March 2026 Tenable Product Newsletter
Check out our March newsletter to learn about the latest product and research updates, upcoming and on-demand webinars, and educational content — all to help you get more value from your Tenable solutions. EXPOSURE 2026 Save 50% on the security conference of the year Don’t miss EXPOSURE 2026, the first-ever conference dedicated exclusively to proactive, unified exposure management. Join us in Boston, Mass., from May 19-21, 2026, to get: Hands-on instruction with Exposure Management Strategy or Tenable One Technical Training Practical resources and real-world insights from Tenable leaders and industry experts Register before March 31 to save 50% off admission and training with early-bird pricing. Tenable customer update webinar 11 a.m. EST/3 p.m. BST, April 9, 2026 Join our upcoming webinar for an informative, fast-paced overview of recent product updates and best practices. Hosted by a team of Tenable product experts, this session will explore how to better secure your expanding attack surface and consolidate critical security data. Register now. Tenable One Coming soon: Data portability for Tenable Attack Path Analysis (APA) We’re introducing Full Export for Tenable APA, allowing you to move beyond single-page views and transform high-level visualizations into actionable offline intelligence. Key capabilities: Comprehensive data: Export full datasets for Top Attack Paths and Top Attack Techniques into CSV or JSON formats. Risk context: Exports include critical metrics like Source NES (Node Exposure Score) and Target ACR (Asset Criticality Rating). High capacity: Easily trigger exports for up to 100K+ results via a new global UI button. API parity: Programmatically pull path data into your SIEM, SOAR, or custom tools using the Tenable Public API. Tenable Cloud Security This month’s updates focus on operational scale, synchronizing security standards, and automating remediation across complex multi-cloud environments. Highlight: Synchronized policy management With linked queries, you can now connect saved explorer searches directly to custom policies and reports. Eliminate manual version control: When you update a source query, every linked policy and report automatically syncs, so your security standards are identical across your entire organization. Operational control: Pause automated workflows for maintenance without losing your configurations using the new enable/disable toggle for automation rules. High-impact capabilities Actionable CI/CD pipelines: Maintain developer velocity by excluding unresolvable vulnerabilities from container image scans. This prevents noise from breaking builds when no patch is currently available. Confirmed reachability: Bridge the gap between theoretical risk and actual exposure with Network Endpoints now displayed in your Inventory to surface the actual, validated entry points for your resources. Dynamic IaC protection: Tenable now scans Terraform dynamic configurations to give you visibility into scaled infrastructure and complex definitions before deployment. Expanded compliance: Immediate support for CIS AWS 6.0.0 and the NIS2 Directive keeps your cloud accounts aligned with the latest global regulatory benchmarks. Strategic update: Domain transition Note: Critical for continued service. The Console URL has officially transitioned to app.tenable.com. Please update your bookmarks and firewall allow lists to include *.app.tenable.com immediately to prevent service interruption. View Full March Release Notes Tenable Vulnerability Management Introducing VM-Native OT Discovery Safely identify and profile connected PLCs, HMIs, and IoT devices using the vulnerability management toolset you already own. No specialized hardware or complex deployments required. Turn your existing IT security tools into a safe OT discovery engine today and get visibility into your IT/OT security gap. Watch the guided demo to see this new capability in action. For more information, explore the user guide documentation for Scan Templates and Discovery Settings. Clean up your scan data: New OS and app inventory dashboard Our new Operating System and Application Inventory with Data Troubleshooting dashboard gives you an instant, high-level view of your asset counts across every OS and application. By using built-in troubleshooting queries, you can identify and fix scan fidelity issues and prioritize risk based on the most accurate data possible. View the dashboard details. Nessus Maximize your vulnerability assessment strategy with our recently introduced interactive Tenable Nessus demos. Skip the manuals and get immediate, hands-on experience securing your attack surface. Explore the Nessus Professional Onboarding demo to launch your first comprehensive scans in minutes. Dive into the Nessus Expert Onboarding demo to master advanced assessment features and eliminate security blind spots, whether on-prem or in the cloud. Tenable Security Center Uncover the OT blind spots across your network If you’re not already a Tenable OT Security user, your IT environment is likely full of shadow OT, like HVAC controllers and IoT devices, that standard scans can’t see. We recently added native OT discovery capabilities directly inside Tenable Security Center, so you can safely map these assets using the tools you already own. Get deep identity data for PLCs and HMIs without risking a disruption or deploying new network sensors. See it in action in this guided demo, and find out how to configure your first scan here. Reminder: Upgrade to Tenable Security Center 6.8 Focus on the vulnerabilities that truly matter with AI-powered VPR insights and clear mitigation guidance. This release streamlines your operations with unified asset repositories for IPv4, IPv6, and Agents, and improves efficiency with new background query processing and scan optimization tools. Explore the release notes for more information before you upgrade. Tenable Patch Management Improved patching precision and reliability Update (v10.0.971.26) includes critical fixes around strategy corruption and inaccurate compliance reporting. By upgrading, you keep your workflows intact, your data precise, and your environment benefits from the modernized performance and security of Java 25. View the release notes or access TPM documentation. Tenable OT Security Update required: Tenable OT Security 4.5 Service Pack (version 4.5.61) We advise all customers currently running version 4.5 apply this upgrade immediately to ensure optimal system stability and performance when processing high volumes of network conversations. This update also addresses specific communication gaps with Rockwell Stratix devices and Nessus scans. Review the release notes for the full list of fixes and improvements. Introducing Tenable OT Security 4.6 (Early Access) Our upcoming release introduces a variety of new features, performance enhancements, and streamlined workflows for large-scale industrial environments. Massive subnet scaling: Now supports up to 5,000 subnets per ICP, significantly increasing visibility for massive enterprise deployments. Centralized network management: A new Monitored Networks page includes bulk-add capabilities and the ability to stage inactive networks before monitoring. Precision scanning: New Nessus workflows let you define specific credential usage per scan for safe discovery of sensitive assets. Streamlined platform navigation: Updated workflow for SSO/SAML users helps you pivot back to the Tenable One platform instantly with the return button. Remote agent updates and query restrictions: Update OT agents directly from the ICP. and remove local site visits or manual CLI intervention. New infrastructure for OT agents also enables you to restrict specific protocol queries. Enhanced diagnostics: Exported asset logs now include deeper metadata to speed up Support and Engineering troubleshooting. IoT connector overhaul: Major stability and performance fixes for Milestone, AvigilonES, and Exacq Edge integrations for IoT asset discovery. This update focuses heavily on large-scale infrastructure, refined scan controls, and better integration with the Tenable One ecosystem. Check out the release notes and user guide for details. Tenable Web App Scanning Stop chasing dead keys: New secrets validation for WAS Don’t waste time manually verifying every leaked credential. Our new Secrets Validation automatically tests detected tokens, like GitHub or AI service API keys, to see if they are live and exploitable. By distinguishing between a harmless string and a critical vulnerability, you can prioritize your remediation efforts based on real-world risk, rather than noise. View the documentation or read the full breakdown on Tenable Connect. Tenable Training and Product Education Evolve from reactive patching to proactive risk oversight The Exposure Management Business Theory course, now available at no cost in Tenable University, guides you in self-paced modules toward building a sustainable exposure management program through the five pillars of the exposure lifecycle: scoping, discovery, prioritization, validation, and mobilization. Get strategic insight to align Tenable’s capabilities with your business goals, drive meaningful change, and make informed decisions. Get hands-on expertise with current industrial security capabilities The newly-updated Tenable OT Security Specialist instructor-led training course, now aligned with Tenable OT Security version 4.4, ensures you can effectively protect your critical infrastructure using the latest product features and workflows. You will learn to: Maximize visibility: Learn to leverage these enhancements to see and secure every asset in your OT environment. Reduce risk: Practice real-world scenarios to identify vulnerabilities and threats faster. Get expert guidance: Interact directly with instructors to master complex configurations and best practices. Visit tenable.com/education to learn more about our Tenable University education offerings, see global instructor-led training (ILT) schedules, and buy virtual ILT or on-demand courses. Tenable webinars Tune in for product updates, demos, how-to advice, and Q&A. See all upcoming live and on-demand webinars at https://www.tenable.com/webinars. Customer office hours These are recurring ask-me-anything sessions for Tenable Security Center, Tenable Vulnerability Management, Tenable Cloud Security, Tenable Identity Exposure and Tenable OT Security. Time-zone-appropriate sessions are available for the Americas, Europe (including the Middle East and Africa and Asia Pacific (APJ). Learn more and register here. Tenable Research Research Security Operations blog posts Subscribe to the Research team blog posts here. The cloud and AI velocity trap: Why governance is falling behind innovation Dynamic objects in Active Directory: The stealthy threat New malicious npm package "ambar-src" targets developers with open-source malware Research release highlights Improvement: Handling component installs for vulnerability assessment: Adds the ability to remove findings for component-based vulnerabilities from scan results New Dell OS10 compliance plugin and audit files: Customers can now measure compliance against Dell OS10 devices with new plugin ID Dell OS10 Compliance Checks (275781) on Tenable Vulnerability Management and Nessus. Content coverage highlights More than 2,700 new published vulnerability plugins. Nearly 50 new audits delivered to customers. Read Tenable documentation.
