September 2025 product newsletter
Greetings! Check out our September newsletter to learn about the latest product and research updates, upcoming and on-demand webinars and educational content — all to help you get more value from your Tenable solutions. NEW! Tenable AI Exposure We have officially launched the Tenable AI Exposure platform. This platform helps you see, secure and manage how your organization uses AI tools like ChatGPT Enterprise and Microsoft Copilot across your enterprise. Safeguard sensitive data, stop AI-driven attacks and establish governance for safe AI adoption. Be among the first to try it! Learn more and sign up for the private customer preview here. Tenable One August 2025 release: This month's release delivers faster insights, broader coverage and greater control over your exposure data. Release highlights: Dashboard enhancements: With daily data updates, new chart types and dedicated filters for CISA KEV and end-of-life software, Tenable One dashboards now make it easier to analyze specific risks, communicate impact and speed up response. Tenable On-Prem Connector: Install the Tenable On-Prem Connector to create a secure, encrypted connection to safely bring on-premises exposure data into Tenable One. Get the insights you need without putting your network at risk. Asset information source display: Deduplication in Tenable One is key to ensuring a clean, accurate view of each asset, without redundant information from multiple sources. With this release, the asset details screen now clearly displays the source that populates findings and property information, so your team fully understands and trusts asset data. Dynamic asset tagging: Define dynamic rule-based criteria that automatically apply tags to all Tenable One data for easier customization and greater control over tagging rules. This improvement enables smarter segmentation, precise asset management and deeper analysis across the platform. Explore all platform enhancements Tenable Connect Coming soon: Enhanced Support case experience We're excited to announce a new case creation and management experience. This release will streamline how you open and track cases while leveraging Generative AI to improve search and help you find answers faster. Stay tuned for enablement resources posted within Tenable Connect to maximize this new functionality. Tenable Cloud Security Reminder: Tenable Cloud Security requires that you log in to view documentation and release notes. To try/see the product, contact your account manager – or request a demo. Read all about it: New Tenable white paper by Analyst IDC: “Bridging cloud security and exposure management for unified risk reduction.“ This commissioned piece explores the value of exposure management and Tenable strengths. White paper • Blog Featuring fintech customer Snoop. We are honored to share the Tenable story of Snoop, using CIEM and JIT to enforce least privilege. Video [Want to tell your Tenable story? Let your Tenable rep know. We’d love to capture it!] Security alert: Tenable Research detected a supply chain attack in certain Nx build system packages that exfiltrated secrets to GitHub. GitHub has disabled the repos, yet compromised versions may persist. We’ve flagged any affected packages in your Tenable Console (Vulnerability ID: GHSA-cxm3-wv7p-598c). Act now: Update packages and rotate exposed secrets. Platform: Default Home and Favorite dashboards. Set a default Home dashboard to see your most important security insights first, and mark frequently used dashboards as Favorites for instant access. Benefit: These usability updates let you focus on what matters most in your workflow so you can work faster, make informed decisions and keep pace as the platform adapts to your needs. Japanese language support is here. You can now navigate the full Tenable Cloud Security Console in Japanese (switch via your profile menu), and access our documentation portal in Japanese for a smoother, more localized experience. Benefit: Japanese customers are the first to benefit from our new language infrastructure, designed to accelerate the rollout of additional languages. Watch this space! CWP: Workload Protection Clusters filter and column. Identify vulnerable clusters and all related vulnerabilities more easily. (The column is hidden by default.) Resolved filter. In the Workload > Vulnerabilities table, quickly display only vulnerabilities marked as resolved. Benefit: Get clear visibility into cluster-level risks and easily distinguish open from resolved issues to streamline vulnerability management and save time. CSPM: New and updated security best practice support Tenable now supports AWS Foundational Security Best Practices, CIS Azure 2.0, CIS Kubernetes 1.8 and CIS OpenShift 1.5. Benefit: Stay ahead of evolving threats and strengthen your security posture across cloud and container environments. Up-to-date best practices simplify compliance, reduce risk and make it easier to consistently implement proven security controls. DSPM: AWS RDS support for Oracle Data protection scanning is now available for Oracle on AWS RDS, for both Enterprise and Standard license holders. Benefit: Extend visibility into sensitive data stored in Oracle RDS to improve protection and compliance across more of your cloud database environments. Tenable Identity Exposure Tenable Identity Exposure uncovers Storm-0501's cloud identity threats: Financially motivated threat actor Storm-0501 is advancing cloud-based ransomware and hybrid identity compromises to move seamlessly between on-premises Active Directory (AD) and Microsoft Entra ID. Tactics include initial identity exploitation that compromises AD and abuses non-human synced Global Admin accounts in Entra ID, along with malicious persistence, where they establish backdoors by adding rogue federated domains with tools like AADInternals to gain persistent access and impersonation capabilities. Attacker tactic How Tenable Identity Exposure prevents it Initial compromise Flags high-privilege, improperly synced Entra ID accounts from on-prem AD, a configuration Microsoft advises against. MFA bypass Identifies critical, privileged accounts missing MFA, one of the most exploited gaps in hybrid identity attacks. Malicious persistence Detects backdoor federated domains and anomalous signing certificates using multiple indicators of exposure (IOEs), including: Known Federated Domain Backdoor, Federation Signing Certificates Mismatch, Unusual Federation Certificate Validity, Federated Domains List for verification against legitimate IDPs. Tenable Identity Exposure continuous monitoring of IoEs uncovers and aids remediation of critical identity risks before groups like Storm-0501 can exploit them. Tenable Identity Exposure documentation. Tenable Vulnerability Management Streamline ACSC Essential 8 compliance with new dashboards Simplify and strengthen your Essential 8 reporting with Tenable’s new ASD Essential 8 dashboards. These dashboards take your risk-mitigation SLAs to the next level, giving you a clear, real-time view of progress toward ACSC Essential 8 compliance. Quickly spot gaps, track patching and remediation efforts, and demonstrate measurable risk reduction. Monitor internet-facing assets, ensure critical applications are patched, and confidently report on SLA performance, all in one place. Explore the resources to