🚨 Announcing: Tenable AI Exposure 🚨
AI platforms like ChatGPT Enterprise and Microsoft Copilot are boosting productivity, but they also expand your attack surface. AI Exposure, now in Tenable One, gives security teams the visibility and control they need to see, secure, and govern AI use across the organization. Tenable AI Exposure is currently available as a private customer preview for companies actively using ChatGPT Enterprise and/or Microsoft Copilot. If you are interested in joining this exclusive 120-day preview, please sign up through the form found on our product page. With AI Exposure, customers will be able to: Gain deep visibility into AI usage, including prompts, data flows, and risky interactions Identify misconfigurations or unsafe integrations that may expose sensitive data Monitor for AI-specific threats like prompt injection or other AI attacks Enable enforcement of organizational policies and governance standards for AI usage Deploy quickly without agents or disruptions in five minutes or less 🔍 To learn more about AI Exposure, visit our product page.Tenable Enhances Its Cloud Security Solution with Expanded Just-in-Time Access
Tenable has enhanced its Just-in-Time (JIT) Access capabilities to provide more comprehensive and streamlined cloud security for organizations. The Just-in-Time (JIT) Access feature significantly strengthens cloud security by granting temporary, need-based access to sensitive resources, minimizing the risks associated with persistent privileges. This approach offers several critical benefits for organizations striving to enhance their cloud security posture: Reduced Attack Surface: By eliminating always-on privileges, JIT Access significantly minimizes the window of opportunity for attackers to exploit compromised identities. Enhanced Security Posture: Granting access only when required and for a limited duration adheres to the principle of least privilege, mitigating the risk of both external threats and insider misuse. Seamless User Experience: Tenable's JIT Access offers user-friendly workflows, including integration with popular messaging platforms like Slack and Microsoft Teams, allowing users to request and receive necessary access without disrupting their productivity. Improved Auditability and Compliance: The solution provides a clear and comprehensive audit trail of all access requests, approvals, and session activities, simplifying compliance with various regulatory frameworks. Achieving Zero Standing Privileges: Tenable's JIT Access empowers organizations to move towards a "zero standing privileges" model in their cloud environments, a critical step in modern cybersecurity. For more information, please visit the page.
General Availability (GA) of version 3.1.0 of the Tenable App for Microsoft Sentinel!
Release Date: July 17, 2025 Hi Everyone! We're excited to announce the general availability (GA) of version 3.1.0 of the Tenable App for Microsoft Sentinel! This release includes several key updates, enhancements, and expanded functionality to help you get the most from your integration. Download and Install the App: Tenable App for Microsoft Sentinel - Azure Marketplace (https://azuremarketplace.microsoft.com/en-us/marketplace/apps/tenable.tenable-sentinel-integration) Documentation: Installation and Upgrade Guide (https://docs.tenable.com/integrations/Microsoft/Azure/Content/install-sentinel.htm) Changelog: What's New in v3.1.0? Updated Python runtime to 3.12 Upgraded pyTenable SDK to v1.7.4 Added Support for Web Application Scanning (WAS) Asset and Vulnerability data ingestion Bug fixes and Architectural Redesign Replaced Queue Trigger functions with Durable Functions Added support for Microsoft's Log Ingestion API, including updated papers and playbooks Important Upgrade Information Do not attempt an in-place upgrade. You must remove the existing Function App and associated resources before deploying 3.1.0. This release conforms to Microsoft's new requirements and uses Microsoft's new Log Ingestion API (https://learn.microsoft.com/en-us/azure/azure-monitor/logs/tutorial-logs-ingestion-portal), which relies on Data Collection Rules (DCRs) and Data Collection Endpoints (DCEs). Due to DCR constraints, tables from previous versions are not compatible and cannot be used. For detailed, step-by-step guidance, refer to the official documentation above. Questions? We're here to help! Reach out to us at connect.tenable.com. - Ahmad Maruf Product Manager Tenable EcosystemCyberArk Client Certificate Authentication Issue Summary...
CyberArk Client Certificate Authentication Issue Summary Tenable has discovered an issue with our CyberArk Integration and its Client Certificate Authentication to the CyberArk CCP/AIM Web Service API. Customers that have deployed the CyberArk CCP component on Windows Server 2022+ have experienced unsuccessful attempts authenticating to the CCP/AIM Web Service API using Client Certificate Authentication with our CyberArk Integration. This is due to an issue with Windows Internet Information Services (IIS) and certificate authentication over TLS 1.3 and HTTP/2. Change Customers using a Windows Server 2022+ to host their CyberArk CCP must disable TLS v1.3 and HTTP/2 on the IIS manager in order to successfully use Tenable’s CyberArk Integrations that support Client Certificate Authentication. The following Microsoft article describes the issue. https://techcommunity.microsoft.com/blog/iis-support-blog/windows-server-2022-iis-web-site-tls-1-3-does-not-work-with-client-certificate-a/4129738 Impact There are no changes to the integration. Release Date IMMEDIATE