Stop Guessing, Start Securing: New Secrets Validation for WAS
Finding a leaked credential in your web application is a bad day. Finding out that credential is live and grants access to your GitHub or cloud environment? That’s a crisis. To help you distinguish between a harmless string of text and a major security hole, we’ve launched Secrets Validation for Tenable Web App Scanning (WAS). Turn maybe into action You no longer have to manually test every API key or token your scanner unearths. When Tenable WAS identifies a sensitive credential—like a GitHub token—it now goes a step further. Our Validated Secret Detected plugin safely attempts to connect to the service to verify if that secret is live and exploitable. Why this matters for you: Prioritize with confidence: You can stop chasing "dead" keys and focus your remediation efforts on secrets that actually pose a real-world risk. Clear visibility: If a secret is valid, we flag it clearly in your results, giving you the evidence you need to escalate the fix immediately. Broadening coverage: We are continuously expanding validation support across our existing library of detected secrets. How to get started You can find the full setup details in our Secrets Validation documentation. This feature enhances the detection capabilities already found in these key plugins: Generic Secret Disclosure: Credentials for private services. Third-Party Service Secret Disclosure: API keys for public cloud and SaaS platforms. AI Service Secret Disclosure: API keys for public AI services.February 2026 Tenable Product Newsletter
Greetings! Check out our February newsletter to learn about the latest product and research updates, upcoming and on-demand webinars and educational content — all to help you get more value from your Tenable solutions. Exposure 2026 Save 50% on the security conference of the year Don’t miss Exposure 2026, the first-ever conference dedicated exclusively to proactive, unified exposure management. Join us in Boston, Mass., from May 19-21, 2026, to get: Hands-on instruction with Exposure Management Strategy or Tenable One Technical Training Practical resources and real-world insights from Tenable leaders and industry experts Register before March 31 to save 50% off admission and training with early bird pricing. Tenable One Say hello to the Tenable One Open Connector We know your security stack is disparate, but your visibility shouldn't be. That's why we're thrilled to introduce the Tenable One Open Connector — a powerful new way to bridge the gaps across your attack surface and create a truly unified, context-aware view of risk. Bring your own data: Don't wait for a pre-built connector. Whether it’s pentesting reports or external vulnerability scans, you can now ingest data from across your entire stack on your own terms. Seamless uploads: Use in-platform drag-and-drop functionality to upload CSV, Excel, or ZIP files in seconds — no complex APIs or coding required. Customizable mapping: Customize exactly how you organize data for precise segmentation and more accurate reporting. Ready to unify your security data? Explore the Tenable One Open Connector. AI Exposure Tenable One AI Exposure now gives you visibility and control to close your AI exposure management gap through three core capabilities: Discover AI across your entire environment: Continuously discover shadow AI across your environment, so your security teams have a complete, risk-aware view of where AI exists, its connections, and where exposure begins. Protect AI workloads and agents: Reduce real-world AI risk by protecting the systems that power AI to close the gaps that attackers exploit across infrastructure, agents, and attack paths. Govern AI usage (add-on): Enable secure, compliant AI adoption by eliminating blind spots in how employees interact with GenAI and autonomous agents to ensure your workforce adopts generative tools within a governed framework that prevents data leakage and maintains alignment with organizational policies. For more information, visit our webpage or view the data sheet. Reach out to your customer success manager to get started today! Tenable Cloud Security At Tenable, we are obsessed with your uptime. This month’s updates focus on one goal… shortening the distance between discovering a risk and fixing it. The Highlight: Patch faster, firefight less We’ve integrated Remediation Patches (including Tenable Plugin IDs) directly into your vulnerability tables and workload profiles. The outcome: Drastically reduce Mean Time to Remediation (MTTR) by giving DevOps the exact patch name they need without all the manual research required. Where to find it: Check the new "Patch Name" column in your Vulnerabilities table or click into any Patch Profile for deep context. Validated vision: The Forrester Wave™ Q1 2026 Tenable has been named a Strong Performer in the Forrester Wave™: Cloud Native Application Protection Solutions (CNAPP), Q1 2026. Platform power: Forrester validated our vision for reducing tool sprawl, awarding Tenable a "superior" rating for simplifying exposure management. Perfect scores: We earned 5/5 scores in critical categories: CIEM, Container Orchestration Protection, Reporting, Vision, and Community. Technical edge: The report specifically highlighted our excellence in identifying toxic combinations of permissions and our "extra mile" customer support. Impactful updates Strategic risk management: Use our new Exclusions framework to silence non-actionable findings and focus your team on risks that actually move the needle. AWS ABAC support: Achieve True Least Privilege with granular identity visibility and highly accurate permission recommendations. Automation at scale: New GraphQL API support for Projects allows you to bake security governance directly into rapid DevOps workflows. View Full Cloud Release Notes Tenable Vulnerability Management Streamline AI and MCP risk tracking Monitor artificial intelligence exposure with the updated Tracking AI Exposure dashboard and report. This release replaces complex plugin output filters with simplified plugin family filters, allowing you to identify AI-related vulnerabilities across your environment. This also introduces dedicated content for the Model Context Protocol (MCP), ensuring you can secure AI connectivity alongside your LLM deployments. By utilizing these tools, you gain insight into your AI attack surface to better prioritize exposure. See the dashboard and report here. Navigate the transition to post-quantum cryptography Secure against the threat of quantum computing with Post Quantum Ciphers Analysis report and dashboards. As quantum computers advance, the standard RSA and Elliptic Curve Cryptography (ECC) algorithms for web browsing, VPNs, and identity verification will become vulnerable. By leveraging specialized plugins you can inventory your cryptographic landscape. This allows you to: Identify where RSA and ECC are currently deployed to prioritize your transition to quantum-resistant standards. Detect remote services and Web Application Scanning (WAS) environments that lack post-quantum cipher support. Pinpoint specific vulnerable ciphers, certificates, and assets that require immediate attention. This empowers you to manage the shift to post-quantum security, ensuring your data remains protected as computing capabilities evolve. See the dashboard and report to dive in. Maximize scan efficiency while protecting host & network performance Take full control of your sensor fleet with CPU resource and plugin download concurrency controls. This empowers you to balance essential security visibility with the performance needs of your business-critical infrastructure. CPU resource management: Protect host productivity by setting specific CPU utilization limits for Windows and Linux agents within your agent profiles. This ensures your security scans run efficiently without impacting the user experience or system stability. Bandwidth optimization: Avoid network congestion by governing how many agents or scanners download plugin updates at once. These global settings allow you to throttle traffic to accommodate limited internet pipes, ensuring your network remains responsive. These tools offer flexibility to scale your deployment without compromising network or host stability. For further information, see the release notes. Tenable Security Center Introducing Tenable Security Center 6.8 Our latest release introduces several new features and enhancements to streamline your security operations. Focus on real risk: Stop chasing 60% of Common Vulnerabilities and Exposures (CVE) as High or Critical. Start focusing on the 3% of CVEs that truly matter. Enhanced VPR logic and new AI-powered insights explain why an exposure is significant and provide clear mitigation guidance based on regional and industry-specific threat actor behavior. Streamlined infrastructure: We’ve unified IPv4, IPv6, and Agent repositories into a single, flexible Asset Repository type to reduce administrative overhead and give you more freedom in how you bucket and analyze your data. You can now target any data, including agent, network scan, and passive data, into any repository. Asset grouping and customization: The Explore Assets page includes new Group By options for Microsoft ID, Network, System Type, and Asset Criticality Rating (ACR). Other enhancements to the Explore Assets page include the ability to edit ACR scores (available in Tenable Security Center Plus) directly in the Explore interface. You can also export findings and installed software for specific assets to a