get started: Applying Tenable’s risk-based VM to the ACSC Essential 8 ASD Essential 8 – Patch Applications dashboard ASD Essential 8 – Internet-Facing Assets dashboard Tenable Security Center Critical security patch 202508.1 now available Protect your Security Center deployment with the new patch 202508.1, which fixes critical third-party vulnerabilities in Apache, PHP and SQLite, including CVE-2025-23048, a critical Apache flaw. The update applies to versions 6.4 through 6.6 and must be installed manually. If you’re running 6.5.0, upgrade to 6.5.1 before applying it. For full details, see the release notes, security advisory, and download the patch; this update will be included in future Security Center releases. Tenable OT Security What's new in Tenable OT Security 4.4 The latest version is now available. It introduces several new features and enhancements to improve visibility, streamline workflows, and expand coverage across your industrial environment. OT asset tag data synchronization: Asset tags you create in Tenable OT Security will sync with Tenable One and Tenable Security Center to integrate OT context directly into your enterprise-wide reporting and security workflows. Policy violations dashboard: A redesigned view aggregates disparate alerts and events (e.g. unauthorized access, configuration changes) into unified and actionable Policy Violations to significantly reduce alert fatigue so you can focus on remediating your most critical exposures. Check out this guided demo to see it in action! PLC product file imports: Import PLC project files (starting with Rockwell Automation) to enrich your asset inventory. This provides deep visibility on live or sensitive OT devices without performing active queries. Merge assets: A new workflow helps you find and merge duplicate asset entries for a cleaner and more accurate OT asset inventory. Foxboro DCS support: Gain visibility into Foxboro Distributed Control Systems to extend security monitoring into complex industrial environments. VXLAN support: Analyze network traffic within Virtual Extensible LANs (VXLAN) to monitor assets and activity in modern virtualized data centers. Multi-interface sensor configuration: A simplified workflow allows a single sensor to simultaneously listen on multiple network interfaces to reduce deployment time and complexity. Review the release notes to learn more about what’s new in this release and how to upgrade. Tenable Nessus Reminder: End of support for Terrascan in all Nessus versions Tenable announced the End of Life for Terrascan in Nessus. The last day to download the affected product(s) is Sept. 30, 2025. Customers will receive continued support through the Last Date of Support. For more information, please refer to the bulletin announcement. Reminder: Nessus 10.9 is generally available Nessus 10.9 introduces several key features to empower your security teams, including offline web application scanning in Nessus Expert. For more information, see the Nessus 10.9 release notes and Nessus 10.9 User Guide. You can also view this announcement under Product Announcements in Tenable Connect. Tenable Training and Product Education Connectors added to Tenable One Intro course The updated Introduction to Tenable One course in Tenable University now shows you how to connect third-party security tools to the exposure management platform, to give you a unified view of risk across your entire attack surface. This no-cost training is open to customers, partners, prospects and the public. Start learning today at Tenable University. Tenable webinars Tune in for product updates, demos, how-to advice and Q&A. See all upcoming live and on-demand webinars at https://www.tenable.com/webinars. Live Oct 1, 2025: Beyond the endpoint: Exposure management that’s proactive. Why endpoint-first vulnerability management isn’t enough. Oct. 7, 2025: Nessus customer update. Troubleshooting common Nessus issues. Oct. 8, 2025: Tenable Vulnerability Management customer update. Operationalizing AI Aware to discover Shadow AI in your environment. Oct. 9, 2025: Tenable One customer update. Identity security in an exposure management program. Oct. 10, 2025: Tenable Security Center customer update. In-depth guide to user roles and permissions. On-demand September Tenable Nessus customer update: From the ground up – building a custom scan policy in Nessus. September Tenable Vulnerability Management customer update: Using Nessus agents in Tenable Vulnerability Management. September Tenable One customer update: Introducing AI Exposure, and other topics. September Tenable Security Center customer update: Answering the CISO – a guide to Assurance Report Cards. Ecosystem view of risk: Integrate cloud security with your security stack. Customer office hours These are recurring ask-me-anything sessions for Tenable Security Center, Tenable Vulnerability Management, Tenable Cloud Security, Tenable Identity Exposure and Tenable OT Security. Time-zone-appropriate sessions are available for the Americas, Europe (including the Middle East and Africa and Asia Pacific (APJ). Learn more and register here.
August 2025 Product & Research Update Newsletter
Greetings! Check out our August newsletter to learn about the latest product and research updates, upcoming and on-demand webinars and educational content — all to help you get more value from your Tenable solutions. Click here to download and read the newsletter as a PDF. Thank you! Tenable is the only vendor to be named a Customer’s Choice in the 2025 Gartner® Peer Insights™ Voice of the Customer for Vulnerability Assessment. In this report, Gartner Peer Insights analyzes 1,090 reviews and ratings of nine vendors in the vulnerability assessment market. We’re grateful to you, our customers. This kind of feedback tells us we're delivering on what matters most! Learn from your peers as you choose the best solution for your vulnerability assessment program. You can read the report here. Tenable Cloud Security Reminder: Tenable Cloud Security requires that you log in to view documentation and release notes. To access the documentation or try Tenable Cloud Security, contact your account manager or request a demo. Making the Headlines Tenable Cloud Security named Major Player: In its first MarketScape for CNAPP, IDC named Tenable a Major Player after a deep evaluation of our capabilities, strategies and more. Huge thanks to all who participated in the IDC customer interviews. See the press release. Tenable Cloud Security Risk Report 2025. Have you read our cloud research team’s latest report, released in June? Make it part of your summer reading! Discover today’s top cloud risks, and how Tenable helps you stay secure: Report Webinar PR Our cloud research team never sleeps. Check out the latest discovery from our stellar team. See the blog: OCI: Remote code execution Workload Protection: Bottlerocket Monitoring and On-Demand AMI Scanning Keep reading about Tenable Cloud Security updates here. Tenable One Welcome to Tenable One Monthly Releases! Tenable One is shifting to a monthly release cadence to bring you valuable improvements more frequently. This month's release delivers streamlined workflows, smarter logic and expanded functionality. Release Highlights: New public API: Easily fetch Tenable One data into your ecosystem to automate workflows, power custom reports and streamline