[GA] Tenable Patch Management v10.0.971.26 is officially LIVE!
We are pleased to announce the General Availability of Tenable Patch Management (TPM) v10.0.971.26! This quality-focused update delivers critical stability and performance fixes for both On-Premise and SaaS environments. Enhanced Reliability & Precision Reporting This release addresses high-priority issues including strategy corruption, database scaling, and compliance reporting accuracy. Top Fixes to Pitch: Strategy Integrity: Fixes a critical defect where simplified patching strategies could become corrupted or fail to load "How to Patch" configurations. Precision Reporting: Corrects compliance percentage variables to eliminate "over 100%" reporting errors. Improved SaaS Reliability: Resolves "502 Bad Gateway" errors and database deadlocks by optimizing connection pooling and PostgreSQL-specific ports. Patch Filter Conditions: Corrects errors in Patch Filter UI and Tenable.Vpr filter handling. Added a dropdown for true/false boolean fields and updated VPR filters to require the Tenable.VprInteger format. Cloud Compatibility: Fixed the cloud install script (.sh) for successful execution when used in JAMF script payloads. Platform Modernization: Full integration of Java 25 and log4j 2.25.3 for peak security and performance. WSUS Intelligence: Improved WSUS scanning logic to mark patches as "Not Applicable" if a superseding patch is already present. P2P Configuration: New brp2p.minimum_viable_volunteer_count setting to better manage peer-to-peer download sources. Customer-Facing Resources: Release Date: March 5, 2026 Hotfix Version: 10.0.971.26 Changelog: View Release Notes Docs: TPM Complete Documentation Upgrade Path: SaaS/Cloud: Your SaaS Tenants are upgraded to v10.0.971.26 automatically. Please upgrade your clients accordingly. On-Premise: Customers can download the latest version of server and clients from the TPM Downloads portal immediately. Questions? We’re a ping away! Reach us at connect.tenable.com. Happy Upgrading! - Ahmad Maruf Tenable Patch Product Management[GA] Introducing Tenable Plug-in for Jira (On-Prem) Integration v11.0.0
We are excited to announce the release of the Tenable Plug-in for Jira (On-Prem) Integration v11.0.0. Release Date: January 28, 2026 Download: Tenable Plug-in for Jira On-Prem (Atlassian Marketplace) Docs & User Guide: View Documentation Tenable Integrations Page: Tenable Plug-in for JIRA (on-prem) What’s New in v11.0.0? Jira 11 Support: Added full support for Jira 11.x Data Center environments. Modernized Tech Stack: Updated to support Java 21 and Atlassian SDK-9.9.1. Important Compatibility Note: Version 11.0.0 is NOT backward compatible with Jira versions earlier than 11.x. If you are running Jira 9.x or 10.x, we recommend you upgrade to v11. Questions? We're here to help! Reach out to us at connect.tenable.com. Happy Upgrading! – Ahmad Maruf Tenable Ecosystem Product Management[GA] Tenable Patch Management 10.0 is officially LIVE! Experience the magic of simplicity.