comma-separated values (CSV) file. Background queries: Start a query and keep working. Tenable Security Center now processes long-running asset searches in the background. Scan optimization: Prevent performance issues with new per-host timeouts that keep your scan schedules on track to prevent a single host from increasing overall scan time. Enhanced security: Use at-rest encryption for External PostgreSQL databases and expanded PAM integration for Delinea and BeyondTrust. Before you upgrade: Tenable Security Center 6.8 supports upgrades from version 6.4.0 and later. Please review the updated hardware specifications in the release notes for optimal performance. Tenable OT Security Now available: Tenable OT Security 4.5 Our latest release delivers improved scalability for enterprise environments, enhanced power grid visibility, and enhanced Tenable One platform integration. Policy violation findings widgets: New widgets for High-Risk Violations and Operational Violations replace the former Events widgets in the Overview Dashboard, making it easier to distinguish between critical exposures from non-critical operational issues. Advanced dynamic tagging: Streamline prioritization and reporting with the ability to create rule-based groups and tags with multiple filters, including asset type, risk score, and criticality. Enhanced support for IEC 61850: Improve passive detection of intelligent electronic devices with comprehensive visibility across substation and power generation infrastructures. Unified SOC visibility: You can now directly view policy violations that Tenable OT Security detects, such as unauthorized access, failed logins or risky configuration changes, within Tenable Security Center dashboards and reports to give your security operations center (SOC) and IT security teams a unified view of both OT vulnerabilities and OT policy issues. Expanded compliance mapping: Simplify how you track, measure, and report against critical security frameworks with the ability to directly map asset data and policies to NIST CSF as well as IEC 62443-3-3 to improve visibility for electrical substation and power grid environments. Role-based access controls (RBAC): Tenable Enterprise Manager now enables admins to assign users to specific ICPs using user groups, so users only view the zones they’re authorized to see while inheriting ICP-level roles. New protocol and device coverage: Tenable identifies several new vulnerabilities in this release for devices from multiple vendors, including ABB, ANDRITZ HYDRO GmbH, Barco, General Electric, Generex, HP, Lexmark, Schneider, and others. See the complete list here. Note: Upgrades from versions prior to 4.4 may take longer than usual due to the migration of policy events. If you have hundreds of thousands of events, upgrades can take about 30 minutes. Access the release notes to learn more. Tenable Identity Exposure Our February rollout focuses on hardening the Active Directory attack surface and ensuring the integrity of your detection engine. To maintain a resilient identity posture, we have introduced visibility into transient objects and streamlined health monitoring for your infrastructure. Hardening dynamic AD environments: This new Indicator of Exposure (IoE) detects Dynamic Objects Misconfiguration and Usage. This enhancement mitigates risk by identifying transient objects that attackers could exploit for unauthorized access or persistence. Detection engine integrity: We have optimized Domain Installation health checks to ensure your security stack operates at peak performance: Conflict resolution: The system now flags redundant "Tenable IoA GPO EVT Subscribe Listener" files within your SYSVOL. System optimization: Identifying these multiple versions ensures you are running the latest configuration, preventing detection lag or GPO conflicts. View Full Identity Release Notes Tenable Ecosystem Tenable Add-on for Splunk v8.0.2 Tenable has released version 8.0.2 of the Tenable Add-on for Splunk. This latest quality update improves data reliability by resolving a specific index_time race condition previously affecting Tenable Security Center. For more information, please read the Tenable Documentation, and visit Splunkbase to download. Tenable WAS Integration for ServiceNow VR v30.2.0 Tenable has fully integrated Tenable Web App Scanning (WAS) with the ServiceNow Vulnerability Response (VR) app (v30.2.0). This update enables security teams to automatically synchronize application metadata and DAST vulnerability findings directly into ServiceNow to unify remediation workflows. Key benefits: CMDB correlation: Automatically map WAS findings to your CMDB applications for enhanced asset context. Scalable ingestion: Uses Tenable Export APIs to retrieve data in chunks, ensuring high performance for large-scale environments. Flexible lookups: A new Lookup Strategy field enables independent configuration of CI Lookup or Product Model settings for each integration. Broad compatibility: Fully compatible with ServiceNow’s Zurich, Yokohama, Washington, and Xanadu releases. For more details, read the ServiceNow User Guide and visit the ServiceNow Store for the appropriate Tenable apps for ServiceNow. Tenable Plugin for Jira On-premises v11.0.0 Tenable has released version 11.0.0 of the Tenable Plug-in for Jira (On-Prem), adding full support for Jira 11.x Data Center environments. This update modernizes the tech stack to streamline vulnerability remediation workflows. Automatically synchronize findings from Tenable Vulnerability Management, Security Center, and Web App Scanning directly into Jira tickets. Please note: This version is not backward compatible with Jira versions earlier than 11.x; users on Jira 9.x or 10.x must upgrade their Jira environment to use this plugin. For more information, please read the Tenable Documentation and visit Atlassian Marketplace to download the newest versions. Tenable Connect The Tenable Connect Resource Center expansion now better supports your Tenable journey! Look for the question mark in the bottom right-hand corner of any Tenable Connect page for quick access to submit feature requests, and find essential onboarding materials and info on upcoming office hours. Customer Office Hours These are recurring ask-me-anything sessions for Tenable Security Center, Tenable Vulnerability Management, Tenable Cloud Security, Tenable Identity Exposure, and Tenable OT Security. Time-zone-appropriate sessions are available for the Americas, Europe (including the Middle East and Africa), and Asia Pacific (APJ). Learn more and register here. Tenable Webinars See all upcoming live and on-demand webinars here. Tenable Research Research Security Operations blog posts Subscribe to the Research team blog posts here. I pretended to be an AI agent on Moltbook, so you don’t have to LookOut: Discovering RCE and internal access on Looker (Google Cloud & On-prem) From Clawdbot to Moltbot to OpenClaw: Security experts detail critical vulnerabilities and 6 immediate hardening steps for the viral AI agent Tenable discovers SSRF vulnerability in Java TLS handshakes that creates DoS risk Research release highlights Improvements to live kernel patching detection: Tenable has improved the logic used to detect live-patched kernels to include the running kernel to support KernelCare for Alma Linux, CentOS, CentOS Stream, Fedora, Oracle Linux, Red Hat Linux, and Ubuntu Linux. Backported vulnerability detection improvements: Banners that indicate a Linux distribution will be considered backported by default. Content coverage highlights Almost 15,000 new published vulnerability plugins. More than 38 new audits were delivered to customers. Read Tenable documentation.January 2026 Tenable Product Newsletter
Greetings! Check out our January newsletter to learn about the latest product updates, research insights, and educational content — all to help you get more value from your Tenable solutions. Tenable One New Tenable One Connector | ORDR Bridge the gap between IT and OT. Connect Tenable One with ORDR to get a single view of your entire attack surface, showing exactly how a simple IT exposure can reach your critical operational technology. By treating IT and OT as a single, connected environment, you can better protect your uptime and ensure smooth and safe operations. Learn more >> Tenable Cloud Security Tenable named a Customers’ Choice in the 2025 Gartner® Peer Insights™ Voice of the Customer for Cloud-Native Application Protection Platforms (CNAPPs) We are excited to share that Tenable is named a Customers’ Choice in the 2025 Gartner® Peer Insights™ Voice of the Customer for Cloud-Native Application Protection Platforms (CNAPPs). In this report, Gartner Peer Insights provides a rigorous analysis of 1,664 reviews and ratings of 10 vendors in the CNAPP market. In the 18-month eligibility window, we received an average of 4.8 out of 5 stars for Tenable Cloud Security based on 71 reviews as of October 2025. We’re grateful to you, our customers. This kind of feedback tells us we're delivering on what matters most! Learn from your peers as you choose the best solution for your cloud security program. You can read the report here. Exclusions | Strategic risk management: Streamline exception handling with a new centralized framework. Define business scenarios to ignore non-actionable findings or adjust their severity using flexible conditions like tags and attributes. All legacy exceptions now migrate here for a single, auditable source of truth. Reports | Query-to-report automation: Transform any search in Explorer into a scheduled or on-demand