security operations. See Open API documentation Extended findings context: Gain deeper risk visibility with expanded findings data, now available across the platform for quicker investigations. APA is FedRAMP-Authorized: Tenable Attack Path Analysis is now FedRAMP approved for use in U.S. federal and government environments! New VPR scoring in Tenable One Inventory (Beta): We recently introduced a new VPR scoring method in Tenable Vulnerability Management. This method uses machine learning and broader threat intelligence to cut noise and highlight the top 1.6% of critical threats. This enhanced scoring is now also available in Tenable One Inventory, shown in a separate Beta column alongside your existing score. See solution overview Exposure Signals from Global Search: Create custom Exposure Signals directly from global search to streamline workflows and act faster on critical insights. Self-serve connector troubleshooting: The Connectors tab now provides greater status visibility and smarter error handling, with AI summaries and step-by-step guidance to help you resolve issues on your own. Same-source deduplication logic: Use the new Settings tab to manage how you cluster assets from the same source, so you have more control over asset merging and visibility. Dashboards enhancements: Get more refined insights and better performance with new widget-level filters, additional chart types, an improved Power BI data model and more. -> Explore all platform enhancements Tenable Identity Exposure OWASP non-human identity (NHI) Top 10: What customers need to know Machine identities now outnumber human users, and they’re often far less protected. Attackers know this and exploit non-human identities (NHIs) to move laterally, escalate privileges and maintain persistence. Tenable Identity Exposure helps you detect and manage risk across NHIs, mapped to the OWASP NHI Top 10, so you can stay ahead of evolving attack surfaces, especially across Active Directory and Entra ID. Want a deeper dive? Watch the on-demand webinar: Rage Against the Machines: How to Protect Your Org’s Machine Identities. Explore the user guide to start securing your NHIs today. Tenable Vulnerability Management (TVM) Enhancements to VPR now available! Tenable is thrilled to announce the general availability of enhanced Tenable Vulnerability Priority Rating (VPR) in the new Explore views and the Vulnerability Intelligence section within Tenable Vulnerability Management. These updates enable you to: Sharpen precision to focus on what matters most: While traditional CVSS scores classify 60% of CVEs as High or Critical, our original VPR reduced this to 3%. The enhanced VPR further refines this so your teams can focus on just 1.6% of vulnerabilities that represent actual risk to your business. You can now leverage an even broader spectrum of threat intelligence and real-time data input to predict near-term exploitation in the wild. Unlock AI-driven insights and explainability: Our new large language model (LLM) powered insights deliver instant clarity to quickly understand why an exposure matters, how threat actors have weaponized it and get clear, actionable guidance for mitigation and risk reduction. See Vulnerability Intelligence for more information. Prioritize with industry and regional context: New metadata provides crucial context to understand if a threat actor is targeting a vulnerability in your specific industry or geographic region. Leverage advanced querying and filtering: The enhanced VPR model is easily accessible for filtering and querying in the new Explore views for faster investigations and response workflows. Original VPR and the enhanced VPR ('VPR (Beta)') scores will coexist for a period of time in Tenable Vulnerability Management. We will communicate future deprecation of the original VPR in advance. For more information, see: Interactive demo Technical white paper FAQ Scoring Explained documentation Tenable OT Security Tenable OT Security 4.3: Enterprise-wide visibility and control Our latest release delivers powerful new features to enhance visibility and control across your operational technology (OT) environment and extended attack surface. Key updates in this release include: OT Agent for Windows: Extend asset discovery to hard-to-reach areas and embedded IoT systems with our new OT Agent for Windows. This lightweight, easy-to-deploy agent leverages your existing IT infrastructure to close critical visibility gaps without the need for additional hardware. Manage agents from a centralized dashboard view, with the ability to configure and schedule asset discovery and other preferences to ensure comprehensive and reliable coverage. ⚙️ Streamlined asset management: Accelerate investigations and better organize your OT/IoT inventory with new asset tags and groups. This new feature extends tagging functionality, making it easier to search for assets and reflect the structure of your environment. For Tenable Enterprise Manager users, we've also added the ability to perform centralized data updates and ruleset changes for multiple sites in batches or simultaneously, ensuring consistent administration across distributed locations. Enhanced Tenable One data integration: New data integrations allow you to accelerate investigations and proactively remediate OT risk. Tenable OT Security now reports policy events as Findings in Tenable One, giving you more visibility into events like controller code modifications and intrusion detection. This means Tenable One users can now filter for “Policy Violations" to quickly identify and address potential risks to OT environments. Additional enhancements in Tenable One include a set of new OT-related Exposure Signals, new data integrations for attack path analysis and MITRE ATT&CK mapping capabilities, and more. Additional user interface enhancements in v4.3: Asset serial number lookup via inventory Updated Sensor page navigation System Log pagination For more information, watch the latest customer update and review the full release notes. Tenable Web App Scanning API assessment enhancement: Support for GraphQL GraphQL API Assessment is now live in Tenable WAS! Use case and impact: APIs are the foundation of modern web applications and a high-value target for attackers. While Tenable already supports scanning RESTful APIs, an increasing number of applications now use GraphQL, a modern and flexible query language. With the addition of GraphQL scanning, Tenable now provides broader coverage across the modern API attack surface to help customers secure both REST and GraphQL-based applications. To get an idea of the rising popularity, both Tenable OT and Tenable Cloud Security are GraphQL APIs! For more information, see Scan Templates and Launch an API Scan in the Tenable Web App Scanning User Guide. Tenable Nessus End of support for Terrascan in all Nessus versions Tenable announces the End of Life for Terrascan in Nessus. The last day to download the affected product(s) will be Sept. 30, 2025. Customers will receive continued support through the Last Date of Support. For more information, please refer to the bulletin announcement. Nessus 10.9 is generally available Nessus 10.9 introduces several key features to empower your security teams, including offline web application scanning in Nessus Expert. For more information, see the Nessus 10.9 release