Today, we are thrilled to unveil the latest evolution of Tenable Patch Management (TPM): The General Availability (GA) of TPM v10.0. This update represents a significant transformation of our product, designed to deliver on the promise of modern, frictionless, and autonomous patching. Big News: One Product, One Experience We have officially unified our product experience by retiring the "Express" vs. "Enterprise" distinction in favor of a Single SKU model. Whether you require high-speed simplicity or deep granular control, you no longer have to choose, every customer now has access to the full power of the Tenable patching engine. Experience the Magic of Simplicity TPM 10.0 reduces operational complexity by focusing on the daily workflow of the administrator. Here is what you will find inside: Administrator-first interface: Our new homepage prioritizes "Blind Spots" and "Delta Numbers," giving you an instant view of unpatched gaps and real-time changes in your environment. 6-step guided setup: A new interactive onboarding wizard replaces hours of manual setup, covering integration and device verification in minutes. "What, When, & How" strategy builder: Build complex patching strategies using a guided process focused on three simple questions: What are we patching? When is it happening? How should it behave? Deployment rings: We have evolved "Waves" into Deployment Rings with automated Transitions (Success, Approval, or Delay) to control exactly how patches move through your environment safely. The emergency kit: Access a "Global Pause" button, instant rollbacks, and exception controls directly from your dashboard for moments when you need to act fast. Advanced settings hub: We haven't removed the deep customization you love; we've just organized it. Features like Intent Schema and Flex Controls have moved to this hub to keep your main workspace clean. Enhanced RBAC (on-premise): We have introduced new built-in security roles for scoped access and security audits. Release details On-premise version: v10.0.971.19 (Server & Client) SaaS version: v10.0.971.18 (Server) | v10.0.971.15 (Client) Technical update: Both Server and Client have been updated to use Java 25 for peak performance and security. Migration & licensing: what it means for you Note: Your existing patching strategies and product configurations remain completely untouched by this upgrade and will continue to function exactly as designed. Customer type What happens today? Action required SaaS / Cloud Server: Your Console is updated to v10 automatically. Clients: Please follow the instructions here to upgrade your clients to v10. None. You have immediate access to v10 features. Your subscription transitions to the new model at your next renewal. On-premise Your choice. You remain on your current version until you choose to upgrade. Recommended: Contact us for a Zero-Dollar Exchange Order to unlock v10 features today, then download the update below. Transition to single SKU will be mandatory during renewal. Get started with these resources Explore these resources to hit the ground running: Download: Get TPM On-Premise v10.0 Changelog: View Release Notes At a Glance: What's New in TPM 10.0 Guide Release Demo: TPM 10.0 Video Walkthrough New User Guide: Single, Consolidated User Guide Docs: TPM Complete Documentation Log in now to experience the magic of simplicity combined with deep control. Happy Patching! — Ahmad Maruf Principal Product Manager, Tenable Patch Product ManagementGA Release: Tenable WAS Integration for ServiceNow VR (v30.2.0)
We are excited to announce that Tenable Web App Scanning (WAS) is now fully integrated with ServiceNow Vulnerability Response! This update allows security teams to automatically synchronize application metadata and vulnerability findings discovered through Tenable’s Dynamic Application Security Testing (DAST) directly into ServiceNow. Key Benefits: Unified Security Posture: Maintain a single, comprehensive view of your application security in one platform. CMDB Correlation: Automatically map Tenable WAS findings to your CMDB applications for better asset context. Risk-Based Prioritization: Prioritize remediation efforts using severity, CVSS, and specific risk indicators. Scalable Data Ingestion: Uses Tenable Export APIs to retrieve data in chunks, ensuring high performance even for large-scale environments. What’s New in this Release: Automated Asset Sync: Seamlessly import application assets from Tenable WAS using the Assets Export APIs and create import queue entries for transformation. Vulnerability Ingestion: Import vulnerability findings and associated metadata using Tenable WAS Export Findings APIs to create Application Vulnerable Items (AVITs). Flexible Lookup Strategy: A new "Lookup strategy" field allows you to independently configure CI Lookup or Product Model settings for each integration. Compatibility: Fully compatible with ServiceNow’s Zurich, Yokohama, Washington, and Xanadu releases. View the Released App | View Documentation Questions? We're here to help! Reach out to us at connect.tenable.com. — Ahmad Maruf Principal Product Manager, Tenable Ecosystem[GA Release] Tenable Add-on for Splunk v8.0.2 is Now Available!