report. Leverage a redesigned, full-screen reporting experience featuring live data previews and local timezone support to ensure stakeholders receive actionable data exactly when they need it. IAM | AWS ABAC and granular visibility: Permission evaluations now support AWS attribute-based access control (ABAC) for highly accurate least-privilege recommendations. Additionally, a new dedicated Access Level section in resource profiles replaces generic summaries with a detailed breakdown of permission categories. Projects | Scalable API automation: Manage high-volume environments with new GraphQL API support for Projects. Programmatically create, modify, or delete projects and role assignments to align security governance with rapid DevOps workflows. Data security | Precision classification: Enhance data discovery by using Regex to exclude known or irrelevant values from classification to ensure your data security findings focus on actual sensitive information while filtering out noise. View full cloud release notes Tenable Identity Exposure This month, we are focusing on removing deployment friction for indicators of attack (IoA). To maintain a high-velocity security posture, we have simplified the process of authorizing installation scripts within your existing EDR/AV environments. Frictionless IoA deployment: We’ve added three new parameters to the IoA installation script to ensure your security stack works in harmony. This enhancement accelerates time-to-protection by pre-authorizing deployment scripts and preventing false-positive blocks from security tools. Proactive authorization: Use OutputCertificate or GetSignatureToWhitelist to retrieve the Tenable certificate or script hash for immediate allowlisting. Controlled execution: The TimerInMinutes parameter allows you to delay installation, ensuring your environment has processed allowlist updates before the script runs. View full identity release notes By focusing on these specific parameters, your team can avoid the manual overhead of troubleshooting blocked installations and move directly to monitoring for identity-based threats. Tenable Vulnerability Management Streamline your Microsoft Patch Tuesday remediation Master the monthly operational challenge of Microsoft Patch Tuesday with the updated one-stop-shop dashboard. You can now balance critical deployments against user disruption with a comprehensive view of your organization's remediation status to quickly detect vulnerable devices and prioritize the most difficult issues. This update leverages three key advancements: Enhanced VPR analysis: Utilize the newest algorithm to focus on your most critical vulnerabilities. The enhanced analysis reduces your workload and offers greater explainability for risk scoring. Granular asset tracking: Leverage new software inventory attributes to distinctly analyze risk across operating systems versus applications and packages. Reboot detection: Instantly identify assets with applied patches that are vulnerable due to a pending reboot, so you can close security gaps completely. Download a new copy of this dashboard to access the new widgets and data visualizations. Nessus SSH Session Re-use feature added for credential scans Nessus now supports an opt-in feature to reuse SSH sessions during a scan when running Nessus version 10.9.0 or greater. Added in response to numerous requests from customers like you, this update will reduce the number of new SSH connections established during remote network scans and the associated increase in network traffic. Access more information in Tenable Research Release Highlights here. Tenable Security Center Action required: Preparing for upcoming VPR feed update Starting mid-January 2026, the Tenable Security Center feed will expand to support new Vulnerability Priority Rating (VPR) data. To prevent PHP memory exhaustion and ensure your daily updates continue seamlessly, you must take immediate action. Versions 6.5.1 – 6.7.2: Patch 202601.1 is now available. Applying this patch will automatically modify the PHP configuration to increase the memory limit. Versions prior to 6.5.1: Follow the instructions outlined here to modify the PHP configuration. Note: Consoles with less than 8 GB RAM may require a hardware resource update. In case you missed it: Tenable Security Center 6.7 is now available See your environment more clearly and act faster on what matters most. This release delivers a modern, intuitive UX that improves usability, scalability, and efficiency across your workflows. Explore – Assets (preview): Get a modern view of your assets with advanced filtering and improved navigation that helps you identify risks faster. Triggered agent scanning: Automate Tenable Agent scans based on defined conditions, so you can catch vulnerabilities sooner and respond with confidence. Credential verification scan policy: Quickly validate Windows and Unix credential pairs with a built-in template that confirms authentication success. Performance and reporting enhancements: Experience faster scan ingestion, faster reporting, and improved backend performance that keeps pace with your team. Before you upgrade: Tenable Security Center 6.7 supports upgrades from version 6.3.0 and later. The release updates hardware specifications. Systems below the new recommendations will still upgrade successfully, but performance may vary. Upgrade now and view the release notes for details. Tenable Patch Management Get the magic of simplicity and deep control On Jan. 22, your patching experience transforms into a single, unified powerhouse. You no longer have to choose between speed and granular control. You now have full access to our most robust engine designed for autonomous patching. We’ve streamlined your workflow to help you close security gaps faster: Set up in minutes, not hours, with the new 6-step onboarding wizard. Eliminate guesswork using the intuitive "What, When, & How" strategy builder. Act fast with front-and-center emergency controls like Global Pause. Rest assured, your current strategies remain untouched and will continue to function exactly as designed. Explore the new features. Tenable OT Security Now available: Tenable OT Security 4.5 This release delivers improved scalability for enterprise environments, enhanced power grid visibility, and new integrations across the Tenable One portfolio. Advanced dynamic tagging: Streamline prioritization and reporting with the ability to create rule-based groups and tags with multiple filters, including asset type, risk score, and criticality. Enhanced support for IEC 61850: Improve passive detection of intelligent electronic devices with comprehensive visibility across substation and power generation infrastructures. Unified SOC visibility: You can now directly view policy violations that Tenable OT Security detects, such as unauthorized access or failed logins, within Tenable Security Center dashboards and reports to bridge the gap between OT and the SOC. Expanded compliance mapping: Simplify how you measure and report against critical security frameworks with support for IEC 62443-3-3 and NIST-CSF in the Compliance Dashboard. Role-based access controls (RBAC): Tenable Enterprise Manager now enables admins to assign users to specific ICPs using user groups, so users only view the zones they’re authorized to see while inheriting ICP-level roles. Tenable Training and Product Education Introducing the Tenable Universal Education SKU Maximize your team’s expertise without the pressure of immediate decision-making. Tenable Universal Education SKUs streamline your procurement by consolidating all training needs into a single, flexible entitlement. You can secure your budget today and choose your specific product or certification path later as your security priorities evolve. This flexibility also applies to your existing Enrollment Codes, which you can now use for any applicable course. When you are ready to train, simply visit Tenable University, select your course from the eligible catalog, and apply your code to start learning. Tenable Webinars Tune in for product updates, demos, how-to advice and Q&A. See all upcoming live and on-demand webinars here. On-demand Escape the patching cycle. A guide to autonomous risk-based patching. Securing the future of AI in your enterprise. Policy frameworks that balance opportunity and oversight. Customer office hours These are recurring ask-me-anything sessions for Tenable Security Center, Tenable Vulnerability Management, Tenable Cloud Security, Tenable Identity Exposure and Tenable OT Security. Time-zone-appropriate sessions are available for the Americas, Europe (including the Middle East and Africa and Asia Pacific (APJ). Learn more and register here. Tenable Research Research Security Operations blog posts Subscribe to the Research team blog posts here. CVE-2025-64155: Exploit code released for critical Fortinet FortiSIEM command injection vulnerability Microsoft’s January 2026 Patch Tuesday addresses 113 CVEs (CVE-2026-20805) Research release highlights SSH Session Reuse: Opt-in to this feature to reduce the number of SSH connections made during remote network scans within Tenable Vulnerability Management and Nessus Miracle Linux Local Security Checks: Scan for Miracle Linux vulnerabilities using the newly released plugins. SNMPv3 for CyberArk and HashiCorp Vault: Choose to query the CyberArk or Hashicorp vaults using the SNMPv3 credentials. Content coverage highlights More than 4,700 new published vulnerability plugins. More than 60 new audits delivered to customers. Read Tenable documentation.
