April 2026 Tenable Product Newsletter
Check out our April newsletter to learn about the latest product and research updates, upcoming and on-demand webinars and educational content — all to help you get more value from your Tenable solutions. EXPOSURE 2026 The Tenable Exposure Management Conference There’s still time to register for EXPOSURE 2026, the first and only in-person event dedicated to exposure management for the AI era. Join us in Boston, Mass., from May 19-21, 2026, to: Get a practical blueprint for securing your AI attack surface. Hear real-world strategies from the industry’s top security executives. Master new techniques in hands-on labs and exclusive training sessions. Register now! Product update: Standardizing Tenable risk scoring Coming July 1: A new standard for VPR For the past several months, many customers have utilized VPR (Beta) to gain deeper insights into exploitability. We are excited to announce that on July 1, this model will be promoted to the primary Vulnerability Priority Rating (VPR) across the Tenable platform. By standardizing on this advanced model, we are retiring legacy VPR scoring to ensure every customer benefits from our most sophisticated threat intelligence. We're also enhancing our asset classification engine. As a result, customers with access to Asset Criticality Ratings (ACR) will see these scores more accurately reflect real-world business risk. Read the full update on Tenable Connect. Tenable Cloud Security Stop chasing ghosts. Start fixing what's actually exposed. This month, we’re trading “potential risk” for proof. Spotlight: Reachability, validated Network Scanner results now feed directly into our core risk engine. Instead of flagging every internet-facing asset, Tenable dynamically confirms what’s actually reachable across AWS, GCP, Azure, and OCI, so you chase toxic combinations on truly exposed assets, not shadows behind a WAF. Also new Unified accounts page. One view for every cloud and identity account. Goodbye, provider silos. More wins for your team Protect dev velocity. Exclude unresolvable CVEs from container scans so noise doesn’t break builds. Effortlessly scale triage. Turn any Explorer investigation into a permanent automation rule. Automate least privilege. Auto-generate custom roles for over-privileged Entra ID and GCP groups based on real usage. Find what others miss. Updated engine surfaces vulnerabilities buried in nested JAR files. View full release notes → Tenable Vulnerability Management Introducing VM-Native OT Discovery Safely identify and profile connected PLCs, HMIs, and IoT devices using the vulnerability management toolset you already own. No specialized hardware or complex deployments required. Turn your existing IT security tools into a safe OT discovery engine today and get visibility into your IT/OT security gap. Watch the guided demo to see this new capability in action. Review the latest documentation for Scan Templates and Discovery Settings to get started. Find and fix hidden risks across your infrastructure To protect your environment, you need a clear view of every asset and vulnerability. New reports and dashboards give you visibility to find hidden exposures in your Java, database, and operating system layers before they lead to a disruption. Identify every Java vulnerability: Go beyond a simple update to secure Java and see how unmanaged applications expand your risk. Java visibility and exposures dashboard: Get a full view of your Java ecosystem to find legacy flaws and library exploits that could give attackers access to your internal network. Java visibility and exposures report: Turn complex scan data into a clear map of your assets to find hidden weaknesses in unpatched installations before they cause a disruption. Prioritize your database security: Protecting your data depends on knowing which databases are most vulnerable. This new report and dashboard help your team close exposures and meet audit requirements by highlighting critical gaps. Database application visibility and exposures dashboard: Use this one-stop shop to see all supported and unsupported databases in one place. You can quickly see which assets are exploitable or have been active for too long, so you know what to patch first. Database visibility and exposures report: Streamline your compliance audits and vulnerability assessments with a clear breakdown of your database risks and best practices. Inventory your assets and improve scan accuracy: Full visibility requires knowing exactly what is running on your network. Operating system and application inventory with data troubleshooting report: Get a high-level summary of your OS and application instances. Includes specific queries to help you identify and fix scan fidelity issues for data accuracy and effective security operations. Tenable Nessus We’re thrilled to announce that Tenable Nessus v10.12 is now available for early access, with general availability expected later this month. This release streamlines your workflow with a revised interface and updated security protocols. Organize scans: Simply drag and drop existing scans from a list view directly into a folder or directory for easier organization. Import files: Instantly import a scan file (like .nessus) by dragging it from the local desktop into Nessus. OpenSSL 3.5 support: Nessus now fully supports OpenSSL 3.5, ensuring your vulnerability assessment operations meet the latest cryptographic standards. FIPS-140.3 support: Support for the FIPS 140-3 standard has been added. View Nessus 10.12 product documentation for more info Tenable Security Center Tenable Security Center 6.8 Focus on the vulnerabilities that truly matter with AI-powered VPR insights and clear mitigation guidance. This release streamlines your operations with unified asset repositories for IPv4, IPv6, and Agents, and improves efficiency with new background query processing and scan optimization tools. Foundational visibility for cyber-physical systems with VM-native OT Discovery We recently added native OT