notes and Nessus 10.9 User Guide. You can also view this announcement under Product Announcements in Tenable Connect. Tenable Training and Product Education We have refreshed the Tenable Education web page to help you find training across our product lineup that meets your expertise, budget and schedule. You can filter courses by product, review schedules by geographic region and easily identify no-cost courses. Additionally, we recently updated and reorganized the Frequently Asked Questions (FAQs) section for easier navigation. Tenable Research Research Rapid Response Microsoft’s July 2025 Patch Tuesday Addresses 128 CVEs (CVE-2025-49719) Oracle July 2025 Critical Patch Update Addresses 165 CVEs CVE-2025-54309: CrushFTP Zero-Day Vulnerability Exploited In The Wild Successful exploitation of CVE-2025-53770 could expose MachineKey configuration details from a vulnerable SharePoint Server Feature Release Highlights Azure Linux 3 Vulnerability Detection Nutanix Prism Central PAM Support Cisco Meraki Integration New Exposure Signals for OT and CS have been released for Exposure Management New Artificial Intelligence (AI) / Model Context Protocol (MCP) Detections More than 2,000 New Vulnerability Detections in July! Research Innovations How Tenable Research Discovered a Critical Remote Code Execution Vulnerability on Anthropic MCP Inspector AI Security: Web Flaws Resurface in Rush to Use MCP Servers OCI, Oh My: Remote Code Execution on Oracle Cloud Shell and Code Editor Integrated Services Tenable Research Advisories SimpleHelp - Multiple Vulnerabilities Gemini Search Personalization Model - Prompt Injection Enables Memory and Location Exfiltration OpenAI ChatGPT Prompt Injection via ?q= Parameter in Web InterfaceJuly Product and Research Update Newsletter
Greetings! Check out our July newsletter to learn about the latest product and research updates, upcoming and on-demand webinars, and educational content — all to help you get more value from your Tenable solutions. Click here for a downloadable PDF of this newsletter Share Your Insights at Black Hat 2025 Attending Black Hat next month? We'd love to hear your thoughts on Tenable products! Join us for a brief, filmed in-booth interview. It's a quick (less than 10 minutes) and impactful way to share your feedback. You'll have the chance to share your opinions on camera, and rest assured, if you prefer, your feedback can remain completely anonymous if you prefer. As a thank you for your time, we'll also give you an exclusive briefing on our latest product updates. Ready to make your voice heard? Email ambassador@tenable.com to schedule your session. We'll find a time that works best for you! Tenable Cloud Security Reminder: Tenable Cloud Security requires you to log in to view documentation and release notes. To access the documentation or try Tenable Cloud Security, contact your account manager or request a demo. Code security for Azure ARM and Bicep frameworks, and APIs. Tenable now natively supports Azure Resource Manager (ARM) and Bicep, expanding on existing coverage for AWS CloudFormation, Kubernetes YAML, and Terraform across all major cloud environments. Azure users can now scan for misconfigurations directly in their infrastructure as code. Notably, Tenable Cloud Security uniquely supports Bicep, which is rapidly gaining adoption due to its simplicity. Tenable tags resources in Bicep files, auto-generates underlying ARM templates, and highlights misconfigurations directly in the Bicep code, so you can work in the Bicep layer without parsing ARM output. We’ve also introduced ingestion of Tenable IaC findings via API using the “Findings” query in the GraphQL API. This enables programmatic management of finding status. The code API has full UI parity and is consistent with all Tenable API endpoints. Workload protection now supports Oracle Cloud Infrastructure + streamlined reporting. Expanding our coverage of Oracle Cloud Infrastructure (OCI), Tenable Cloud Security now offers workload protection for OCI environments. You can scan virtual machines, including those using OCI-native and customer-managed key (CMK) encrypted volumes, alongside container images and account-level resources. Additionally, across all supported cloud environments, we have streamlined reporting: you can now generate reports directly from the Vulnerabilities page, simplifying your workflow. Enhanced IAM security across permissions and access. Tenable Cloud Security’s Microsoft Entra ID integration, recently enhanced with third-party support and MFA monitoring, can now monitor and filter all app API and delegated permissions. IAM admins get a clearer, tenant-wide view of app-level permissions, making it easier to remove unnecessary access. Are you still using the now-retired Microsoft Entra Permissions Management? Tenable is a strong replacement, with advanced CIEM, JIT access, and CNAPP capabilities spanning Entra ID, Azure and more. We’ve also improved IAM visibility for AWS and GCP with exportable Permissions Query results and enhanced tracking of custom policy changes. In GCP, access-level evaluation is now deeper with added behavior analysis and resource details. Introducing custom dashboards that you can easily build in minutes. You’ve got the power! You can now customize how dashboards look and how you present security data to help users focus on what matters most. Personalize dashboards by adjusting metrics, findings and visualizations. Choose whether to make them public or private. Save time by duplicating built-in or custom dashboards. Plus, all dashboards are now centrally located in the menu for easier access. “Projects” capability now supports integrations and automations by scope. Tenable is making it easier to manage accounts and access control across multiple accounts and providers. The Projects capability, which logically groups resources in your cloud environment, now lets you configure integrations and automations at the project level. This enables more granular control and flexibility to let specific accounts or resources follow tailored workflows aligned with your organizational structure and security policies. Tenable Identity Exposure New Entra ID IoEs to strengthen identity hygiene. Tenable has added new indicators of exposure (IoEs) to help you identify and remediate hidden risks in Entra ID environments: Managed devices not required for MFA registration: Flags tenants that allow multi-factor authentication (MFA) registration from devices your organization doesn’t manage. Without requiring managed devices, attackers with stolen credentials could set up their own MFA methods without your knowledge. Admin consent workflow not configured: Detects tenants missing an active admin consent workflow. This absence can cause errors for non-admin users trying to access applications that need consent, leading to user friction or unmonitored workarounds. Password expiration enforced: Identifies domains where password expiration policies, intended to enhance security, might actually weaken it. When you force users to change passwords frequently, they often resort to simpler or repeated passwords, which makes them more vulnerable to breaches. For more information, review the release notes. Tenable Enclave Security Tenable Enclave Security 1.5 release. We’re excited to announce the release of Tenable Enclave Security 1.5. This