Windows Patch Management Remediation Guidance
SUMMARY Tenable Research is making changes to Windows-based patch management integrations that affect vulnerability remediation. This announcement only applies to customers who are using the WSUS and SCCM patch management credentials. Vulnerabilities identified by WSUS and SCCM integrations will now be identified as “local checks”, which will cause them to now affect vulnerability remediation, also known as vulnerability mitigation. CHANGE Prior to this change, vulnerabilities identified by these scans could not be remediated except by a Host credentialed scan - in other words, a Windows (SMB) credential. After this change, vulnerabilities identified by these Windows patch management scans may be remediated with a subsequent Windows patch management scan. Windows patch management credentials will identify only a subset of the vulnerabilities that a Host credentialed scan will. Therefore, a scenario could arise in which a patch management scan incorrectly remediates vulnerabilities previously identified by a Host credentialed scan. To prevent incorrectly remediating vulnerabilities, Tenable advises customers using a combination of patch management and Host credentials to combine them in a single scan, rather than running them in separate scans. IMPACT Customers who are not using patch management credentials are not affected by this change. Customers using patch management credentials but not Host credentials do not need to take any action, but will now see vulnerabilities identified by Windows and SCCM integrations being remediated. The guidance to combine credentials in a single scan applies to customers who are using Windows-based patch management credentials in combination with Windows Host (SMB) credentials. TARGET RELEASE DATE February 23, 2026CyberArk for Palo Alto Networks PAN-OS and F5
Summary Tenable is pleased to announce that customers can now use CyberArk for privilege access management with both the Palo Alto Networks PAN-OS and F5 credentials. Scope Customers utilizing Tenable Vulnerability Management and Nessus Manager now have the capability to configure vulnerability scans with the PAN-OS credential utilizing CyberArk as an authentication method. Similarly to PAN-OS, the F5 credential has also been updated with CyberArk as an option for providing authentication credentials for compliance checks scans. Supported PAM Integration in this Release: CyberArk Plugins The below integration plugins provide essential information for validating the successful acquisition of authentication credentials from CyberArk by both the F5 and PAN-OS integrations. Integration Plugins Integration Status Debugging Log Report Impact Customers will now see CyberArk as credential PAM options within the F5 and Palo Alto Networks PAN-OS credentials. For any issues related to the use of PAM authentication with F5, please refer to the new log in the Debugging Log Report. Example - If using F5 with CyberArk support, the file will display as “f5_settings.nbin~CyberArk”. For any issues related to the use of PAM authentication with Palo Alto Networks PAN-OS, please refer to the new log in the Debugging Log Report. Example - If using F5 with CyberArk support, the file will display as “palo_alto_settings.nasl~CyberArk” Release Date January 21, 2026 for Tenable VM and Nessus TBD: Tenable Security CenterSNMPv3 for CyberArk and HashiCorp Vault
Summary Tenable is pleased to announce the addition of SNMPv3 credentials for our CyberArk and HashiCorp Vault integrations. Scope Customers utilizing Tenable Vulnerability Management and Nessus Manager now have the capability to configure vulnerability scans with SNMPv3 credentials for our CyberArk and HashiCorp Vault integrations. This option is situated under the "Host" category within the credentials tab of either the CyberArk or HashiCorp Vault Integration. Detailed information about the integration configurations can be found within our integration documentation pages for CyberArk and HashiCorp Vault. Supported PAM Integrations in this Release: CyberArk HashiCorp Vault Plugins The following integration plugins contain information that is essential for validation whether the integration successfully obtained a credential for use in SNMPv3 authentication. Integration Plugins Integration Status Debugging Log Report Impact Customers will now see CyberArk and HashiCorp Vault as credential PAM options within the SNMPv3 authentication credentials. For any issues related to the use of PAM authentication with SNMPv3, please refer to the new log in the Debugging Log Report. Example: If using SNMPv3 with CyberArk support, the file will display as “snmp_settings.nasl~CyberArk”. Release Date January 7th, 2026 for Tenable VM and Nessus TBD: Tenable Security CenterNew CyberArk Secrets Manager PAM Integration
