[GA] Tenable Patch Management 10.0 is officially LIVE! Experience the magic of simplicity.
Today, we are thrilled to unveil the latest evolution of Tenable Patch Management (TPM): The General Availability (GA) of TPM v10.0. This update represents a significant transformation of our product, designed to deliver on the promise of modern, frictionless, and autonomous patching. Big News: One Product, One Experience We have officially unified our product experience by retiring the "Express" vs. "Enterprise" distinction in favor of a Single SKU model. Whether you require high-speed simplicity or deep granular control, you no longer have to choose, every customer now has access to the full power of the Tenable patching engine. Experience the Magic of Simplicity TPM 10.0 reduces operational complexity by focusing on the daily workflow of the administrator. Here is what you will find inside: Administrator-first interface: Our new homepage prioritizes "Blind Spots" and "Delta Numbers," giving you an instant view of unpatched gaps and real-time changes in your environment. 6-step guided setup: A new interactive onboarding wizard replaces hours of manual setup, covering integration and device verification in minutes. "What, When, & How" strategy builder: Build complex patching strategies using a guided process focused on three simple questions: What are we patching? When is it happening? How should it behave? Deployment rings: We have evolved "Waves" into Deployment Rings with automated Transitions (Success, Approval, or Delay) to control exactly how patches move through your environment safely. The emergency kit: Access a "Global Pause" button, instant rollbacks, and exception controls directly from your dashboard for moments when you need to act fast. Advanced settings hub: We haven't removed the deep customization you love; we've just organized it. Features like Intent Schema and Flex Controls have moved to this hub to keep your main workspace clean. Enhanced RBAC (on-premise): We have introduced new built-in security roles for scoped access and security audits. Release details On-premise version: v10.0.971.19 (Server & Client) SaaS version: v10.0.971.18 (Server) | v10.0.971.15 (Client) Technical update: Both Server and Client have been updated to use Java 25 for peak performance and security. Migration & licensing: what it means for you Note: Your existing patching strategies and product configurations remain completely untouched by this upgrade and will continue to function exactly as designed. Customer type What happens today? Action required SaaS / Cloud Server: Your Console is updated to v10 automatically. Clients: Please follow the instructions here to upgrade your clients to v10. None. You have immediate access to v10 features. Your subscription transitions to the new model at your next renewal. On-premise Your choice. You remain on your current version until you choose to upgrade. Recommended: Contact us for a Zero-Dollar Exchange Order to unlock v10 features today, then download the update below. Transition to single SKU will be mandatory during renewal. Get started with these resources Explore these resources to hit the ground running: Download: Get TPM On-Premise v10.0 Changelog: View Release Notes At a Glance: What's New in TPM 10.0 Guide Release Demo: TPM 10.0 Video Walkthrough New User Guide: Single, Consolidated User Guide Docs: TPM Complete Documentation Log in now to experience the magic of simplicity combined with deep control. Happy Patching! — Ahmad Maruf Principal Product Manager, Tenable Patch Product ManagementGA Release: Tenable WAS Integration for ServiceNow VR (v30.2.0)
We are excited to announce that Tenable Web App Scanning (WAS) is now fully integrated with ServiceNow Vulnerability Response! This update allows security teams to automatically synchronize application metadata and vulnerability findings discovered through Tenable’s Dynamic Application Security Testing (DAST) directly into ServiceNow. Key Benefits: Unified Security Posture: Maintain a single, comprehensive view of your application security in one platform. CMDB Correlation: Automatically map Tenable WAS findings to your CMDB applications for better asset context. Risk-Based Prioritization: Prioritize remediation efforts using severity, CVSS, and specific risk indicators. Scalable Data Ingestion: Uses Tenable Export APIs to retrieve data in chunks, ensuring high performance even for large-scale environments. What’s New in this Release: Automated Asset Sync: Seamlessly import application assets from Tenable WAS using the Assets Export APIs and create import queue entries for transformation. Vulnerability Ingestion: Import vulnerability findings and associated metadata using Tenable WAS Export Findings APIs to create Application Vulnerable Items (AVITs). Flexible Lookup Strategy: A new "Lookup strategy" field allows you to independently configure CI Lookup or Product Model settings for each integration. Compatibility: Fully compatible with ServiceNow’s Zurich, Yokohama, Washington, and Xanadu releases. View the Released App | View Documentation Questions? We're here to help! Reach out to us at connect.tenable.com. — Ahmad Maruf Principal Product Manager, Tenable Ecosystem[GA Release] Tenable Add-on for Splunk v8.0.2 is Now Available!