release includes exciting new features: Deployment assessment scanning: Quickly assess new and updated deployments before they go live, improving visibility and risk reduction during rapid delivery cycles. Expanded software composition analysis (SCA): Broaden insight into your software supply chain with deeper enumeration of third-party libraries and components, including Go, Java, PHP and unpatched vulnerabilities in container images. SecurityCenter 6.6: Now powered by PostgreSQL, the latest version enhances performance, scalability and long-term support for mission-critical environments. Policy management: New and improved experience for managing policies for CI/CD pipelines or Kubernetes clusters. For more information, review the release notes. Tenable Vulnerability Management (TVM) Tenable PCI agent scan template now available. As a result of the PCI DSS 4.x specification release, credentialed scanning is now a requirement for PCI internal scanning. In response, Tenable created the Tenable PCI Agent, which you can use to scan your network via the PCI Internal Nessus Agent scan template in Tenable Vulnerability Management. PCI DSS 4.x enables you to use a customized approach objective. Using PCI DSS 4.x, the PCI Internal Nessus Agent provides the most comprehensive view of local vulnerabilities on your systems. Please visit the Scan Settings site for more details on configuring the PCI Agent and scans. Tenable Patch Management Tenable Patch Management 9.2.967.22 (on-premises). This release features minor quality improvements and bug fixes across the platform. Server updates: Bug fixes: We fixed an issue where the Business Units by Waves column in cycle tables was empty if no deployment waves existed for the cycle owner. Modified the patch server framework component to depend on the feed server, preventing a race condition during registration. Fixed a bug where patching cycles could lose business unit information after a server restart. Improved the update process for supported platforms within existing workflows and activities during server upgrades. Client updates: Bug fixes: Change to WUAHttpServer to include a content-length header on a full GET request for a file. This resolves the Windows Server 2016 patch download issue. Tenable OT Security Tenable OT Security 4.3: Scalable visibility and control for your modern enterprise. The Tenable OT Security 4.3 release delivers powerful new features to enhance visibility and control across your operational technology (OT) environments and entire attack surface. Key updates in this release include: Scalable OT agents: Extend asset discovery to hard-to-reach areas and embedded systems, closing critical visibility gaps with lightweight, easy-to-deploy agents that leverage your existing IT infrastructure. Enhanced Tenable One data integration: Accelerate investigations and improve risk remediation with new Policy Violation Findings and richer Exposure Signals for more comprehensive Attack Path Analysis. Streamlined asset management: Benefit from a responsive Vulnerability Findings side-panel for quick investigations, custom asset tags and groups for better organization, and batch data and ruleset updates in Enterprise Manager to ensure consistent administration across distributed sites or locations. Additional user interface enhancements in v4.3: You can now search the asset serial number in the inventory Updated Sensor page navigation System Log pagination To learn more about what’s new in the latest version of Tenable OT Security, watch the latest customer update and review the release notes. Tenable Nessus Nessus 10.9 is now generally available! Nessus 10.9 introduces several key features to empower your security teams: Offline web application scanning in Nessus Expert: If your organization has strict network segmentation or air-gapped environments, Nessus 10.9 now enables comprehensive web application scanning functionality. This ensures your critical web applications, even in isolated networks, receive the same thorough security assessment as those in connected environments to maintain a consistent security baseline across your entire infrastructure. Triggered agent scans in Nessus Manager: Automatically initiate vulnerability scans via Nessus Manager in response to specific events. This means you get immediate insights into your security posture as soon as the system discovers new assets or critical system changes occur. This functionality will be enabled directly through Tenable Security Center in July. Agent version declaration for offline environments in Nessus Manager: Simplify the management of your Nessus Agents in air-gapped or offline deployments. With Nessus 10.9, you can now declare agent versions for Nessus Manager agent profiles, streamlining updates and ensuring your agents are running the desired software versions, even without direct internet connectivity. Agent safe mode status reporting in Nessus Manager: Get better visibility into our Nessus Agents’ health and operational status. Nessus 10.9 provides reporting on "Agent Safe Mode" status with insights into agents that may experience issues or operate in a limited capacity. This allows for quicker identification and resolution of agent-related problems for uninterrupted scanning coverage. Nessus 10.9 is available now. We encourage all Nessus users to upgrade to take advantage of these new features and continue to strengthen your vulnerability assessment capabilities. For more information, see the Nessus 10.9 release notes and Nessus 10.9 User Guide. You can also view this announcement under Product Announcements in Tenable Connect. End of Support for Nessus and Agents on Windows 32-bit operating systems. Tenable announces End of Support for Nessus and Agents on Windows 32-bit Operating Systems. Please see the bulletin for more details. Click here to continue reading the rest of the newsletter as a downloadable PDF.June 2025 Product & Research Update Newsletter
The June 2025 Tenable Product & Research Newsletter is live. This month's edition covers updates on: Tenable Cloud Security, Tenable Identity Exposure, Tenable Patch Management, Tenable Security Center, and Tenable VM, along with updates about the Tenable Ecosystem, Tenable Connect, Training, Professional Services, Research, and more. Community Update Introducing Tenable Connect, your new customer community! Check out your new hub to connect, learn and grow with Tenable. Here’s what you’ll find: Ability to open and manage support cases Easy access to the improved account management portal Dedicated pages for product resources and training Discussion boards and opportunities to engage with your peers and Tenable Log into Tenable Connect before July 1 for a chance to win a limited edition Tenable Connect t-shirt! Tenable Identity Exposure Tenable’s Research-Driven Identity Defense Expands Tenable continues to deepen its coverage of real-world identity risks with a series of new indicators of exposure (IoEs) across both Active Directory (AD) and Entra ID. BadSuccessor—a rare, but forest-level critical, zero-day privilege escalation vulnerability in AD, was recently disclosed. Introduced with delegated Managed Service Accounts (dMSAs) in Windows Server 2025, its exposure depends on the presence of a 2025 domain controller, but the impact can be severe. An attacker with the right