Summary Tenable is proud to announce integration with the CyberArk Secrets Manager solution. This integration gathers credentials from the CyberArk Secrets Manager to be used for target authentication. The integration will be available in Tenable Vulnerability Management and Nessus Manager, with plans to release this feature in Tenable.SC at a future date. Customers will benefit from streamlined privileged access in credentialed vulnerability scans. The CyberArk Secrets Manager, formerly known as “Conjur”, is a component in Privilege Cloud and Identity Security Platform Shared Services (ISPSS) deployments. The Tenable integration is compatible with both SaaS (cloud) and Enterprise (on-premises) deployments. Documentation for this Integration will be available on our documentation page under Integrations. Supported Authentication Types The CyberArk Secrets Manager integration can be used as an authentication method with the following credentials: SSH, including least privilege, privilege escalation, and SSH key authentication). SMB (Windows), including domain configuration. SNMPv3 Database integration, including the following database types: Oracle SQL Server MySQL MongoDB PostgreSQL DB2 Cassandra Sybase ASE VMware vCenter API VMware ESX SOAP API Nutanix Prism Central Impact There is no impact to existing scan configurations. Customers with CyberArk Secrets Manager are encouraged to use the integration for credentialed scans. Target Release Date January 20, 2026, TBD for SCIvanti Neurons & Endpoint Manager Mobile Integration
Summary Tenable is pleased to announce its new integration with Ivanti Neurons and Ivanti Endpoint Manager Mobile. Tenable customers can now integrate with Ivanti for enhanced mobile device management (MDM). The Ivanti integration is a rebranded version of MobileIron and operates in a highly analogous manner. Ivanti provides a comprehensive strategy for safeguarding mobile devices and addressing evolving IT requirements. Scope Customers using Tenable Vulnerability Management and Nessus Manager will be able to configure an MDM scan using the Ivanti credential which can be found in the “Mobile Device” category of credentials. Detailed information about the integration and configurations can be found by visiting our integration documentation page in the link for Ivanti. https://docs.tenable.com/Integrations.htm. Plugins The following integration plugins gather the credential settings, collect data from the Ivanti API, and if the integration was successful in collecting the correct credentials. Integration Plugins Ivanti Settings Ivanti Data Collection Integration Status Impact Customers will now see Ivianti and MobileIron credentials for MDM scans. There is no impact to our existing MobileIron MDM Integration. Release Date Tenable Vulnerability Management and Nessus Manager: October 23rd, 2025 Tenable Security Center: TBDFudo Security API v2 Compatibility
Summary Tenable is proud to announce compatibility with Fudo API v2. Customers now have the option to use both the API v2 and API v1 of the Fudo Security Privileged Access Management (PAM) solution. The API v2 uses API key authentication and not username and password, so customers using the integration credential now have a field for API URL and API Key. Further information regarding these changes and other helpful configuration tips for scans can be found by following the provided link to the FUDO section of Tenable's documentation page. Impact Existing scan configurations remain unaffected. Customers utilizing the integration will observe that the integration collects identical information, irrespective of the API version employed. Target Release Date 09/16/2025 for TVM and Nessus, TBD for SCNutanix Prism v4 API Compatibility
Summary Tenable is proud to announce compatibility with the version 4 of the Nutanix Prism Central REST API. This provides compatibility with current and future versions of Nutanix Prism. Change Tenable is adding support for API v4 but preserving support for API v3. Customers for whom API v4 is not available will continue to use v3. For all other customers, Tenable’s Nutanix Prism integration will automatically use API v4. Impact Customers should not see scan results change. The integration collects the same information regardless of the API version in use. Customers with Nutanix Prism Central are encouraged to update plugins to utilize the latest version of the integration. Target Release Date 26 Aug 2025 for T.VM, Nessus, and T.SC.Nutanix Prism Central PAM Support
Summary Tenable is pleased to announce the addition of another authentication method for the Nutanix Prism Central credential. We now offer Privilege Access Manager (PAM) Integration support within the Nutanix Prism Central credential. This feature allows customers to authenticate to Nutanix Prism Central using either username and password credentials or one of our PAM integrations. Scope When configuring credentials for Nutanix Prism Central under Miscellaneous credentials, customers will now find a new dropdown option ‘Nutanix Prism Central Authentication Method’. This allows them to authenticate using a username and password or by selecting a PAM and subsequently inputting the necessary credential fields for the chosen PAM. Supported PAM Integrations in this Release: Arcon BeyondTrust Password Safe CyberArk Delinea Secret Server Fudo HashiCorp Vault QiAnXin SenhaSegura WALLIX Bastion Plugin Impact For any issues related to the use of PAM authentication with Nutanix Prism Central, please refer to the new log located within the Debugging Log Report. Example If using Nutanix Prism Central with Fudo support, the file will display as “nutanix_settings.nasl~Fudo”. Release Date Tenable Vulnerability Management and Nessus Manager: July 21st, 2025 Tenable Security Center: TDBCisco Meraki Integration
