Check out our March newsletter to learn about the latest product and research updates, upcoming and on-demand webinars, and educational content — all to help you get more value from your Tenable solutions.  

EXPOSURE 2026 

Save 50% on the security conference of the year

Don’t miss EXPOSURE 2026, the first-ever conference dedicated exclusively to proactive, unified exposure management. Join us in Boston, Mass., from May 19-21, 2026, to get:

• Hands-on instruction with Exposure Management Strategy or Tenable One Technical Training
• Practical resources and real-world insights from Tenable leaders and industry experts

Register before March 31 to save 50% off admission and training with early-bird pricing.

Tenable customer update webinar

11 a.m. EST/3 p.m. BST, April 9, 2026 

Join our upcoming webinar for an informative, fast-paced overview of recent product updates and best practices. Hosted by a team of Tenable product experts, this session will explore how to better secure your expanding attack surface and consolidate critical security data.

Register now.

Tenable One

Coming soon: Data portability for Tenable Attack Path Analysis (APA)

We’re introducing Full Export for Tenable APA, allowing you to move beyond single-page views and transform high-level visualizations into actionable offline intelligence.

Key capabilities:

• Comprehensive data: Export full datasets for Top Attack Paths and Top Attack Techniques into CSV or JSON formats.
• Risk context: Exports include critical metrics like Source NES (Node Exposure Score) and Target ACR (Asset Criticality Rating).
• High capacity: Easily trigger exports for up to 100K+ results via a new global UI button.
• API parity: Programmatically pull path data into your SIEM, SOAR, or custom tools using the Tenable Public API.

 

Tenable Cloud Security

This month’s updates focus on operational scale, synchronizing security standards, and automating remediation across complex multi-cloud environments.

Highlight: Synchronized policy management

With linked queries, you can now connect saved explorer searches directly to custom policies and reports.

• Eliminate manual version control: When you update a source query, every linked policy and report automatically syncs, so your security standards are identical across your entire organization.
• Operational control: Pause automated workflows for maintenance without losing your configurations using the new enable/disable toggle for automation rules.

High-impact capabilities

• Actionable CI/CD pipelines: Maintain developer velocity by excluding unresolvable vulnerabilities from container image scans. This prevents noise from breaking builds when no patch is currently available.
• Confirmed reachability: Bridge the gap between theoretical risk and actual exposure with Network Endpoints now displayed in your Inventory to surface the actual, validated entry points for your resources.
• Dynamic IaC protection: Tenable now scans Terraform dynamic configurations to give you visibility into scaled infrastructure and complex definitions before deployment.
• Expanded compliance: Immediate support for CIS AWS 6.0.0 and the NIS2 Directive keeps your cloud accounts aligned with the latest global regulatory benchmarks.

Strategic update: Domain transition

Note: Critical for continued service. The Console URL has officially transitioned to app.tenable.com. Please update your bookmarks and firewall allow lists to include *.app.tenable.com immediately to prevent service interruption.

View Full March Release Notes

Tenable Vulnerability Management

Introducing VM-Native OT Discovery 

Safely identify and profile connected PLCs, HMIs, and IoT devices using the vulnerability management toolset you already own. No specialized hardware or complex deployments required. Turn your existing IT security tools into a safe OT discovery engine today and get visibility into your IT/OT security gap.

Watch the guided demo to see this new capability in action. For more information, explore the user guide documentation for Scan Templates and Discovery Settings.

Clean up your scan data: New OS and app inventory dashboard

Our new Operating System and Application Inventory with Data Troubleshooting dashboard gives you an instant, high-level view of your asset counts across every OS and application. By using built-in troubleshooting queries, you can identify and fix scan fidelity issues and prioritize risk based on the most accurate data possible. View the dashboard details.

Nessus

Maximize your vulnerability assessment strategy with our recently introduced interactive Tenable Nessus demos. Skip the manuals and get immediate, hands-on experience securing your attack surface.

• Explore the Nessus Professional Onboarding demo to launch your first comprehensive scans in minutes.
• Dive into the Nessus Expert Onboarding demo to master advanced assessment features and eliminate security blind spots, whether on-prem or in the cloud. 

Tenable Security Center

Uncover the OT blind spots across your network 

If you’re not already a Tenable OT Security user, your IT environment is likely full of shadow OT, like HVAC controllers and IoT devices, that standard scans can’t see. We recently added native OT discovery capabilities directly inside Tenable Security Center, so you can safely map these assets using the tools you already own. Get deep identity data for PLCs and HMIs without risking a disruption or deploying new network sensors.

See it in action in this guided demo, and find out how to configure your first scan here.

Reminder: Upgrade to Tenable Security Center 6.8 

Focus on the vulnerabilities that truly matter with AI-powered VPR insights and clear mitigation guidance. This release streamlines your operations with unified asset repositories for IPv4, IPv6, and Agents, and improves efficiency with new background query processing and scan optimization tools. Explore the release notes for more information before you upgrade.