permissions could use a dMSA to inherit domain admin-level access and compromise the entire forest. Tenable has responded quickly with a dedicated IoE: BadSuccessor – Dangerous dMSA Permissions, now available in Tenable Identity Exposure (SaaS) v3.95. This detection flags risky dMSA inheritance paths that could enable exploitation, helping organizations stay ahead even in the absence of a Microsoft patch. Review Tenable’s technical advisory and FAQ for detailed context. More IoEs targeting real-world risk Other new IoEs target misconfigurations and gaps attackers routinely exploit, spanning Tier 0 risks in AD and hygiene issues in Entra ID. Each IoE is designed to be practical, observable and relevant, shaped by real attack behaviors, not just theoretical risks. Check out this product documentation for more information. Active Directory Tenable IoE “Sensitive Exchange Group Members” Who really sits in the most privileged Exchange groups: a Tier‑0 foothold. Tenable IoE “Exchange Permissions” Risky ACLs where Exchange rights bleed into domain control. Entra ID Tenable IoE “Users Allowed to Join Devices” Tenant setting that lets any user enroll a rogue workstation. Tenable IoE “Managed Devices Not Required for Auth” Conditional‑access gap allowing unmanaged logins. Tenable IoE “Auth‑Methods Migration Incomplete” Legacy authentication policy is still exposed. Tenable IoE “Dangerous Application Permissions” Third‑party app scopes that can exfiltrate data. Tenable IoE “Risky Users Without Enforcement” Risk‑based access policy missing for high‑risk accounts. Tenable Cloud Security Reminder: Tenable Cloud Security requires you to log in to view documentation. To access the documentation or try Tenable Cloud Security, contact your account manager or request a demo. Enhanced CVE detection and customizable severity metrics Tenable Cloud Security now enhances CVE detection by integrating Tenable's vulnerability logic, leveraging the Tenable vulnerability data lake (TVDL) and Nessus. This improves accuracy and coverage in detecting new CVEs regardless of National Vulnerability Database (NVD) delays. The integration aligns CVE detection between Tenable Cloud Security and Tenable Vulnerability Management, reducing inconsistencies and boosting reliability within Tenable One. Users can select which CVE severity metric to display first: CVSS (static) or VPR (dynamic, factoring exploit likelihood). The metric chosen as primary impacts finding creation: severity changes can cause related findings to open or close. Just-in-time by resource groups and recurring access Thanks to your feedback, Just-in-Time (JIT) access is now even more powerful and flexible. Azure users can request access at the resource group level, not just by subscription, giving you greater granularity and control across your cloud environments. And for all JIT users, building on existing immediate/scheduled access request support, we’ve added recurring access scheduling — to better support business workflows, such as a contractor needing project access for a specified repeat duration or the need for access to a routine audit that lasts a full quarter. Easily set daily, weekly or monthly schedules with end dates — all through an intuitive UI. Consider using recurring access to replace standing permissions that some JIT users may still have, for more granular time-bound least privilege. Powerful Tenable cloud vulnerability insights within ServiceNow Tenable now integrates with ServiceNow’s new Vulnerability Response platform, enabling you to seamlessly import prioritized, actionable vulnerability data directly into ServiceNow. This streamlined integration, which also supports government environments, helps teams focus on what matters most by aligning Tenable findings with your existing remediation workflows, making it easier to act fast on critical risks. Already using ServiceNow ticketing? You can now sync Tenable findings with ServiceNow incidents, mapping severity and status to priority and state (such as open findings to new incidents). Note: Syncing incident states requires additional permissions and configuration within ServiceNow. Selectively scan data resources by exclusion tags You can now add exclusion tags to fine-tune scans of both managed databases and object storage in Tenable Cloud Security. Exclusion tags enable you to scope out resources starting from the next scanning cycle by specifying tags as configured at the resource level, for tailoring scans to your environment. This new capability helps you decrease costs by reducing unnecessary resource usage. Object storage comes to OCI As part of our growing capabilities around Oracle Cloud, Tenable Cloud Security now offers data analysis of object storage buckets in OCI. Out of the box, the feature is on a par with all other object storage that Tenable Cloud Security supports and is part of routine CSPM onboarding. In other updates, new dynamic scan scoping by tag is also supported for OCI. Tenable Vulnerability Management (TVM) Tenable Data Stream (TDS) now supports the streaming of TVM Host Audit Findings data as well as WAS assets, tags and findings data. TDS already supports TVM host assets, tags and vulnerabilities data streaming to AWS S3 buckets and is used by some of the largest TVM customers. Learn more about TDS here. Besides the new payloads, there are a few more improvements: Additional new fields in TVM findings payload like Resurfaced Data and Time Taken to Fix Grouping of the files written in the AWS S3 buckets is now based on timestamp, resulting in fewer files written, which in turn improves consumption and reduces latency. (Previously, this was based on both scan ID and timestamp, which resulted in writing a large number of small files.) Tenable Patch Management Tenable Patch Management now supports Red Hat Enterprise Linux (RHEL) We’re excited to announce that Tenable Patch Management (On-Prem) 9.2.967.20 now supports RHEL 8 and RHEL 9. This release also includes performance improvements, bug fixes, and an important security update to Java 17 JRE. Please note that Patch Notification Bots using WhatsApp require review and modification as they can no longer be combined with other providers. Please visit here for a list of third-party applications covered. Note: We are always adding more. For more information, please read the Tenable Documentation and Release Notes and visit the Downloads Portal for the latest version. Tenable OT Security Upgrade to Tenable OT Security 4.2 to unlock new layers of visibility across your OT/IT environment. Key enhancements in this release include: Advanced SNMP-based asset discovery: Gain deeper OT network topology insight. Our new SNMP Crawler discovers and maps all connected devices and switches, including previously hidden ones, down to the specific switch port. Intelligent hardware lifecycle management: Proactively manage obsolescence with EOL tracking for OT/IoT assets from vendors such as Schneider Electric and Siemens, complementing existing software EOL capabilities. Flexible Windows-based deployment (beta): Install OT Security sensors directly on Windows devices — ideal for segmented subnets or where deploying dedicated physical hardware appliances isn’t feasible. Enhanced IoT & VMS risk insights: With improved IoT connectors and expanded VMS support through enhanced credentialed authentication, extract