December 2025 Tenable Product Newsletter
Greetings! Check out our December newsletter to learn about the latest product and research updates, upcoming and on-demand webinars and educational content — all to help you get more value from your Tenable solutions. Tenable One What's new in Tenable One: November 2025 release This month's release delivers broader visibility, deeper insights, and more tailored data analysis to help you manage and reduce risk. Release highlights: New Tenable One Connector: Connect Tenable One with your Claroty platform to manage OT risks alongside the rest of your attack surface to reveal how IT exposures can directly impact industrial control systems and critical infrastructure. Protect uptime and safety by viewing IT and OT as a single, connected environment. Edit widgets: Edit and update widgets on dashboards you own. Customize all configuration parameters, including widget type, categories, values, data labels, stacking, and filters, to tailor insights to your specific needs. RBAC new roles: Unlock more precise access control with a new custom exposure management role for more granular access to the different modules in Tenable One, including tag enforcement, along with a dedicated read-only role for improved oversight. See all platform enhancements >> Tenable Is a Leader in the First-Ever Gartner®️ Magic Quadrant™️ for Exposure Assessment Platforms We’re proud to share that Tenable has been named a Leader in the first-ever 2025 Gartner Magic Quadrant for Exposure Assessment Platforms, ranking highest for both Ability to Execute and Completeness of Vision. Tenable was also positioned as a Leader in both the IDC MarketScape: Worldwide Exposure Management 2025 Vendor Assessment and The Forrester Wave™️: Unified Vulnerability Management, Q3 2025. This recognition wouldn’t be possible without you — our customers. Your insights, feedback, and collaboration have been instrumental in shaping Tenable One, helping organizations around the world reduce exposure risk across their entire attack surface. Get the report > Tenable Cloud Security Console | Unified cross-cloud view: Explorer is the new unified page. Get a complete cross-cloud view of all resources and findings. Query across objects, export results, and use Graph view to visualize risk paths. Network | Validate real-world exposure: Network Scanner now validates actual external exposure to identify truly reachable cloud resources and exposed endpoints. Use real-world data to cut false positives and sharpen prioritization. IAM | Full entitlement insight: Inventory now displays all roles and identity-based policies across AWS, Azure, GCP, Entra ID, and Google Workspace, including unused ones. Proactively reduce entitlement risk by creating custom least-privilege policies for any supported role. Vulnerability management | Public AMI scanning: Expanded AWS coverage now supports scanning public AMIs (cloud-managed AMIs), including vendor and AWS-published images in your posture assessments for a comprehensive security view. View all updates>> Tenable Vulnerability Management Mobilize your VM data Unify teams and streamline remediation workflows with the initial release of mobilization services, beginning with ticketing integrations in Tenable Vulnerability Management. Automatically or manually create bi-directional tickets in Jira Cloud via Exposure Response Initiatives. This capability accelerates response times by synchronizing your security findings with tickets in Jira Cloud. See mobilization in action: Watch this walkthrough to see how to set up and use the new ticketing integration. Review the documentation and Quick Reference Guide for detailed steps. Note: ServiceNow ITSM ticketing mobilization is coming soon. Tenable Security Center What’s new in Tenable Security Center 6.7 See your environment more clearly and act faster on what matters most. This release delivers a modern, intuitive experience that improves usability, scalability, and efficiency across your operations. Here’s what’s new: Explore – Assets (preview): Get a modern view of your assets with advanced filtering and improved navigation that helps you identify risks faster. Triggered agent scanning: Automate Tenable Agent scans based on conditions you define, so you can catch vulnerabilities sooner and respond confidently. Credential verification scan policy: Quickly validate Windows and Unix credential pairs with a built-in template that confirms authentication success. Performance and reporting enhancements: Experience faster scan ingestion, faster reporting, and improved backend performance that keeps pace with your team. Before you upgrade: Tenable Security Center 6.7 supports upgrades from version 6.3.0 and later. Hardware specifications are updated for this release. Systems below the new recommendations will still upgrade successfully, but performance may vary. Upgrade now and read the release notes to take advantage of these improvements and keep your environment running at peak performance. Patches for Tenable Security Center Address recent vulnerabilities by applying two security patches: 202509.2.1 (resolves Critical SimpleSAML CVEs) and 202509.1 (resolves High PostgreSQL CVEs). You need manual installation for both. The Software Updates feature is not compatible with these patches. Key requirements: Compatibility: Patch 202509.2.1 applies to SC 6.4 through 6.6. Patch 202509.1 applies to SC 6.5.1 and 6.6.0. Prerequisite: If you are on SC 6.5.0, you must first upgrade to 6.5.1. Upgrade note: Patch 202509.2.1 may impact future SC upgrades. See this KB article for more information. Refer to the release notes and advisories (TNS-2025-20 and TNS-2025-18) for more information and download patches here. Tenable OT Security Introducing Tenable OT Security 4.5 (Early Access) The upcoming release of Tenable OT Security 4.5 – now available in Early Access – focuses on scalability for enterprise environments, enhanced power grid visibility, and improved integrations across the Tenable One portfolio. Advanced dynamic tagging: Streamline prioritization and reporting at scale with the ability to create rule-based groups and tags using multiple filters, including asset type, risk score, and criticality. Enhanced grid visibility (IEC 61850): Added support for IEC 61850 to improve passive detection of intelligent electronic devices (IEDs) with safer, deeper visibility for substation and power generation environments. RBAC for enterprise manager: New role-based access controls (RBAC) enable administrators to assign users to specific ICPs using user groups, so users only view the zones they are authorized to see while inheriting ICP-level roles. Unified SOC visibility: You can now directly view policy violations that Tenable OT Security detects, such as unauthorized access or failed logins, within Tenable Security Center dashboards and reports to bridge the gap between OT and the SOC. Expanded compliance mapping: The Compliance Dashboard now includes direct mapping for IEC 62443-3-3 and NIST-CSF to simplify how you measure and report against these critical security frameworks. In case you missed it: What’s new in Tenable OT Security 4.4 Unified exposure management: Sync your OT asset tags directly to Tenable One and Tenable Security Center to enrich enterprise IT security workflows with OT context. Deep visibility for specialized environments: Gain granular details on sensitive devices by importing PLC project files (starting with Rockwell Automation) without active queries. Reduced alert fatigue: A redesigned Policy Violations dashboard unifies disparate alerts into actionable insights to help you focus on your most critical exposures. Expanded protocols: Added support for Foxboro DCS and VXLAN environments. Streamlined workflows and sensor configuration: A new workflow helps you easily find and merge duplicate assets for a more accurate inventory, while a simplified sensor configuration reduces deployment complexity. Review the release notes to see what’s new and how to upgrade. Tenable Identity Exposure Attack path optimization: Complex attack path queries now time out after three minutes and automatically revert to the shortest, most viable path. Get critical findings faster when dealing with large-scale domain environments. (v3.109) Syslog direct linking: Syslog alerts now contain a new time-based URL. Use this link to jump instantly to the exact incident details within Tenable Identity Exposure to accelerate your investigation and response workflow. (v3.108) Kerberos IoE clarity: The Dangerous Kerberos Delegation Indicator of Exposure (IoE) now features dedicated paragraphs for each vulnerability reason to simplify understanding and make remediation steps clearer and more concise. (v3.108) View all updates>> Tenable Web App Scanning Optimized scanning for production environments Eliminate conflicts with peak traffic hours using enhanced scan windows. You can now define granular scan (green) or pause (red) windows for individual scans, independent of global settings. Whether spanning multiple days or scheduling multiple windows per day, your assessments automatically progress during approved hours without manual restarts. For more details, review the documentation for pause and resume scans and basic scan settings. Tenable Enclave Security Tenable Enclave Security and Container Security 1.7 now generally available This release brings Security Center 6.7 into the Enclave Security platform and introduces exposure response for container security. See our announcement above for more information on the benefits of Security Center 6.7. With exposure response in container security, customers can better track and prioritize remediation efforts by: Creating initiatives to identify critical exposures, assign ownership and apply SLAs Managing initiatives through customizable dashboards Using advanced query capabilities to drill into specific findings, assets or vulnerability combinations. For more information review the Tenable Enclave Security 1.7 release notes. Tenable Cloud Security FedRAMP Tenable Cloud Security now available through GSA OneGov Federal agencies can now purchase Tenable Cloud Security FedRAMP through the GSA OneGov program at a 65% discount through March 2027. This partnership makes it easier and more cost effective for federal agencies to identify and reduce cloud risk by gaining visibility into misconfigurations, vulnerabilities and excessive permission across cloud environments, supporting federal cloud first policies and zero trust initiatives. Interested agencies should request more information on our Tenable and GSA webpage or email publicsector-gsa@tenable.com. For more information: Attend our webinar on January 15, 2026: Cloud security for federal agencies: Threats, best practices and the GSA OneGov advantage Read our blog: Tenable partners with GSA OneGov to help federal government boost its cloud security Tenable Training and Product Education Enhance your attack surface management skills Benefit from a superior learning experience with the updated Introduction to Tenable Attack Surface Management course. We've introduced a modernized interface and smoother navigation for immediate improvement. Access this no-cost course, along with many other on-demand options, anytime at Tenable University. Start learning today to gain essential skills and better manage your organization's external attack surface. Tenable Webinars Tune in for product updates, demos, how-to advice and Q&A. See all upcoming live and on-demand webinars at https://www.tenable.com/webinars. On-demand Escape the patching cycle. A guide to autonomous risk-based patching. Securing the future of AI in your enterprise. Policy frameworks that balance opportunity and oversight. Customer Office Hours These are recurring ask-me-anything sessions for Tenable Security Center, Tenable Vulnerability Management, Tenable Cloud Security, Tenable Identity Exposure and Tenable OT Security. Time-zone-appropriate sessions are available for the Americas, Europe (including the Middle East and Africa and Asia Pacific (APJ). Learn more and register here. Tenable Research Research Security Operations blog posts Subscribe to the Research team blog posts here. Agentic AI security: Keep your cyber hygiene failures from becoming a global breach A practical defense against AI-led attacks CVE-2025-55182: Frequently asked questions about React2Shell: React server components remote code execution vulnerability FAQ About Sha1-Hulud 2.0: The "second coming" of the npm supply-chain campaign CVE-2025-64446: Fortinet FortiWeb zero-day path traversal vulnerability exploited in the wild Microsoft Patch Tuesday 2025 Year in Review Microsoft addresses 56 CVEs, including two publicly disclosed vulnerabilities and one zero-day that was exploited in the wild to close out the final Patch Tuesday of 2025 Research release highlights Introducing new plugins to assess security posture for the transition toward Post-Quantum Cryptography (PQC)! Tenable Research PQC support helps customers inventory use of TLS and SSH quantum-resistant and vulnerable algorithms within their infrastructure using remote Nessus-based scans. For more information, see the Release Highlight. Content coverage highlights More than 5,000 new vulnerability plugins published, including new detections for the recent F5 BIG-IP Breach. More than 50 new audits delivered to customers. Read Tenable documentation.