Hi everyone! We’re thrilled to announce the latest quality release to the Tenable Add-on for Splunk – now live with version 8.0.2! Release Date: January 22, 2026 Get It Now: Tenable Add-on for Splunk on Splunkbase Documentation: Tenable Add-on for Splunk Documentation What’s New in v8.0.2? Resolve an index _time race condition with Tenable Security Center Known Issues and Limitations: None Shoutout to everyone who made this release possible! – Ahmad Maruf, Tenable Ecosystem Product ManagementStop Choosing Between Simple and Powerful. Get Both with TPM 10.0
On January 22, we are thrilled to unveil Tenable Patch Management (TPM) 10.0. This update is a significant transformation of our patch product, designed to deliver the promise of modern, frictionless, and autonomous patching for everyone. We are officially retiring the "Express" vs. "Enterprise" distinction. Moving forward, TPM is a Single SKU model. Whether you need high-speed simplicity or deep granular control, you no longer have to choose. Every user now has access to the full power of the Tenable patching engine. TPM 10.0 reduces operational complexity, and focuses on the daily workflow of the administrator. Highlights of TPM 10.0 (SaaS & On-Premise) We’re moving away from executive ROI charts to focus on an Administrator-First interface. The new homepage prioritizes "Blind Spots" and "Delta Numbers," giving you an instant view of your unpatched gaps. A Simple Setup Wizard: A new 6-step onboarding guide replaces hours of manual setup, covering integration, device verification, and your first patching strategy in minutes. "What, When, & How" Strategy Builder Workflow: Build strategies and leverage Deployment Rings (formerly Waves) and automated Transitions (Success, Approval, or Delay) to control exactly how patches roll out. The Emergency Kit: A "Global Pause" button, instant rollback, and exception controls are now front-and-center on your dashboard. Single-Pane Visibility: The updated Monitoring & Deployments Dashboards offer a clear view of scheduled, in-progress, and finished deployments, allowing you to bypass approvals or skip ahead without menu-hopping. RBAC Enhancements (TPM On-Premise): Expanded Role-Based Access Control (RBAC) is now available for TPM On-Premise. New built-in security roles allow scoped access for specific locations (e.g., branch offices, testing labs) and read-only access for security audits. For the Power Users We haven’t removed the deep customization you love; we’ve just organized it. All advanced features like Intent Schema and Flex Controls have moved to the new Advanced Settings hub. This keeps the main interface clean for daily tasks while ensuring your "under-the-hood" configurations remain just one click away. Migration & Licensing: What It Means For You Customer Type What Happens on Jan 22? Action Required SaaS / Cloud Automatic upgrade to the v10 UI. None. Your subscription transitions at your next renewal. On-Premise Stay on your current UI until you choose to upgrade. Optional Upgrade: Contact us for a Zero-Dollar Exchange Order to unlock v10 features today. Get Started with These Resources To help you hit the ground running, we’ve attached two essential resources to this post: What's New in TPM 10.0 (PDF): A comprehensive feature guide, FAQ, and a navigation map to help you find your favorite v9 tools in the v10 interface. TPM 10.0 Video Walkthrough: Join Ahmad Maruf, Principal Product Manager of Tenable Patch Management for a deep dive into the new dashboard, wizard-driven onboarding, strategy creation, and emergency controls here. Your current product and strategies remain completely untouched and will continue to function as designed. Log in on January 22nd to explore the new dashboard, and experience the magic of simplicity combined with deep control. Happy Patching, Tenable Patch Product Management
Action Required: Preparation for January 2026 Tenable Security Center Feed Update
We are writing to announce an important upcoming change to the Tenable Security Center feed data. Starting in mid-January 2026, the size of Tenable Security Center feeds will increase due to the addition of new Vulnerability Priority Rating (VPR) data; this data will be available in Tenable Security Center 6.8, anticipated for release later in Q1 2026. This update ensures you continue to receive comprehensive vulnerability data, but it requires immediate action to ensure your environment is prepared. What you need to do To prevent the feed size from causing PHP memory exhaustion in your environment, please follow the resolution path for your specific version: Versions 6.5.1 – 6.7.2: Patch 202601.1 is now available. Applying this patch will automatically modify the PHP configuration to increase the memory limit. Versions Prior to 6.5.1: Follow the instructions outlined in this Knowledge Base article to modify the PHP configuration. Note: Tenable Security Center consoles with less than 8 GB RAM may need to have their hardware resources updated. Review Tenable Security Center hardware recommendations Why this matters Taking action now allows you to adopt a proactive approach to this feed expansion, ensuring your nightly updates continue seamlessly. Prevent SC Feed Update Failures: Without this fix, SC Feed updates may fail and log an "Allowed memory size... exhausted" error or terminate abnormally with error status '255'. Protect Disk Space: Failing feed updates can leave behind orphaned files in /opt/sc/data/feed.XXXXX folders, which may build up and cause disk space issues over time. Access our related documentation to learn more: Tenable Security Center Patch 202601.1 (2026-01-06) Knowledge Base: Tenable Security Center Feed Update Failing with "terminated abnormally with error status '255'" Due to PHP Memory ExhaustionTenable Patch Management TPM SaaS is Now Live [GA Announcement]