Hi everyone! We’re thrilled to announce the latest quality release to the Tenable Add-on for Splunk – now live with version 8.0.2! Release Date: January 22, 2026 Get It Now: Tenable Add-on for Splunk on Splunkbase Documentation: Tenable Add-on for Splunk Documentation What’s New in v8.0.2? Resolve an index _time race condition with Tenable Security Center Known Issues and Limitations: None Shoutout to everyone who made this release possible! – Ahmad Maruf, Tenable Ecosystem Product Management
January 2026 Tenable Product Newsletter
Greetings! Check out our January newsletter to learn about the latest product updates, research insights, and educational content — all to help you get more value from your Tenable solutions. Tenable One New Tenable One Connector | ORDR Bridge the gap between IT and OT. Connect Tenable One with ORDR to get a single view of your entire attack surface, showing exactly how a simple IT exposure can reach your critical operational technology. By treating IT and OT as a single, connected environment, you can better protect your uptime and ensure smooth and safe operations. Learn more >> Tenable Cloud Security Tenable named a Customers’ Choice in the 2025 Gartner® Peer Insights™ Voice of the Customer for Cloud-Native Application Protection Platforms (CNAPPs) We are excited to share that Tenable is named a Customers’ Choice in the 2025 Gartner® Peer Insights™ Voice of the Customer for Cloud-Native Application Protection Platforms (CNAPPs). In this report, Gartner Peer Insights provides a rigorous analysis of 1,664 reviews and ratings of 10 vendors in the CNAPP market. In the 18-month eligibility window, we received an average of 4.8 out of 5 stars for Tenable Cloud Security based on 71 reviews as of October 2025. We’re grateful to you, our customers. This kind of feedback tells us we're delivering on what matters most! Learn from your peers as you choose the best solution for your cloud security program. You can read the report here. Exclusions | Strategic risk management: Streamline exception handling with a new centralized framework. Define business scenarios to ignore non-actionable findings or adjust their severity using flexible conditions like tags and attributes. All legacy exceptions now migrate here for a single, auditable source of truth. Reports | Query-to-report automation: Transform any search in Explorer into a scheduled or on-demand report. Leverage a redesigned, full-screen reporting experience featuring live data previews and local timezone support to ensure stakeholders receive actionable data exactly when they need it. IAM | AWS ABAC and granular visibility: Permission evaluations now support AWS attribute-based access control (ABAC) for highly accurate least-privilege recommendations. Additionally, a new dedicated Access Level section in resource profiles replaces generic summaries with a detailed breakdown of permission categories. Projects | Scalable API automation: Manage high-volume environments with new GraphQL API support for Projects. Programmatically create, modify, or delete projects and role assignments to align security governance with rapid DevOps workflows. Data security | Precision classification: Enhance data discovery by using Regex to exclude known or irrelevant values from classification to ensure your data security findings focus on actual sensitive information while filtering out noise. View full cloud release notes Tenable Identity Exposure This month, we are focusing on removing deployment friction for indicators of attack (IoA). To maintain a high-velocity security posture, we have simplified the process of authorizing installation scripts within your existing EDR/AV environments. Frictionless IoA deployment: We’ve added three new parameters to the IoA installation script to ensure your security stack works in harmony. This enhancement accelerates time-to-protection by pre-authorizing deployment scripts and preventing false-positive blocks from security tools. Proactive authorization: Use OutputCertificate or GetSignatureToWhitelist to retrieve the Tenable certificate or script hash for immediate allowlisting. Controlled execution: The TimerInMinutes parameter allows you to delay installation, ensuring your environment has processed allowlist updates before the script runs. View full identity release notes By focusing on these specific parameters, your team can avoid the manual overhead of troubleshooting blocked installations and move directly to monitoring for identity-based threats. Tenable Vulnerability Management Streamline your Microsoft Patch Tuesday remediation Master the monthly operational challenge of Microsoft Patch Tuesday with the updated one-stop-shop dashboard. You can now balance critical deployments against user disruption with a comprehensive view of your organization's remediation status to quickly detect vulnerable devices and prioritize the most difficult issues. This update leverages three key advancements: Enhanced VPR analysis: Utilize the newest algorithm to focus on your most critical vulnerabilities. The enhanced analysis reduces your workload and offers greater explainability