July Product and Research Update Newsletter
Greetings! Check out our July newsletter to learn about the latest product and research updates, upcoming and on-demand webinars, and educational content — all to help you get more value from your Tenable solutions. Click here for a downloadable PDF of this newsletter Share Your Insights at Black Hat 2025 Attending Black Hat next month? We'd love to hear your thoughts on Tenable products! Join us for a brief, filmed in-booth interview. It's a quick (less than 10 minutes) and impactful way to share your feedback. You'll have the chance to share your opinions on camera, and rest assured, if you prefer, your feedback can remain completely anonymous if you prefer. As a thank you for your time, we'll also give you an exclusive briefing on our latest product updates. Ready to make your voice heard? Email ambassador@tenable.com to schedule your session. We'll find a time that works best for you! Tenable Cloud Security Reminder: Tenable Cloud Security requires you to log in to view documentation and release notes. To access the documentation or try Tenable Cloud Security, contact your account manager or request a demo. Code security for Azure ARM and Bicep frameworks, and APIs. Tenable now natively supports Azure Resource Manager (ARM) and Bicep, expanding on existing coverage for AWS CloudFormation, Kubernetes YAML, and Terraform across all major cloud environments. Azure users can now scan for misconfigurations directly in their infrastructure as code. Notably, Tenable Cloud Security uniquely supports Bicep, which is rapidly gaining adoption due to its simplicity. Tenable tags resources in Bicep files, auto-generates underlying ARM templates, and highlights misconfigurations directly in the Bicep code, so you can work in the Bicep layer without parsing ARM output. We’ve also introduced ingestion of Tenable IaC findings via API using the “Findings” query in the GraphQL API. This enables programmatic management of finding status. The code API has full UI parity and is consistent with all Tenable API endpoints. Workload protection now supports Oracle Cloud Infrastructure + streamlined reporting. Expanding our coverage of Oracle Cloud Infrastructure (OCI), Tenable Cloud Security now offers workload protection for OCI environments. You can scan virtual machines, including those using OCI-native and customer-managed key (CMK) encrypted volumes, alongside container images and account-level resources. Additionally, across all supported cloud environments, we have streamlined reporting: you can now generate reports directly from the Vulnerabilities page, simplifying your workflow. Enhanced IAM security across permissions and access. Tenable Cloud Security’s Microsoft Entra ID integration, recently enhanced with third-party support and MFA monitoring, can now monitor and filter all app API and delegated permissions. IAM admins get a clearer, tenant-wide view of app-level permissions, making it easier to remove unnecessary access. Are you still using the now-retired Microsoft Entra Permissions Management? Tenable is a strong replacement, with advanced CIEM, JIT access, and CNAPP capabilities spanning Entra ID, Azure and more. We’ve also improved IAM visibility for AWS and GCP with exportable Permissions Query results and enhanced tracking of custom policy changes. In GCP, access-level evaluation is now deeper with added behavior analysis and resource details. Introducing custom dashboards that you can easily build in minutes. You’ve got the power! You can now customize how dashboards look and how you present security data to help users focus on what matters most. Personalize dashboards by adjusting metrics, findings and visualizations. Choose whether to make them public or private. Save time by duplicating built-in or custom dashboards. Plus, all dashboards are now centrally located in the menu for easier access. “Projects” capability now supports integrations and automations by scope. Tenable is making it easier to manage accounts and access control across multiple accounts and providers. The Projects capability, which logically groups resources in your cloud environment, now lets you configure integrations and automations at the project level. This enables more granular control and flexibility to let specific accounts or resources follow tailored workflows aligned with your organizational structure and security policies. Tenable Identity Exposure New Entra ID IoEs to strengthen identity hygiene. Tenable has added new indicators of exposure (IoEs) to help you identify and remediate hidden risks in Entra ID environments: Managed devices not required for MFA registration: Flags tenants that allow multi-factor authentication (MFA) registration from devices your organization doesn’t manage. Without requiring managed devices, attackers with stolen credentials could set up their own MFA methods without your knowledge. Admin consent workflow not configured: Detects tenants missing an active admin consent workflow. This absence can cause errors for non-admin users trying to access applications that need consent, leading to user friction or unmonitored workarounds. Password expiration enforced: Identifies domains where password expiration policies, intended to enhance security, might actually weaken it. When you force users to change passwords frequently, they often resort to simpler or repeated passwords, which makes them more vulnerable to breaches. For more information, review the release notes. Tenable Enclave Security Tenable Enclave Security 1.5 release. We’re excited to announce the release of Tenable Enclave Security 1.5. This release includes exciting new features: Deployment assessment scanning: Quickly assess new and updated deployments before they go live, improving visibility and risk reduction during rapid delivery cycles. Expanded software composition analysis (SCA): Broaden insight into your software supply chain with deeper enumeration of third-party libraries and components, including Go, Java, PHP and unpatched vulnerabilities in container images. SecurityCenter 6.6: Now powered by PostgreSQL, the latest version enhances performance, scalability and long-term support for mission-critical environments. Policy management: New and improved experience for managing policies for CI/CD pipelines or Kubernetes clusters. For more information, review the release notes. Tenable Vulnerability Management (TVM) Tenable PCI agent scan template now available. As a result of the PCI DSS 4.x specification release, credentialed scanning is now a requirement for PCI internal scanning. In response, Tenable created the Tenable PCI Agent, which you can use to scan your network via the PCI Internal Nessus Agent scan template in Tenable Vulnerability Management. PCI DSS 4.x enables you to use a customized approach objective. Using PCI DSS 4.x, the PCI Internal Nessus Agent provides the most comprehensive view of local vulnerabilities on your systems. Please visit the Scan Settings site for more details on configuring the PCI Agent and scans. Tenable Patch Management Tenable Patch Management 9.2.967.22 (on-premises). This release features minor quality improvements and bug fixes across the platform. Server updates: Bug fixes: We fixed an issue where the Business Units by Waves column in cycle tables was empty if no deployment waves existed for the cycle owner. Modified the patch server framework component to depend on the feed server, preventing a race condition during registration. Fixed a bug where patching cycles could lose business unit information after a server restart. Improved the update process for supported platforms within existing workflows and activities during server upgrades. Client updates: Bug fixes: Change to WUAHttpServer to include a content-length header on a full GET request for a file. This resolves the Windows Server 2016 patch download issue. Tenable OT Security Tenable OT Security 4.3: Scalable visibility and control for your modern enterprise. The Tenable OT Security 4.3 release delivers powerful new features to enhance visibility and control across your operational technology (OT) environments and entire attack surface. Key updates in this release include: Scalable OT agents: Extend asset discovery to hard-to-reach areas and embedded systems, closing critical visibility gaps with lightweight, easy-to-deploy agents that leverage your existing IT infrastructure. Enhanced Tenable One data integration: Accelerate investigations and improve risk remediation with new Policy Violation Findings and richer Exposure Signals for more comprehensive Attack Path Analysis. Streamlined asset management: Benefit from a responsive Vulnerability Findings side-panel for quick investigations, custom asset tags and groups for better organization, and batch data and ruleset updates in Enterprise Manager to ensure consistent administration across distributed