Release Date: November 17, 2025 We are thrilled to announce that Tenable Patch Management TPM is now available as a fully managed SaaS solution. For too long, IT and Security teams have been stuck in a paradox. Security demands speed to reduce risk, while IT demands stability to ensure uptime. This friction creates a dangerous gap between vulnerability discovery and remediation. Today, we are closing that gap. With the launch of TPM SaaS, you can now replace reactive, manual patching with autonomous, cloud-native remediation. By moving to the cloud, we are empowering your teams to shift their focus from maintaining patch servers to managing business risk. Why Move to the Cloud? Legacy on-premise tools like BigFix, Tanium, and SCCM were built for a different era. TPM SaaS offers a modern approach that is scalable, secure, and effortless to maintain. Zero Infrastructure Overhead Eliminate the need for on-prem hardware, database management, and manual maintenance. Our platform updates automatically, ensuring you always have the latest features without the downtime. Prioritize Risk, Not Volume Stop drowning in patch Tuesdays. TPM leverages Tenable’s Vulnerability Priority Rating VPR and Asset Criticality Rating ACR to automatically identify and remediate the vulnerabilities that pose the greatest risk to your specific environment. Global Scalability Whether you are a local business or a global enterprise, TPM SaaS scales instantly. We have launched with global data centers in the US, UK, Germany, Japan, Australia, and Singapore, ensuring low-latency performance and data sovereignty wherever you operate. Unmatched Coverage Secure your entire estate with industry-leading support for Windows, Linux, and macOS, covering over 20,000 third-party applications and 250,000 unique patches. Key Capabilities at a Glance Autonomous Set and Forget Policies: Define your risk tolerance and let the engine handle the rest. 100 Percent Granular Control: Maintain full authority with tiered deployments, rollbacks, and flexible approval workflows. Resilient Architecture: Built-in redundancy, failover, and our signature Peer-to-Peer (P2P) content distribution to protect your network bandwidth. Centralized Management: Manage admin accounts and identity providers OIDC SAML directly through the Tenable Workspace. Ready to Get Started? Stop managing servers. Start managing risk. Deliver fully autonomous, closed-loop remediation that finally bridges the gap between IT and Security. Start Now at https://www.tenable.com/products/patch-management Read the Release Notes at https://docs.tenable.com/release-notes/Content/patch-management/2025.htm Dive Deeper at https://docs.tenable.com/integrations/Tenable-Patch-Management/Content/welcome.htm – Tenable Patch Product ManagementGA Release - Tenable Add-on for Splunk v8.0.1 is Now Available
Hi everyone, We are thrilled to announce the latest major update to the Tenable Add-on for Splunk. Version 8.0.1 is now live and was released on September 30, 2025. Released: September 30, 2025 Get It Now: Visit the Tenable Add-on for Splunk on Splunkbase by searching for "Tenable Add-on for Splunk" or going to splunkbase.splunk.com/app/4060 What's New in Version 8.0.1: Fixed an issue with custom SSL certificates for the Tenable SecurityCenter input Improved compliance data collection by preserving original field valuesxx Compatibility Matrix: Browsers: Google Chrome, Mozilla Firefox Operating Systems: Platform independent Splunk Enterprise: Versions 10.0.x, 9.4.x, and 9.3.x Supported Deployments: Splunk Cluster, Splunk Standalone, and Distributed Deployment Known Issues and Limitations: None A shoutout to everyone who made this release possible. Thanks, Ahmad Maruf Tenable Ecosystem Product Management
July Product and Research Update Newsletter
Greetings! Check out our July newsletter to learn about the latest product and research updates, upcoming and on-demand webinars, and educational content — all to help you get more value from your Tenable solutions. Click here for a downloadable PDF of this newsletter Share Your Insights at Black Hat 2025 Attending Black Hat next month? We'd love to hear your thoughts on Tenable products! Join us for a brief, filmed in-booth interview. It's a quick (less than 10 minutes) and impactful way to share your feedback. You'll have the chance to share your opinions on camera, and rest assured, if you prefer, your feedback can remain completely anonymous if you prefer. As a thank you for your time, we'll also give you an exclusive briefing on our latest product updates. Ready to make your voice heard? Email ambassador@tenable.com to schedule your session. We'll find a time that works best for you! Tenable Cloud Security Reminder: Tenable