richer data from IoT devices and VMS (including asset names, models and stream details). Navigation enhancements: A redesigned main menu and intuitive side panel simplify access to critical OT data, speeding workflows and improving usability. Additional improvements: Fewer operational reboots New vulnerability detections Expanded virtualization support for Microsoft Hyper-V and KVM-based platforms Upgraded embedded Tenable applications (Nessus, Nessus Network Monitor) Expanded Device Fingerprint Engine coverage for devices from various vendors To learn more about what’s new in Tenable OT Security, watch the latest customer update or review the release notes. Tenable Security Center Patch 202505.1 is now live This patch addresses high-severity CVEs in SQLite. It applies to SC versions 6.5.1 and 6.4.x and requires manual application. Release notes for 6.5.1 and 6.4x Download: https://www.tenable.com/downloads/security-center Security advisory: https://www.tenable.com/security/tns-2025-09 Tenable Ecosystem Tenable Plugin for Jira on-premises v10.4.1 now supports Tenable Web App Scanning We’re excited to launch Tenable Plugin for Jira v10.4.1. This release includes: Support for Tenable Web App Scanning (TWAS) Security update Cleaner logs regarding API responses And bug fixes For more information, please read the Tenable Documentation and visit Atlassian Marketplace to download the newest versions. Tenable App for Splunk v6.1.0 The Tenable App for Splunk v6.1.0 is now available. This release includes: Added support for Tenable Web App Scanning (TWAS) and Tenable OT Security (TOT) New “Assets Dashboard” for visualizing asset details across TVM, TSC, TOT, TWAS, and TASM For more information, please read the Tenable Documentation and visit Splunkbase to download. Tenable Nessus Early Access Release of Nessus 10.9.0 We’re excited to announce the early access of Nessus 10.9.0. For standalone Nessus Expert users, this includes web application scanning functionality for Nessus instances in air-gapped/offline environments. For more information, please see our release documentation. Tenable Training and Product Education Tenable University is excited to announce the refreshed Introduction to Tenable One course. This course covers key features of the Exposure Management platform, including the workspace, Exposure Signals, Attack Path Analysis, Inventory and more, giving you a strong foundation to understand and act on your exposure data. Tenable Professional Services Tenable Professional Services offers two levels of Tenable One Deployment Service, both of which provide a structured, end-to-end approach for implementing and optimizing the Exposure Management platform. With this guidance, your team can gain the visibility, confidence and capabilities needed to actively manage exposure and reduce cyber risk. Tenable Webinars Customer Update Webinars Tune in for product updates, demos, how-to advice and live Q&A to help you get more value from your investment in Tenable solutions. LIVE July 2025 Tenable WAS, July 8, 2025, 11 am ET: Join us for a deep dive into recently released WAS features and capabilities. Tenable Nessus, July 8, 2025, 1 pm ET: Testing for specific CVEs with Nessus. Tenable OT Security, July 9, 2025, 11 am ET: Learn how Tenable OT Security 4.3 unlocks unprecedented visibility and control across your OT/IT environment. Tenable Vulnerability Management, July 9, 2025, 1 pm ET: Credentialed scans versus uncredentialed scans and how to use managed credentials. Tenable One, July 10, 2025, 11 am ET: Learn how Tenable One can now ingest important security context from non-Tenable security tools to help better identify, prioritize and reduce cyber risk. Tenable Security Center, July 10, 2025, 1 pm ET: OS breakdown: reporting exposures by operating system. ON-DEMAND June 2025 Tenable Identity Exposure: Join us to explore new features and capabilities in the latest release of Tenable Identity Exposure. Tenable Nessus: Discovery scan templates and when to use them. Tenable Cloud Security: Just-in-time (JIT) access dramatically reduces exposure from compromised identities. Join us to learn how this capability is enabled with Tenable Cloud Security. Tenable Vulnerability Management: Develop exposure response strategies with Tenable Vulnerability Management. Tenable One: Learn how Exposure Signals and Installed Software leverage data from your security stack to enrich Tenable One findings and strengthen the impact of your exposure management efforts. Tenable Security Center: Learn when and how to use triggered Agent scanning in Security Center. Customer Office Hours These are recurring ask-me-anything sessions for Tenable Security Center, Tenable Vulnerability Management, Tenable Cloud Security, Tenable Identity Exposure and Tenable OT Security. Time-zone-appropriate sessions are available for the Americas and Europe (including the Middle East and Africa, and Asia Pacific). Learn more and register here. Other Webinars of Interest June 25, 2025: Research Insights from the 2025 Verizon DBIR: What You Need to Know to Secure Smarter June 24, 2025: From Fundamentals to Focus: Enhancing Cloud Security with Tenable - Customer Workshop Series June 17, 2025: Beyond Cyber Chaos: How Public Sector Orgs Secure Smarter with Exposure Management On-demand: Security Without Silos: How to Gain Real Risk Insights with Unified Exposure Management For More Webinars Please visit tenable.com/webinars for the most up-to-date schedule. Tenable Research Research Security Operations Announcement Where Capability Meets Opportunity: Meet the Tenable Research Special Operations Team Rapid Response Microsoft’s May 2025 Patch Tuesday Addresses 71 CVEs (CVE-2025-32701, CVE-2025-32706, CVE-2025-30400) CVE-2025-32756: Zero-Day Vulnerability in Multiple Fortinet Products Exploited in the Wild CVE-2025-4427, CVE-2025-4428: Ivanti Endpoint Manager Mobile (EPMM) Remote Code Execution CVE-2025-31324: Vulnerability in SAP NetWeaver Exploited in the Wild Tenable Research Advisories HPE Insight Remote Support Multiple Vulnerabilities Siemens User Management Component V2.15 Multiple Vulnerabilities Feature Release Highlights New Plugin Family: Tencent Linux Local Security Checks Azure Cloud Infrastructure Scanning for Government Windows LAPS Support in Nessus-based scanners Over 400 New Vulnerability Detections in June!May 2025 Product Update Newsletter