sites or locations. Additional user interface enhancements in v4.3: You can now search the asset serial number in the inventory Updated Sensor page navigation System Log pagination To learn more about what’s new in the latest version of Tenable OT Security, watch the latest customer update and review the release notes. Tenable Nessus Nessus 10.9 is now generally available! Nessus 10.9 introduces several key features to empower your security teams: Offline web application scanning in Nessus Expert: If your organization has strict network segmentation or air-gapped environments, Nessus 10.9 now enables comprehensive web application scanning functionality. This ensures your critical web applications, even in isolated networks, receive the same thorough security assessment as those in connected environments to maintain a consistent security baseline across your entire infrastructure. Triggered agent scans in Nessus Manager: Automatically initiate vulnerability scans via Nessus Manager in response to specific events. This means you get immediate insights into your security posture as soon as the system discovers new assets or critical system changes occur. This functionality will be enabled directly through Tenable Security Center in July. Agent version declaration for offline environments in Nessus Manager: Simplify the management of your Nessus Agents in air-gapped or offline deployments. With Nessus 10.9, you can now declare agent versions for Nessus Manager agent profiles, streamlining updates and ensuring your agents are running the desired software versions, even without direct internet connectivity. Agent safe mode status reporting in Nessus Manager: Get better visibility into our Nessus Agents’ health and operational status. Nessus 10.9 provides reporting on "Agent Safe Mode" status with insights into agents that may experience issues or operate in a limited capacity. This allows for quicker identification and resolution of agent-related problems for uninterrupted scanning coverage. Nessus 10.9 is available now. We encourage all Nessus users to upgrade to take advantage of these new features and continue to strengthen your vulnerability assessment capabilities. For more information, see the Nessus 10.9 release notes and Nessus 10.9 User Guide. You can also view this announcement under Product Announcements in Tenable Connect. End of Support for Nessus and Agents on Windows 32-bit operating systems. Tenable announces End of Support for Nessus and Agents on Windows 32-bit Operating Systems. Please see the bulletin for more details. Click here to continue reading the rest of the newsletter as a downloadable PDF.June 2025 Product & Research Update Newsletter
The June 2025 Tenable Product & Research Newsletter is live. This month's edition covers updates on: Tenable Cloud Security, Tenable Identity Exposure, Tenable Patch Management, Tenable Security Center, and Tenable VM, along with updates about the Tenable Ecosystem, Tenable Connect, Training, Professional Services, Research, and more. Community Update Introducing Tenable Connect, your new customer community! Check out your new hub to connect, learn and grow with Tenable. Here’s what you’ll find: Ability to open and manage support cases Easy access to the improved account management portal Dedicated pages for product resources and training Discussion boards and opportunities to engage with your peers and Tenable Log into Tenable Connect before July 1 for a chance to win a limited edition Tenable Connect t-shirt! Tenable Identity Exposure Tenable’s Research-Driven Identity Defense Expands Tenable continues to deepen its coverage of real-world identity risks with a series of new indicators of exposure (IoEs) across both Active Directory (AD) and Entra ID. BadSuccessor—a rare, but forest-level critical, zero-day privilege escalation vulnerability in AD, was recently disclosed. Introduced with delegated Managed Service Accounts (dMSAs) in Windows Server 2025, its exposure depends on the presence of a 2025 domain controller, but the impact can be severe. An attacker with the right permissions could use a dMSA to inherit domain admin-level access and compromise the entire forest. Tenable has responded quickly with a dedicated IoE: BadSuccessor – Dangerous dMSA Permissions, now available in Tenable Identity Exposure (SaaS) v3.95. This detection flags risky dMSA inheritance paths that could enable exploitation, helping organizations stay ahead even in the absence of a Microsoft patch. Review Tenable’s technical advisory and FAQ for detailed context. More IoEs targeting real-world risk Other new IoEs target misconfigurations and gaps attackers routinely exploit, spanning Tier 0 risks in AD and hygiene issues in Entra ID. Each IoE is designed to be practical, observable and relevant, shaped by real attack behaviors, not just theoretical risks. Check out this product documentation for more information. Active Directory Tenable IoE “Sensitive Exchange Group Members” Who really sits in the most privileged Exchange groups: a Tier‑0 foothold. Tenable IoE “Exchange Permissions” Risky ACLs where Exchange rights bleed into domain control. Entra ID Tenable IoE “Users Allowed to Join Devices” Tenant setting that lets any user enroll a rogue workstation. Tenable IoE “Managed Devices Not Required for Auth” Conditional‑access gap allowing unmanaged logins. Tenable IoE “Auth‑Methods Migration Incomplete” Legacy authentication policy is still exposed. Tenable IoE “Dangerous Application Permissions” Third‑party app scopes that can exfiltrate data. Tenable IoE “Risky Users Without Enforcement” Risk‑based access policy missing for high‑risk accounts. Tenable Cloud Security Reminder: Tenable Cloud Security requires you to log in to view documentation. To access the documentation or try Tenable Cloud Security, contact your account manager or request a demo. Enhanced CVE detection and customizable severity metrics Tenable Cloud Security now enhances CVE detection by integrating Tenable's vulnerability logic, leveraging the Tenable vulnerability data lake (TVDL) and Nessus. This improves accuracy and coverage in detecting new CVEs regardless of National Vulnerability Database (NVD) delays. The integration aligns CVE detection between Tenable Cloud Security and Tenable Vulnerability Management, reducing inconsistencies and boosting reliability within Tenable One. Users can select which CVE severity metric to display first: CVSS (static) or VPR (dynamic, factoring exploit likelihood). The metric chosen as primary impacts finding creation: severity changes can cause related findings to open or close. Just-in-time by resource groups and recurring access Thanks to your feedback, Just-in-Time (JIT) access is now even more powerful and flexible. Azure users can request access at the resource group level, not just by subscription, giving you greater granularity and control across your cloud environments. And for all JIT users, building on existing immediate/scheduled access request support, we’ve added recurring access scheduling — to better support business workflows, such as a contractor needing project access for a specified repeat duration or the need for access to a routine audit that lasts a full quarter. Easily set daily, weekly or monthly schedules with end dates — all through an intuitive UI. Consider using recurring access to replace standing permissions that some JIT users may still have, for more granular time-bound least privilege. Powerful Tenable cloud vulnerability insights within ServiceNow Tenable now integrates with ServiceNow’s new Vulnerability Response platform, enabling you to seamlessly import prioritized, actionable vulnerability data directly into ServiceNow. This streamlined integration, which also supports government environments, helps teams focus on what matters most by aligning Tenable findings with your existing remediation workflows, making it easier to act fast on critical risks. Already using ServiceNow ticketing? You can now sync Tenable findings with ServiceNow incidents, mapping severity and status to priority and state (such as open findings to new incidents). Note: Syncing incident states requires additional permissions and configuration within ServiceNow. Selectively scan data resources by exclusion tags You can now add exclusion tags to fine-tune scans of both managed databases and object storage in Tenable Cloud Security. Exclusion tags enable you to scope out resources starting from the next scanning cycle by specifying tags as configured at the resource level, for tailoring scans to your environment. This new capability helps you decrease costs by reducing unnecessary resource usage. Object storage comes to OCI As part of our growing capabilities around Oracle Cloud, Tenable Cloud Security now offers data analysis of object storage buckets in OCI. Out of the box, the feature is on a par with all other object storage that