Cloud Security requires you to log in to view documentation and release notes. To access the documentation or try Tenable Cloud Security, contact your account manager or request a demo. Code security for Azure ARM and Bicep frameworks, and APIs. Tenable now natively supports Azure Resource Manager (ARM) and Bicep, expanding on existing coverage for AWS CloudFormation, Kubernetes YAML, and Terraform across all major cloud environments. Azure users can now scan for misconfigurations directly in their infrastructure as code. Notably, Tenable Cloud Security uniquely supports Bicep, which is rapidly gaining adoption due to its simplicity. Tenable tags resources in Bicep files, auto-generates underlying ARM templates, and highlights misconfigurations directly in the Bicep code, so you can work in the Bicep layer without parsing ARM output. We’ve also introduced ingestion of Tenable IaC findings via API using the “Findings” query in the GraphQL API. This enables programmatic management of finding status. The code API has full UI parity and is consistent with all Tenable API endpoints. Workload protection now supports Oracle Cloud Infrastructure + streamlined reporting. Expanding our coverage of Oracle Cloud Infrastructure (OCI), Tenable Cloud Security now offers workload protection for OCI environments. You can scan virtual machines, including those using OCI-native and customer-managed key (CMK) encrypted volumes, alongside container images and account-level resources. Additionally, across all supported cloud environments, we have streamlined reporting: you can now generate reports directly from the Vulnerabilities page, simplifying your workflow. Enhanced IAM security across permissions and access. Tenable Cloud Security’s Microsoft Entra ID integration, recently enhanced with third-party support and MFA monitoring, can now monitor and filter all app API and delegated permissions. IAM admins get a clearer, tenant-wide view of app-level permissions, making it easier to remove unnecessary access. Are you still using the now-retired Microsoft Entra Permissions Management? Tenable is a strong replacement, with advanced CIEM, JIT access, and CNAPP capabilities spanning Entra ID, Azure and more. We’ve also improved IAM visibility for AWS and GCP with exportable Permissions Query results and enhanced tracking of custom policy changes. In GCP, access-level evaluation is now deeper with added behavior analysis and resource details. Introducing custom dashboards that you can easily build in minutes. You’ve got the power! You can now customize how dashboards look and how you present security data to help users focus on what matters most. Personalize dashboards by adjusting metrics, findings and visualizations. Choose whether to make them public or private. Save time by duplicating built-in or custom dashboards. Plus, all dashboards are now centrally located in the menu for easier access. “Projects” capability now supports integrations and automations by scope. Tenable is making it easier to manage accounts and access control across multiple accounts and providers. The Projects capability, which logically groups resources in your cloud environment, now lets you configure integrations and automations at the project level. This enables more granular control and flexibility to let specific accounts or resources follow tailored workflows aligned with your organizational structure and security policies. Tenable Identity Exposure New Entra ID IoEs to strengthen identity hygiene. Tenable has added new indicators of exposure (IoEs) to help you identify and remediate hidden risks in Entra ID environments: Managed devices not required for MFA registration: Flags tenants that allow multi-factor authentication (MFA) registration from devices your organization doesn’t manage. Without requiring managed devices, attackers with stolen credentials could set up their own MFA methods without your knowledge. Admin consent workflow not configured: Detects tenants missing an active admin consent workflow. This absence can cause errors for non-admin users trying to access applications that need consent, leading to user friction or unmonitored workarounds. Password expiration enforced: Identifies domains where password expiration policies, intended to enhance security, might actually weaken it. When you force users to change passwords frequently, they often resort to simpler or repeated passwords, which makes them more vulnerable to breaches. For more information, review the release notes. Tenable Enclave Security Tenable Enclave Security 1.5 release. We’re excited to announce the release of Tenable Enclave Security 1.5. This release includes exciting new features: Deployment assessment scanning: Quickly assess new and updated deployments before they go live, improving visibility and risk reduction during rapid delivery cycles. Expanded software composition analysis (SCA): Broaden insight into your software supply chain with deeper enumeration of third-party libraries and components, including Go, Java, PHP and unpatched vulnerabilities in container images. SecurityCenter 6.6: Now powered by PostgreSQL, the latest version enhances performance, scalability and long-term support for mission-critical environments. Policy management: New and improved