Tenable Patch Management

Improved patching precision and reliability

Update (v10.0.971.26) includes critical fixes around strategy corruption and inaccurate compliance reporting. By upgrading, you keep your workflows intact, your data precise, and your environment benefits from the modernized performance and security of Java 25. View the release notes or access TPM documentation. 

Tenable OT Security

Update required: Tenable OT Security 4.5 Service Pack (version 4.5.61)

We advise all customers currently running version 4.5 apply this upgrade immediately to ensure optimal system stability and performance when processing high volumes of network conversations. This update also addresses specific communication gaps with Rockwell Stratix devices and Nessus scans. Review the release notes for the full list of fixes and improvements.

Introducing Tenable OT Security 4.6 (Early Access)

Our upcoming release introduces a variety of new features, performance enhancements, and streamlined workflows for large-scale industrial environments.

• Massive subnet scaling: Now supports up to 5,000 subnets per ICP, significantly increasing visibility for massive enterprise deployments.
• Centralized network management: A new Monitored Networks page includes bulk-add capabilities and the ability to stage inactive networks before monitoring.
• Precision scanning: New Nessus workflows let you define specific credential usage per scan for safe discovery of sensitive assets.
• Streamlined platform navigation: Updated workflow for SSO/SAML users helps you pivot back to the Tenable One platform instantly with the return button.
• Remote agent updates and query restrictions: Update OT agents directly from the ICP. and remove local site visits or manual CLI intervention. New infrastructure for OT agents also enables you to restrict specific protocol queries.
• Enhanced diagnostics: Exported asset logs now include deeper metadata to speed up Support and Engineering troubleshooting.
• IoT connector overhaul: Major stability and performance fixes for Milestone, AvigilonES, and Exacq Edge integrations for IoT asset discovery.

This update focuses heavily on large-scale infrastructure, refined scan controls, and better integration with the Tenable One ecosystem. Check out the release notes and user guide for details.

Tenable Web App Scanning

Stop chasing dead keys: New secrets validation for WAS

Don’t waste time manually verifying every leaked credential. Our new Secrets Validation automatically tests detected tokens, like GitHub or AI service API keys, to see if they are live and exploitable. By distinguishing between a harmless string and a critical vulnerability, you can prioritize your remediation efforts based on real-world risk, rather than noise.

View the documentation or read the full breakdown on Tenable Connect. 

Tenable Training and Product Education

Evolve from reactive patching to proactive risk oversight 

The Exposure Management Business Theory course, now available at no cost in Tenable University, guides you in self-paced modules toward building a sustainable exposure management program through the five pillars of the exposure lifecycle: scoping, discovery, prioritization, validation, and mobilization. Get strategic insight to align Tenable’s capabilities with your business goals, drive meaningful change, and make informed decisions. 

Get hands-on expertise with current industrial security capabilities

The newly-updated Tenable OT Security Specialist instructor-led training course, now aligned with Tenable OT Security version 4.4, ensures you can effectively protect your critical infrastructure using the latest product features and workflows. You will learn to: 

• Maximize visibility: Learn to leverage these enhancements to see and secure every asset in your OT environment.
• Reduce risk: Practice real-world scenarios to identify vulnerabilities and threats faster.
• Get expert guidance: Interact directly with instructors to master complex configurations and best practices.

Visit tenable.com/education to learn more about our Tenable University education offerings, see global instructor-led training (ILT) schedules, and buy virtual ILT or on-demand courses.

Tenable webinars

Tune in for product updates, demos, how-to advice, and Q&A. See all upcoming live and on-demand webinars at https://www.tenable.com/webinars.

Customer office hours 

These are recurring ask-me-anything sessions for Tenable Security Center, Tenable Vulnerability Management, Tenable Cloud Security, Tenable Identity Exposure and Tenable OT Security. Time-zone-appropriate sessions are available for the Americas, Europe (including the Middle East and Africa and Asia Pacific (APJ). Learn more and register here. 

Tenable Research

Research Security Operations blog posts

Subscribe to the Research team blog posts here.

• The cloud and AI velocity trap: Why governance is falling behind innovation
• Dynamic objects in Active Directory: The stealthy threat
• New malicious npm package "ambar-src" targets developers with open-source malware

Research release highlights

Improvement: Handling component installs for vulnerability assessment: Adds the ability to remove findings for component-based vulnerabilities from scan results

New Dell OS10 compliance plugin and audit files: Customers can now measure compliance against Dell OS10 devices with new plugin ID Dell OS10 Compliance Checks (275781) on Tenable Vulnerability Management and Nessus.

Content coverage highlights

• More than 2,700 new published vulnerability plugins.
• Nearly 50 new audits delivered to customers.

 

Read Tenable documentation.