantage of these improvements and keep your environment running at peak performance.

Patches for Tenable Security Center

Address recent vulnerabilities by applying two security patches: 202509.2.1 (resolves Critical SimpleSAML CVEs) and 202509.1 (resolves High PostgreSQL CVEs). You need manual installation for both. The Software Updates feature is not compatible with these patches.

Key requirements:

• Compatibility: Patch 202509.2.1 applies to SC 6.4 through 6.6. Patch 202509.1 applies to SC 6.5.1 and 6.6.0.
• Prerequisite: If you are on SC 6.5.0, you must first upgrade to 6.5.1.
• Upgrade note: Patch 202509.2.1 may impact future SC upgrades. See this KB article for more information.

Refer to the release notes and advisories (TNS-2025-20 and TNS-2025-18) for more information and download patches here.

Tenable OT Security

Introducing Tenable OT Security 4.5 (Early Access)

The upcoming release of Tenable OT Security 4.5 – now available in Early Access – focuses on scalability for enterprise environments, enhanced power grid visibility, and improved integrations across the Tenable One portfolio.

• Advanced dynamic tagging: Streamline prioritization and reporting at scale with the ability to create rule-based groups and tags using multiple filters, including asset type, risk score, and criticality.
• Enhanced grid visibility (IEC 61850): Added support for IEC 61850 to improve passive detection of intelligent electronic devices (IEDs) with safer, deeper visibility for substation and power generation environments.
• RBAC for enterprise manager:  New role-based access controls (RBAC) enable administrators to assign users to specific ICPs using user groups, so users only view the zones they are authorized to see while inheriting ICP-level roles.
• Unified SOC visibility: You can now directly view policy violations that Tenable OT Security detects, such as unauthorized access or failed logins,  within Tenable Security Center dashboards and reports to bridge the gap between OT and the SOC.
• Expanded compliance mapping: The Compliance Dashboard now includes direct mapping for IEC 62443-3-3 and NIST-CSF to simplify how you measure and report against these critical security frameworks.

In case you missed it: What’s new in Tenable OT Security 4.4

• Unified exposure management: Sync your OT asset tags directly to Tenable One and Tenable Security Center to enrich enterprise IT security workflows with OT context.
• Deep visibility for specialized environments: Gain granular details on sensitive devices by importing PLC project files (starting with Rockwell Automation) without active queries.
• Reduced alert fatigue: A redesigned Policy Violations dashboard unifies disparate alerts into actionable insights to help you focus on your most critical exposures.
• Expanded protocols: Added support for Foxboro DCS and VXLAN environments.
• Streamlined workflows and sensor configuration: A new workflow helps you easily find and merge duplicate assets for a more accurate inventory, while a simplified sensor configuration reduces deployment complexity.

Review the release notes to see what’s new and how to upgrade.

Tenable Identity Exposure

• Attack path optimization: Complex attack path queries now time out after three minutes and automatically revert to the shortest, most viable path. Get critical findings faster when dealing with large-scale domain environments. (v3.109)
• Syslog direct linking: Syslog alerts now contain a new time-based URL. Use this link to jump instantly to the exact incident details within Tenable Identity Exposure to accelerate your investigation and response workflow. (v3.108)
• Kerberos IoE clarity: The Dangerous Kerberos Delegation Indicator of Exposure (IoE) now features dedicated paragraphs for each vulnerability reason to simplify understanding and make remediation steps clearer and more concise. (v3.108)

View all updates>>

Tenable Web App Scanning

Optimized scanning for production environments

Eliminate conflicts with peak traffic hours using enhanced scan windows. You can now define granular scan (green) or pause (red) windows for individual scans, independent of global settings. Whether spanning multiple days or scheduling multiple windows per day, your assessments automatically progress during approved hours without manual restarts. For more details, review the documentation for pause and resume scans and basic scan settings. 

Tenable Enclave Security

Tenable Enclave Security and Container Security 1.7 now generally available

This release brings Security Center 6.7 into the Enclave Security platform and introduces exposure response for container security. See our announcement above for more information on the benefits of Security Center 6.7. 

With exposure response in container security, customers can better track and prioritize remediation efforts by:

• Creating initiatives to identify critical exposures, assign ownership and apply SLAs
• Managing initiatives through customizable dashboards
• Using advanced query capabilities to drill into specific findings, assets or vulnerability combinations. 

For more information review the Tenable Enclave Security 1.7 release notes.

Tenable Cloud Security FedRAMP

Tenable Cloud Security now available through GSA OneGov

Federal agencies can now purchase Tenable Cloud Security FedRAMP through the GSA OneGov program at a 65% discount through March 2027.  

This partnership makes  it easier and more cost effective for federal agencies to identify and reduce cloud risk by gaining visibility into misconfigurations, vulnerabilities and excessive permission across cloud environments, supporting federal cloud first policies and zero trust initiatives. 

Interested agencies should request more information on our Tenable and GSA webpage or email publicsector-gsa@tenable.com. 

For more information:

• Attend our webinar on January 15, 2026: Cloud security for federal agencies: Threats, best practices and the GSA OneGov advantage
• Read our blog: Tenable partners with GSA OneGov to help federal government boost its cloud security

 

Tenable Training and Product Education

Enhance your attack surface management skills

Benefit from a superior learning experience with the updated Introduction to Tenable Attack Surface Management course. We've introduced a modernized interface and smoother navigation for immediate improvement.

Access this no-cost course, along with many other on-demand options, anytime at Tenable University. Start learning today to gain essential skills and better manage your organization's external attack surface.

Tenable Webinars

Tune in for product updates, demos, how-to advice and Q&A. See all upcoming live and on-demand webinars at https://www.tenable.com/webinars.

On-demand 

• Escape the patching cycle. A guide to autonomous risk-based patching. 
• Securing the future of AI in your enterprise. Policy frameworks that balance opportunity and oversight. 

Customer Office Hours 

These are recurring ask-me-anything sessions for Tenable Security Center, Tenable Vulnerability Management, Tenable Cloud Security, Tenable Identity Exposure and Tenable OT Security. Time-zone-appropriate sessions are available for the Americas, Europe (including the Middle East and Africa and Asia Pacific (APJ). Learn more and register here. 

Tenable Research

Research Security Operations blog posts

Subscribe to the Research team blog posts here.

• Agentic AI security: Keep your cyber hygiene failures from becoming a global breach
• A practical defense against AI-led attacks
• CVE-2025-55182: Frequently asked questions about React2Shell: React server components remote code execution vulnerability
• FAQ About Sha1-Hulud 2.0: The "second coming" of the npm supply-chain campaign
• CVE-2025-64446: Fortinet FortiWeb zero-day path traversal vulnerability exploited in the wild
• Microsoft Patch Tuesday 2025 Year in Review
• Microsoft addresses 56 CVEs, including two publicly disclosed vulnerabilities and one zero-day that was exploited in the wild to close out the final Patch Tuesday of 2025

Research release highlights

Introducing new plugins to assess security posture for the transition toward  Post-Quantum Cryptography (PQC)!  Tenable Research PQC support helps customers inventory use of TLS and SSH quantum-resistant and vulnerable algorithms within their infrastructure using remote Nessus-based scans.  For more information, see the Release Highlight.

Content coverage highlights

• More than 5,000 new vulnerability plugins published, including new detections for the recent F5 BIG-IP Breach.
• More than 50 new audits delivered to customers.

Read Tenable documentation.