experience for managing policies for CI/CD pipelines or Kubernetes clusters. For more information, review the release notes. Tenable Vulnerability Management (TVM) Tenable PCI agent scan template now available. As a result of the PCI DSS 4.x specification release, credentialed scanning is now a requirement for PCI internal scanning. In response, Tenable created the Tenable PCI Agent, which you can use to scan your network via the PCI Internal Nessus Agent scan template in Tenable Vulnerability Management. PCI DSS 4.x enables you to use a customized approach objective. Using PCI DSS 4.x, the PCI Internal Nessus Agent provides the most comprehensive view of local vulnerabilities on your systems. Please visit the Scan Settings site for more details on configuring the PCI Agent and scans. Tenable Patch Management Tenable Patch Management 9.2.967.22 (on-premises). This release features minor quality improvements and bug fixes across the platform. Server updates: Bug fixes: We fixed an issue where the Business Units by Waves column in cycle tables was empty if no deployment waves existed for the cycle owner. Modified the patch server framework component to depend on the feed server, preventing a race condition during registration. Fixed a bug where patching cycles could lose business unit information after a server restart. Improved the update process for supported platforms within existing workflows and activities during server upgrades. Client updates: Bug fixes: Change to WUAHttpServer to include a content-length header on a full GET request for a file. This resolves the Windows Server 2016 patch download issue. Tenable OT Security Tenable OT Security 4.3: Scalable visibility and control for your modern enterprise. The Tenable OT Security 4.3 release delivers powerful new features to enhance visibility and control across your operational technology (OT) environments and entire attack surface. Key updates in this release include: Scalable OT agents: Extend asset discovery to hard-to-reach areas and embedded systems, closing critical visibility gaps with lightweight, easy-to-deploy agents that leverage your existing IT infrastructure. Enhanced Tenable One data integration: Accelerate investigations and improve risk remediation with new Policy Violation Findings and richer Exposure Signals for more comprehensive Attack Path Analysis. Streamlined asset management: Benefit from a responsive Vulnerability Findings side-panel for quick investigations, custom asset tags and groups for better organization, and batch data and ruleset updates in Enterprise Manager to ensure consistent administration across distributed sites or locations. Additional user interface enhancements in v4.3: You can now search the asset serial number in the inventory Updated Sensor page navigation System Log pagination To learn more about what’s new in the latest version of Tenable OT Security, watch the latest customer update and review the release notes. Tenable Nessus Nessus 10.9 is now generally available! Nessus 10.9 introduces several key features to empower your security teams: Offline web application scanning in Nessus Expert: If your organization has strict network segmentation or air-gapped environments, Nessus 10.9 now enables comprehensive web application scanning functionality. This ensures your critical web applications, even in isolated networks, receive the same thorough security assessment as those in connected environments to maintain a consistent security baseline across your entire infrastructure. Triggered agent scans in Nessus Manager: Automatically initiate vulnerability scans via Nessus Manager in response to specific events. This means you get immediate insights into your security posture as soon as the system discovers new assets or critical system changes occur. This functionality will be enabled directly through Tenable Security Center in July. Agent version declaration for offline environments in Nessus Manager: Simplify the management of your Nessus Agents in air-gapped or offline deployments. With Nessus 10.9, you can now declare agent versions for Nessus Manager agent profiles, streamlining updates and ensuring your agents are running the desired software versions, even without direct internet connectivity. Agent safe mode status reporting in Nessus Manager: Get better visibility into our Nessus Agents’ health and operational status. Nessus 10.9 provides reporting on "Agent Safe Mode" status with insights into agents that may experience issues or operate in a limited capacity. This allows for quicker identification and resolution of agent-related problems for uninterrupted scanning coverage. Nessus 10.9 is available now. We encourage all Nessus users to upgrade to take advantage of these new features and continue to strengthen your vulnerability assessment capabilities. For more information, see the Nessus 10.9 release notes and Nessus 10.9 User Guide. You can also view this announcement under Product Announcements in Tenable Connect. End of Support for Nessus and Agents on Windows 32-bit operating systems. Tenable announces End of Support for Nessus and Agents on Windows 32-bit Operating Systems. Please see the bulletin for more details. Click here to continue reading the rest of the newsletter as a downloadable PDF.