for risk scoring. Granular asset tracking: Leverage new software inventory attributes to distinctly analyze risk across operating systems versus applications and packages. Reboot detection: Instantly identify assets with applied patches that are vulnerable due to a pending reboot, so you can close security gaps completely. Download a new copy of this dashboard to access the new widgets and data visualizations. Nessus SSH Session Re-use feature added for credential scans Nessus now supports an opt-in feature to reuse SSH sessions during a scan when running Nessus version 10.9.0 or greater. Added in response to numerous requests from customers like you, this update will reduce the number of new SSH connections established during remote network scans and the associated increase in network traffic. Access more information in Tenable Research Release Highlights here. Tenable Security Center Action required: Preparing for upcoming VPR feed update Starting mid-January 2026, the Tenable Security Center feed will expand to support new Vulnerability Priority Rating (VPR) data. To prevent PHP memory exhaustion and ensure your daily updates continue seamlessly, you must take immediate action. Versions 6.5.1 – 6.7.2: Patch 202601.1 is now available. Applying this patch will automatically modify the PHP configuration to increase the memory limit. Versions prior to 6.5.1: Follow the instructions outlined here to modify the PHP configuration. Note: Consoles with less than 8 GB RAM may require a hardware resource update. In case you missed it: Tenable Security Center 6.7 is now available See your environment more clearly and act faster on what matters most. This release delivers a modern, intuitive UX that improves usability, scalability, and efficiency across your workflows. Explore – Assets (preview): Get a modern view of your assets with advanced filtering and improved navigation that helps you identify risks faster. Triggered agent scanning: Automate Tenable Agent scans based on defined conditions, so you can catch vulnerabilities sooner and respond with confidence. Credential verification scan policy: Quickly validate Windows and Unix credential pairs with a built-in template that confirms authentication success. Performance and reporting enhancements: Experience faster scan ingestion, faster reporting, and improved backend performance that keeps pace with your team. Before you upgrade: Tenable Security Center 6.7 supports upgrades from version 6.3.0 and later. The release updates hardware specifications. Systems below the new recommendations will still upgrade successfully, but performance may vary. Upgrade now and view the release notes for details. Tenable Patch Management Get the magic of simplicity and deep control On Jan. 22, your patching experience transforms into a single, unified powerhouse. You no longer have to choose between speed and granular control. You now have full access to our most robust engine designed for autonomous patching. We’ve streamlined your workflow to help you close security gaps faster: Set up in minutes, not hours, with the new 6-step onboarding wizard. Eliminate guesswork using the intuitive "What, When, & How" strategy builder. Act fast with front-and-center emergency controls like Global Pause. Rest assured, your current strategies remain untouched and will continue to function exactly as designed. Explore the new features. Tenable OT Security Now available: Tenable OT Security 4.5 This release delivers improved scalability for enterprise environments, enhanced power grid visibility, and new integrations across the Tenable One portfolio. Advanced dynamic tagging: Streamline prioritization and reporting with the ability to create rule-based groups and tags with multiple filters, including asset type, risk score, and criticality. Enhanced support for IEC 61850: Improve passive detection of intelligent electronic devices with comprehensive visibility across substation and power generation infrastructures. Unified SOC visibility: You can now directly view policy violations that Tenable OT Security detects, such as unauthorized access or failed logins, within Tenable Security Center dashboards and reports to bridge the gap between OT and the SOC. Expanded compliance mapping: Simplify how you measure and report against critical security frameworks with support for IEC 62443-3-3 and NIST-CSF in the Compliance Dashboard. Role-based access controls (RBAC): Tenable Enterprise Manager now enables admins to assign users to specific ICPs using user groups, so users only view the zones they’re authorized to see while inheriting ICP-level roles. Tenable Training and Product Education Introducing the Tenable Universal Education SKU Maximize your team’s expertise without the pressure of immediate decision-making. Tenable Universal Education SKUs streamline your procurement by consolidating all training needs into a single, flexible entitlement. You can secure your budget today and choose your specific product or certification path later as your security priorities evolve. This flexibility also applies to your existing Enrollment Codes, which you can