A truncated version of our May product update newsletter follows. To read the full document, which includes updates for Tenable One, Tenable Cloud Security, Tenable Identity Exposure, Tenable OT Security, Tenable Vulnerability Management, Tenable Security Center, Nessus, Patch Management, and more, click here. Tenable One New! Unified Navigation for a Seamless User Experience We are excited to bring you the latest update of Tenable One! This release focuses on maximizing your Exposure Management program by unifying vision, insight, and action across the attack surface. These enhancements include: Streamlined navigation across Tenable One: Easily access key areas like Exposure View, Exposure Signals, Inventory, and Attack Paths from a single location, allowing you to retrieve information faster and more efficiently. New Overview page: Quickly gain high-level insights into the health of critical coverage areas, including exposure scores, assets, attack path matrix, and weakness breakdowns. Enhanced user experience: Enjoy a more intuitive and seamless experience for specific capabilities within Tenable One. New Installed Software page: Easily view software vendors and versions throughout your environment. Pinpoint specific pieces of software, versions, devices, and file paths to enhance discovery and streamline remediation efforts. These changes are now live and ready within your container! To quickly get up to speed, please check out this interactive demo. New! All your security data. All in one place. We’ve introduced powerful new capabilities to elevate your exposure management program. These deliver unified risk visibility, deeper context, and comprehensive reporting across your entire risk landscape. What’s new: Tenable One Connectors: Integrate data from across your security stack into Tenable One to gain complete visibility and context across your attack surface—all within a single platform. Enhancing your Tenable One experience with third-party data gives you: A single, unified inventory of your assets and risk data. Richer context within Exposure Signals to support cross-domain prioritization. Consolidated exposure cards that present a complete view of risk across your environment. Sign up for Connectors See guided demo Explore available connectors Unified Dashboards Easily analyze, track, and share key risk insights across your environment, enabling smarter, more efficient security operations. Unified dashboards include: Pre-built dashboards – Get immediate, actionable insights with best-practice dashboards for common security use cases. Custom dashboards – Use over 40+ widgets to create dashboards tailored to any audience or need. Custom widgets – Develop bespoke widgets that highlight the metrics and data points that matter most to you. Share and collaborate - Make dashboards private or team-accessible, and export them in multiple formats for seamless collaboration. See guided demo Tenable Identity Exposure You Don’t Need More Data — You Need Insights Now available: Identity Insights has launched in the SaaS version of Tenable Identity Exposure — delivering centralized visibility into risks across your identity fabric (Active Directory and Entra ID). This powerful new visualization acts as a command center for security teams to quickly prioritize and address the most critical identity threats. What’s included: Top Risk & Exposure Signals widgets: These widgets surface the most severe indicators of exposure (IOEs) and aggregated risk scenarios using prebuilt insights and custom queries via ExposureAI. Historical risk trends: Track recurring risks over time, identify resurfaced threats, and demonstrate security improvements. Identity demographics: Visualize risk across privileged, service or dormant accounts to better prioritize protection efforts. Fast-action remediation: Use the "If You Only Have 5 Minutes" widget to jump into the most urgent findings. Exportable reports: Generate professional-grade reports with one click to support audits and stakeholder communications. With Insights, security teams move from fragmented data to an actionable overview — saving time, reducing risk, and improving security posture. Check out the Tenable Identity Exposure user guide for more information. Tenable Cloud Security Reminder: You must be logged in to view Tenable Cloud Security documentation. If you need a login or wish to try Tenable Cloud Security, contact your account manager or request a demo. Just-in-Time (JIT) access is now available for all Tenable Cloud Security users. Tenable customers can use their existing (or future) Tenable Cloud Security license to enable and use JIT – with no separate procurement needed! JIT is automatically included with all existing licenses: Enterprise, Standard and CIEM. JIT eliminates standing permissions and reduces cloud risk with on-demand, time-bound access to cloud accounts and identity provider (IdP) groups. See the demo and explore use cases to understand how JIT works and streamlines approvals including by integrating with collaboration platforms like Slack and Microsoft Teams. Unified search and in-product documentation—directly in the Console. Tenable Cloud Security now offers context-aware guidance in the Console, making it easier to find what you need. Queries in the search bar return results across all resources, policies, pages, documentation, and vulnerabilities. In-product documentation is now also accessible directly in the Console through unified search and contextual help links, providing context-aware guidance where you need it. See the documentation for more details. Define projects by resource tags and Azure resource groups. Building on the Projects feature announced in the March 2025 newsletter, Tenable Cloud Security now enables you to scope projects using resource tags (across all Tenable-supported cloud providers) and Azure resource group name patterns. This enhancement provides greater flexibility and granularity in organizing projects based on how your cloud environments are structured: by team, business function, or application boundary. The evolving Projects capability supports stronger cloud security maturity by reducing fragmented visibility and siloed inventories, with dedicated views of resources and security findings, and project-specific dashboards for each team. See the documentation for more details. Enhanced CVSS scoring support with CVSS v4 priority. When multiple CVSS versions are available for a vulnerability, CVSS v4 is prioritized to ensure the severity assessment is the most current and precise. It offers improved accuracy, flexibility, and contextual awareness, enabling better prioritization and automation than CVSS v3. Enhanced 3rd-party support for Microsoft Entra ID apps. Tenable now offers greater IAM visibility for Azure users through enhanced Microsoft Entra ID third-party application mapping, with support for more than 350 applications. From the third-party widget in the IAM Dashboard, you can select a vendor per cloud component and navigate directly to the Identity Intelligence page, filtered by that vendor. You can also now view vendor details for each application in the Microsoft Entra ID Application Inventory page, making it easier to manage third-party applications across your environment. >> To read the rest of the May newsletter, click here.Introducing Tenable One for OT/IoT Tenable One for OT/IoT...
Introducing Tenable One for OT/IoT Tenable One for OT/IoT provides complete visibility across the entire modern attack surface – IT, OT and IoT assets, focus efforts to prevent likely attacks, and accurately communicate cyber risk to support optimal business performance. The platform combines the broadest vulnerability coverage spanning IT assets, cloud resources, containers, web apps, identity systems, and OT, and IoT assets, builds on the speed and breadth of vulnerability coverage from Tenable Research, and adds comprehensive analytics to prioritize actions and communicate cyber risk. Comprehensive visibility beyond the IT environment to the modern attack surface Risk intelligence to mitigate operational risks Actionable planning and decision-making across the modern enterprise and so much more! To learn more about this Tenable One for OT/IoT, read the press release, blog, or sign up to join our upcoming webinar.