Summary Tenable is proud to announce our new integration with Cisco Meraki Dashboard. Cisco Meraki Dashboard is a centralized cloud-based platform used to manage and monitor Cisco Meraki devices. It provides a web-based interface for configuring, troubleshooting, and securing global network and IoT deployments. Tenable’s integration with the Cisco Meraki Dashboard API allows users to leverage our vulnerability management solutions against devices that are managed in their Meraki environment including security appliances, switches, routers, and other supported devices. Scope Customers using Tenable Vulnerability Management and Nessus Manager will be able to configure up to a maximum of five Cisco Meraki credentials in a single scan policy. The Cisco Meraki credential can be found under the "Miscellaneous" category of credentials. Detailed information about the integration and configurations can be found by visiting our integration documentation page in the link for Cisco Meraki. https://docs.tenable.com/Integrations.htm Plugins Plugins related to the integration can be divided into two categories; integration and supporting plugins. The integration plugins gather the credential settings, collect data from the Cisco Meraki API, and store this data for usage by the supporting plugins. Whereas supporting plugins detect the presence of Cisco Meraki devices and perform vulnerability detections against the device attributes; mainly primarily firmware. Integration Plugins Cisco Meraki Settings Cisco Meraki Data Collection Integration Status Supporting Plugins Cisco Meraki Detection Tenable Research will also release 6 initial plugins to detect Cisco Meraki versions vulnerable to several different high-impact CVEs. Please note that these plugins will require a paranoia level of 2 (“Show potential false alarms”). Impact The Nessus Scan Information plugin (plugin ID 19506) will report credentialed checks for Cisco Meraki devices through the use of the Cisco Meraki integration. Customers will see credentialed checks ‘no’ if a Cisco Meraki Device was detected while using the integration and the firmware version that we collected for the device is not configured or absent. Otherwise, customers can expect to see ‘yes, via HTTPS’ if successful. Release Date Tenable Vulnerability Management and Nessus Manager: July 3rd, 2025 Tenable Security Center: TDBIntegration Status Plugin Summary Tenable is announcing the...
Integration Status Plugin Summary Tenable is announcing the release of a new plugin named Integration Status. The purpose of this plugin is to provide users with helpful information regarding the success or failure when using one of Tenable’s currently supported PAM, MDM, and/or Patch Management Integrations. This gives users a simple way to check on the status of the integration success without having to enable plugin debugging on a per-host basis. Additionally, it improves scan review and performance. In the event that integration status failed, the user can enable plugin debugging, re-scan, and review logs associated with a particular integration for more detail. Tenable will release this plugin feature in two separate releases. This is based on user demand. Integrations in the initial release include the following. PAMs Arcon BeyondTrust Password Safe CyberArk (this includes Legacy, non-Legacy, and Dynamic Scanning). Delinea Secret Server HashiCorp Vault QiAnXin SenhaSegura WALLIX Bastion MDMs AirWatch Blackberry UEM IBM MaaS360 Microsoft InTune Workspace ONE Patch Management VMware ESX SOAP API VMware vCenter API Integrations that will be released after the initial release include the following. Nutanix RedHat Satellite Server HCL BigFix Microsoft SCCM Microsoft WSUS Scope This plugin reports the success or failure of an integration, based on the intent of the integration. This varies between PAMs, MDM, and Patch Management integrations. Here is a synopsis of each integration type. Tenable’s PAM integrations retrieve account credentials for one or more targets specified in a scan policy and credential. Tenable determines the success or failure of retrieving the credential from a specific PAM within the scope of the Integration Status plugin. NOTE: This plugin does not include authentication success or failure to the target within scope. There are other plugins in existence for this purpose. Tenable’s MDM integrations retrieve mobile devices and data associated with those devices. Tenable determines success or failure of an MDM integration based on whether devices were retrieved or not. Tenable Patch Management integrations retrieve patch data from a specific host. In Tenable’s initial release, we’ve included our VMware integrations (ESXi and vCenter). Here are some details regarding the scope of our VMware Integrations as it relates to the new plugin. Users that configure one or more VMware vCenter API credentials can expect to see integration success or failure on a per host basis. If the target is a vCenter host, Tenable determines whether or not authentication to the API was successful. By adding a vCenter host to the target list, users can get a better perspective on the status of the integration's success or failure. If the target is an ESX host, Tenable determines success or failure based on our ability to retrieve VIBs for this host based on data we retrieve from the vCenter host that manages it. In addition, we report the associated vCenter host that manages it. Users that configure one or more VMware ESX SOAP API credentials can expect to see success or failure based on Tenable’s ability to gather VIBs directly from the specific ESXi host in the target settings. Impact There is no impact to existing scans. If users encounter issues, please open a ticket with Technical Support. Initial Release Date July 31, 2024 - Tenable Vulnerability Management, Tenable Nessus, and Tenable Security Center Remaining Integrations Release Date 2024 Q3 - Tenable Vulnerability Management, Tenable Nessus, and Tenable Security Center