now use for any applicable course. When you are ready to train, simply visit Tenable University, select your course from the eligible catalog, and apply your code to start learning. Tenable Webinars Tune in for product updates, demos, how-to advice and Q&A. See all upcoming live and on-demand webinars here. On-demand Escape the patching cycle. A guide to autonomous risk-based patching. Securing the future of AI in your enterprise. Policy frameworks that balance opportunity and oversight. Customer office hours These are recurring ask-me-anything sessions for Tenable Security Center, Tenable Vulnerability Management, Tenable Cloud Security, Tenable Identity Exposure and Tenable OT Security. Time-zone-appropriate sessions are available for the Americas, Europe (including the Middle East and Africa and Asia Pacific (APJ). Learn more and register here. Tenable Research Research Security Operations blog posts Subscribe to the Research team blog posts here. CVE-2025-64155: Exploit code released for critical Fortinet FortiSIEM command injection vulnerability Microsoft’s January 2026 Patch Tuesday addresses 113 CVEs (CVE-2026-20805) Research release highlights SSH Session Reuse: Opt-in to this feature to reduce the number of SSH connections made during remote network scans within Tenable Vulnerability Management and Nessus Miracle Linux Local Security Checks: Scan for Miracle Linux vulnerabilities using the newly released plugins. SNMPv3 for CyberArk and HashiCorp Vault: Choose to query the CyberArk or Hashicorp vaults using the SNMPv3 credentials. Content coverage highlights More than 4,700 new published vulnerability plugins. More than 60 new audits delivered to customers. Read Tenable documentation.Stop Choosing Between Simple and Powerful. Get Both with TPM 10.0
On January 22, we are thrilled to unveil Tenable Patch Management (TPM) 10.0. This update is a significant transformation of our patch product, designed to deliver the promise of modern, frictionless, and autonomous patching for everyone. We are officially retiring the "Express" vs. "Enterprise" distinction. Moving forward, TPM is a Single SKU model. Whether you need high-speed simplicity or deep granular control, you no longer have to choose. Every user now has access to the full power of the Tenable patching engine. TPM 10.0 reduces operational complexity, and focuses on the daily workflow of the administrator. Highlights of TPM 10.0 (SaaS & On-Premise) We’re moving away from executive ROI charts to focus on an Administrator-First interface. The new homepage prioritizes "Blind Spots" and "Delta Numbers," giving you an instant view of your unpatched gaps. A Simple Setup Wizard: A new 6-step onboarding guide replaces hours of manual setup, covering integration, device verification, and your first patching strategy in minutes. "What, When, & How" Strategy Builder Workflow: Build strategies and leverage Deployment Rings (formerly Waves) and automated Transitions (Success, Approval, or Delay) to control exactly how patches roll out. The Emergency Kit: A "Global Pause" button, instant rollback, and exception controls are now front-and-center on your dashboard. Single-Pane Visibility: The updated Monitoring & Deployments Dashboards offer a clear view of scheduled, in-progress, and finished deployments, allowing you to bypass approvals or skip ahead without menu-hopping. RBAC Enhancements (TPM On-Premise): Expanded Role-Based Access Control (RBAC) is now available for TPM On-Premise. New built-in security roles allow scoped access for specific locations (e.g., branch offices, testing labs) and read-only access for security audits. For the Power Users We haven’t removed the deep customization you love; we’ve just organized it. All advanced features like Intent Schema and Flex Controls have moved to the new Advanced Settings hub. This keeps the main interface clean for daily tasks while ensuring your "under-the-hood" configurations remain just one click away. Migration & Licensing: What It Means For You Customer Type What Happens on Jan 22? Action Required SaaS / Cloud Automatic upgrade to the v10 UI. None. Your subscription transitions at your next renewal. On-Premise Stay on your current UI until you choose to upgrade. Optional Upgrade: Contact us for a Zero-Dollar Exchange Order to unlock v10 features today. Get Started with These Resources To help you hit the ground running, we’ve attached two essential resources to this post: What's New in TPM 10.0 (PDF): A comprehensive feature guide, FAQ, and a navigation map to help you find your favorite v9 tools in the v10 interface. TPM 10.0 Video Walkthrough: Join Ahmad Maruf, Principal Product Manager of Tenable Patch Management for a deep dive into the new dashboard, wizard-driven onboarding, strategy creation, and emergency controls here. Your current product and strategies remain completely untouched and will continue to function as designed. Log in on January 22nd to explore the new dashboard, and experience the magic of simplicity combined with deep control. Happy Patching, Tenable Patch Product Management
New Feature: Mobilize your data with Jira Cloud Ticketing!