Tenable Cloud Security supports and is part of routine CSPM onboarding. In other updates, new dynamic scan scoping by tag is also supported for OCI. Tenable Vulnerability Management (TVM) Tenable Data Stream (TDS) now supports the streaming of TVM Host Audit Findings data as well as WAS assets, tags and findings data. TDS already supports TVM host assets, tags and vulnerabilities data streaming to AWS S3 buckets and is used by some of the largest TVM customers. Learn more about TDS here. Besides the new payloads, there are a few more improvements: Additional new fields in TVM findings payload like Resurfaced Data and Time Taken to Fix Grouping of the files written in the AWS S3 buckets is now based on timestamp, resulting in fewer files written, which in turn improves consumption and reduces latency. (Previously, this was based on both scan ID and timestamp, which resulted in writing a large number of small files.) Tenable Patch Management Tenable Patch Management now supports Red Hat Enterprise Linux (RHEL) We’re excited to announce that Tenable Patch Management (On-Prem) 9.2.967.20 now supports RHEL 8 and RHEL 9. This release also includes performance improvements, bug fixes, and an important security update to Java 17 JRE. Please note that Patch Notification Bots using WhatsApp require review and modification as they can no longer be combined with other providers. Please visit here for a list of third-party applications covered. Note: We are always adding more. For more information, please read the Tenable Documentation and Release Notes and visit the Downloads Portal for the latest version. Tenable OT Security Upgrade to Tenable OT Security 4.2 to unlock new layers of visibility across your OT/IT environment. Key enhancements in this release include: Advanced SNMP-based asset discovery: Gain deeper OT network topology insight. Our new SNMP Crawler discovers and maps all connected devices and switches, including previously hidden ones, down to the specific switch port. Intelligent hardware lifecycle management: Proactively manage obsolescence with EOL tracking for OT/IoT assets from vendors such as Schneider Electric and Siemens, complementing existing software EOL capabilities. Flexible Windows-based deployment (beta): Install OT Security sensors directly on Windows devices — ideal for segmented subnets or where deploying dedicated physical hardware appliances isn’t feasible. Enhanced IoT & VMS risk insights: With improved IoT connectors and expanded VMS support through enhanced credentialed authentication, extract richer data from IoT devices and VMS (including asset names, models and stream details). Navigation enhancements: A redesigned main menu and intuitive side panel simplify access to critical OT data, speeding workflows and improving usability. Additional improvements: Fewer operational reboots New vulnerability detections Expanded virtualization support for Microsoft Hyper-V and KVM-based platforms Upgraded embedded Tenable applications (Nessus, Nessus Network Monitor) Expanded Device Fingerprint Engine coverage for devices from various vendors To learn more about what’s new in Tenable OT Security, watch the latest customer update or review the release notes. Tenable Security Center Patch 202505.1 is now live This patch addresses high-severity CVEs in SQLite. It applies to SC versions 6.5.1 and 6.4.x and requires manual application. Release notes for 6.5.1 and 6.4x Download: https://www.tenable.com/downloads/security-center Security advisory: https://www.tenable.com/security/tns-2025-09 Tenable Ecosystem Tenable Plugin for Jira on-premises v10.4.1 now supports Tenable Web App Scanning We’re excited to launch Tenable Plugin for Jira v10.4.1. This release includes: Support for Tenable Web App Scanning (TWAS) Security update Cleaner logs regarding API responses And bug fixes For more information, please read the Tenable Documentation and visit Atlassian Marketplace to download the newest versions. Tenable App for Splunk v6.1.0 The Tenable App for Splunk v6.1.0 is now available. This release includes: Added support for Tenable Web App Scanning (TWAS) and Tenable OT Security (TOT) New “Assets Dashboard” for visualizing asset details across TVM, TSC, TOT, TWAS, and TASM For more information, please read the Tenable Documentation and visit Splunkbase to download. Tenable Nessus Early Access Release of Nessus 10.9.0 We’re excited to announce the early access of Nessus 10.9.0. For standalone Nessus Expert users, this includes web application scanning functionality for Nessus instances in air-gapped/offline environments. For more information, please see our release documentation. Tenable Training and Product Education Tenable University is excited to announce the refreshed Introduction to Tenable One course. This course covers key features of the Exposure Management platform, including the workspace, Exposure Signals, Attack Path Analysis, Inventory and more, giving you a strong foundation to understand and act on your exposure data. Tenable Professional Services Tenable Professional Services offers two levels of Tenable One Deployment Service, both of which provide a structured, end-to-end approach for implementing and optimizing the Exposure Management platform. With this guidance, your team can gain the visibility, confidence and capabilities needed to actively manage exposure and reduce cyber risk. Tenable Webinars Customer Update Webinars Tune in for product updates, demos, how-to advice and live Q&A to help you get more value from your investment in Tenable solutions. LIVE July 2025 Tenable WAS, July 8, 2025, 11 am ET: Join us for a deep dive into recently released WAS features and capabilities. Tenable Nessus, July 8, 2025, 1 pm ET: Testing for specific CVEs with Nessus. Tenable OT Security, July 9, 2025, 11 am ET: Learn how Tenable OT Security 4.3 unlocks unprecedented visibility and control across your OT/IT environment. Tenable Vulnerability Management, July 9, 2025, 1 pm ET: Credentialed scans versus uncredentialed scans and how to use managed credentials. Tenable One, July 10, 2025, 11 am ET: Learn how Tenable One can now ingest important security context from non-Tenable security tools to help better identify, prioritize and reduce cyber risk. Tenable Security Center, July 10, 2025, 1 pm ET: OS breakdown: reporting exposures by operating system. ON-DEMAND June 2025 Tenable Identity Exposure: Join us to explore new features and capabilities in the latest release of Tenable Identity Exposure. Tenable Nessus: Discovery scan templates and when to use them. Tenable Cloud Security: Just-in-time (JIT) access dramatically reduces exposure from compromised identities. Join us to learn how this capability is enabled with Tenable Cloud Security. Tenable Vulnerability Management: Develop exposure response strategies with Tenable Vulnerability Management. Tenable One: Learn how Exposure Signals and Installed Software leverage data from your security stack to enrich Tenable One findings and strengthen the impact of your exposure management efforts. Tenable Security Center: Learn when and how to use triggered Agent scanning in Security Center. Customer Office Hours These are recurring ask-me-anything sessions for Tenable Security Center, Tenable Vulnerability Management, Tenable Cloud Security, Tenable Identity Exposure and Tenable OT Security. Time-zone-appropriate sessions are available for the Americas and Europe (including the Middle East and Africa, and Asia Pacific). Learn more and register here. Other Webinars of Interest June 25, 2025: Research Insights from the 2025 Verizon DBIR: What You Need to Know to Secure Smarter June 24, 2025: From Fundamentals to Focus: Enhancing Cloud Security with Tenable - Customer Workshop Series June 17, 2025: Beyond Cyber Chaos: How Public Sector Orgs Secure Smarter with Exposure Management On-demand: Security Without Silos: How to Gain Real Risk Insights with Unified Exposure Management For More Webinars Please visit tenable.com/webinars for the most up-to-date schedule. Tenable Research Research Security Operations Announcement Where Capability Meets Opportunity: Meet the Tenable Research Special Operations Team Rapid Response Microsoft’s May 2025 Patch Tuesday Addresses 71 CVEs (CVE-2025-32701, CVE-2025-32706, CVE-2025-30400) CVE-2025-32756: Zero-Day Vulnerability in Multiple Fortinet Products Exploited in the Wild CVE-2025-4427, CVE-2025-4428: Ivanti Endpoint Manager Mobile (EPMM) Remote Code Execution CVE-2025-31324: Vulnerability in SAP NetWeaver Exploited in the Wild Tenable Research Advisories HPE Insight Remote Support Multiple Vulnerabilities Siemens User Management Component V2.15 Multiple Vulnerabilities Feature Release Highlights New Plugin Family: Tencent Linux Local Security Checks Azure Cloud Infrastructure Scanning for Government Windows LAPS Support in Nessus-based scanners Over 400 New Vulnerability Detections in June!