We are excited to announce the initial release of mobilization services in Tenable Vulnerability Management and Tenable One, designed to streamline your remediation workflows! This foundational capability provides native, unified ticketing integrations that ensure a current, bidirectional view between your security findings and third-party tickets. No more manual updates or guesswork! What This Means for You: The first iteration focuses on Exposure Response in Tenable Vulnerability Management and Tenable One Inventory Findings: You can now automatically or manually create tickets directly in Jira Cloud via Exposure Response Initiatives in Tenable Vulnerability Management. This synchronization significantly accelerates response times by immediately converting critical security findings into actionable tickets for your remediation teams. Mobilization capabilities are also available in Tenable One: Manually generate tickets from Inventory findings into Jira Cloud. Expose and close critical risks from a single platform across multiple domains, including third-party data. See Mobilization in Action! Ready to see how fast you can turn findings into tickets? Watch the Walkthrough Demo: Learn how to set up and use the new ticketing integration to automate your workflow! Get Started Today: Review the release notes and Quick Reference Guide for detailed setup steps. See the VM User Guide for guidance on creating an initiative and the EM User Guide on how to create a Jira Cloud Ticket. Start leveraging this integration to boost your team's efficiency. What's Next? Note: ServiceNow ITSM mobilization is coming soon!GA Announcement – Tenable App for Microsoft Sentinel v3.1.1
Release Date: November 3, 2025 Hi Everyone! We’re excited to announce the general availability (GA) of version 3.1.1 of the Tenable App for Microsoft Sentinel! This release includes minor enhancements and version updates to help you get the most from your integration. Download and Install the App: Tenable App for Microsoft Sentinel – Azure Marketplace at https://azuremarketplace.microsoft.com/en-us/marketplace/apps/tenable.tenable-sentinel-integration?tab=Overview Documentation: Installation & Upgrade Guide at https://docs.tenable.com/integrations/Microsoft/Azure/Content/install-sentinel.htm Changelog: What’s New in v3.1.1 Azure Gov Cloud Support: Added a dedicated button on the Data Connector UI for Azure Gov Cloud, which redirects users to the .us domain, while the existing button continues to serve all other regions. Please upgrade to v3.1.1 to ensure full support for Azure Gov Cloud configurations. Function Extension Bundle Upgrade: Updated the Azure Sentinel Tenable VM Connector’s Function Extension Bundle (Function App) to version range [4.*, 5.0.0) for improved performance and compatibility. Questions? We're here to help! Reach out to us at connect.tenable.com — Ahmad Maruf Principle Product Manager, Tenable EcosystemGA Release - Tenable Add-on for Splunk v8.0.1 is Now Available
Hi everyone, We are thrilled to announce the latest major update to the Tenable Add-on for Splunk. Version 8.0.1 is now live and was released on September 30, 2025. Released: September 30, 2025 Get It Now: Visit the Tenable Add-on for Splunk on Splunkbase by searching for "Tenable Add-on for Splunk" or going to splunkbase.splunk.com/app/4060 What's New in Version 8.0.1: Fixed an issue with custom SSL certificates for the Tenable SecurityCenter input Improved compliance data collection by preserving original field valuesxx Compatibility Matrix: Browsers: Google Chrome, Mozilla Firefox Operating Systems: Platform independent Splunk Enterprise: Versions 10.0.x, 9.4.x, and 9.3.x Supported Deployments: Splunk Cluster, Splunk Standalone, and Distributed Deployment Known Issues and Limitations: None A shoutout to everyone who made this release possible. Thanks, Ahmad Maruf Tenable Ecosystem Product ManagementGA Release 6.1.0 – Tenable Apps on ServiceNow Store Are Now Yokohama Platform Compatible!
Release Date: July 30, 2025 Download and Install/Upgrade: - Service Graph Connector for Tenable (https://store.servicenow.com/store/app/d102bfea1ba46a50a85b16db234bcbf7) - Tenable for ITSM (https://store.servicenow.com/store/app/524caf6e1b246a50a85b16db234bcb3b) - Tenable.ot for Vulnerability Response (https://store.servicenow.com/store/app/b9bcefee1b246a50a85b16db234bcb47) Documentation: ServiceNow Documentation (https://docs.tenable.com/integrations/ServiceNow/Content/Welcome.htm) What’s New: Tenable announces the General Availability of version 6.1.0 for our ServiceNow applications. This release ensures full compatibility with the Yokohama Platform Release. Included Tenable Applications on ServiceNow Store: Service Graph Connector for Tenable, Tenable for ITSM, and Tenable.ot for Vulnerability Response Platform Compatibility: - Tenable Vulnerability Management - Tenable Security Center version 5.7 or later - Tenable OT Security - ServiceNow releases: Washington, Xanadu, Yokohama Required Plugins: If you are upgrading from a legacy version, the following plugins must be installed and updated: Required: - ITOM Discovery License – version 1.0.0 - ITOM Licensing – version 1.0.0 - CMDB CI Class Models – version 1.76.0 - Integration Commons for CMDB – version 2.19.0 Optional (based on use case): - Domain Separation (required when using Domain Separation) - ServiceNow Vulnerability Response – version 23.0.0 (required for Vulnerability Response functionality) - Incident – version 1.0.0 (required for ITSM functionality) Looking Ahead: We are currently finalizing our engineering efforts and are nearing code completion for the upcoming ServiceNow Zurich release. We anticipate that all of our applications will be certified and published either shortly before or soon after the official release. Questions? We're here to help!Reach out to us at connect.tenable.com. Ahmad Maruf Product Manager Tenable EcosystemGeneral Availability (GA) of version 3.1.0 of the Tenable App for Microsoft Sentinel!
Release Date: July 17, 2025 Hi Everyone! We're excited to announce the general availability (GA) of version 3.1.0 of the Tenable App for Microsoft Sentinel! This release includes several key updates, enhancements, and expanded functionality to help you get the most from your integration. Download and Install the App: Tenable App for Microsoft Sentinel - Azure Marketplace (https://azuremarketplace.microsoft.com/en-us/marketplace/apps/tenable.tenable-sentinel-integration) Documentation: Installation and Upgrade Guide (https://docs.tenable.com/integrations/Microsoft/Azure/Content/install-sentinel.htm) Changelog: What's New in v3.1.0? Updated Python runtime to 3.12 Upgraded pyTenable SDK to v1.7.4 Added Support for Web Application Scanning (WAS) Asset and Vulnerability data ingestion Bug fixes and Architectural Redesign Replaced Queue Trigger functions with Durable Functions Added support for Microsoft's Log Ingestion API, including updated papers and playbooks Important Upgrade Information Do not attempt an in-place upgrade. You must remove the existing Function App and associated resources before deploying 3.1.0. This release conforms to Microsoft's new requirements and uses Microsoft's new Log Ingestion API (https://learn.microsoft.com/en-us/azure/azure-monitor/logs/tutorial-logs-ingestion-portal), which relies on Data Collection Rules (DCRs) and Data Collection Endpoints (DCEs). Due to DCR constraints, tables from previous versions are not compatible and cannot be used. For detailed, step-by-step guidance, refer to the official documentation above. Questions? We're here to help! Reach out to us at connect.tenable.com. - Ahmad Maruf Product Manager Tenable Ecosystem