discovery capabilities in Tenable Security Center, allowing you to quickly map unknown/unmanaged cyber-physical systems (PLCs, IoT devices, etc.) using the tools you already own. Get insight into mission-critical OT assets across your network without risking disruption or the need for additional agents or add-on purchases. Find out how to configure your first scan here. View full release notes → Tenable OT Security Introducing Tenable OT Security 4.6 Our latest release introduces a variety of new features and performance enhancements, including refined scan controls and streamlined workflows for large-scale enterprise environments. Massive subnet scaling: Now supports up to 5,000 subnets per ICP, significantly increasing visibility for distributed large enterprise deployments. Centralized network management: A new Monitored Networks page includes bulk-add capabilities and the ability to stage inactive networks before monitoring. Precision scanning: New scan customization options allow you to define specific credential usage per scan for safe discovery of sensitive assets. Streamlined platform navigation: Updated workflow for SSO/SAML users allows you to instantly pivot back to the Tenable One platform with a single click. Remote agent updates and query restrictions: Update OT agents directly from the ICP, remove local site visits or manual CLI intervention, and restrict specific protocol queries with OT agents. Enhanced diagnostics: Deeper metadata in asset log exports for faster troubleshooting. IoT connector updates: Major stability and performance upgrades for Milestone, AvigilonES, and Exacq Edge integrations for IoT asset discovery. Update required: Tenable OT Security 4.5 Service Pack (version 4.5.61) All customers running version 4.5 should apply this upgrade immediately for optimal system stability and performance when processing high volumes of network conversations. This update also addresses communication gaps with Rockwell Stratix devices and Nessus scans. View full release notes → Tenable Identity Exposure Sharper signal. Steadier platform. This month, we are making the detections you rely on more precise, and the platform underneath more resilient. Detections that cut through the noise Golden Ticket IoA, now directory-aware. Smarter logic means fewer false positives and fewer missed hits in multi-domain environments. Richer PetitPotam context. Detections now surface hostnames and source IPs, so triage starts with answers, not questions. Platform you can count on Accurate API pagination. Iterate through result sets cleanly for faster, more reliable reporting. Self-healing listeners. RabbitMQ and Sysvol connections now auto-recover after restarts or network blips. View full release notes → Tenable PCI ASV Tenable PCI ASV interface update The Tenable PCI ASV interface will change on or around May 8, 2026, to simplify your compliance workflow. Changes will not affect your data, scan history, attestation records, or scan configurations. Here’s what’s changing: Renamed actions: Submit PCI is becoming Import to ASV Workbench, and the In Remediation tab changes to Scan Customer Review. Easier review: A new Accept button and compliance dialog let you confirm requirements in fewer clicks, with a progress indicator to track your status in real-time. Unified vulnerability view: Failures and Disputes merge into a single Vulnerability Review & Disputes tab. Updated Navigation: The Submit to ASV Review button is moving to a more intuitive position in the workflow. The changes will happen automatically. You don’t need to take action. Questions? Contact Tenable Support or your Customer Success Manager. Tenable Training and Product Education Enhanced Tenable Vulnerability Management training now available Maximize your security investment with the redesigned Introduction to Tenable Vulnerability Management course, available at no cost in Tenable University. This updated experience includes interactive elements, demonstration videos, and knowledge checks to help you quickly gain practical expertise. You will navigate the latest user interface with ease while implementing recommended settings to optimize your platform configuration from day one. Tenable Connect Join the Tenable Connect Office Hours group Missed a live Office Hours session? No problem! We are excited to launch the official Office Hours group to provide you with a centralized hub for Office Hours sessions and support. When you join the group, you’ll be able to: Watch recordings: Access the library of past regional Office Hours sessions at your convenience. Review key Q&As: Review important questions and expert answers from every call so you can find solutions without watching the full video. Search with ease: Use Tenable Connect’s unified search to find specific topics discussed across any of our recorded sessions. Don't miss a beat! Join the group to catch up on the latest sessions and stay ahead of the curve. And register for upcoming live Office Hours sessions here. Tenable Webinars Tune in for product updates, demos, how-to advice, and Q&A. See all upcoming live and on-demand webinars at tenable.com/webinars. On-demand Tenable customer update: April 2026: Watch this quarterly Tenable customer update to learn how to use AI to augment your security team, secure your expanding AI attack surface, uncover hidden risk across your connected IT/OT environments, and more. Products covered: Tenable One, AI Exposure, Tenable Vulnerability Management, OT functionality, third-party data connections, and Tenable Security Center. Customer Office Hours Recurring ask-me-anything sessions for Tenable One, Tenable Security Center, Tenable Vulnerability Management, Tenable Cloud Security, Tenable Identity Exposure and Tenable OT Security. Time-zone-appropriate sessions are available for the Americas, Europe (including Middle East and Africa), and Asia Pacific (APJ). Register here. Tenable Research Research Security Operations blog posts Subscribe to the Research team blog posts here. The hidden cost of AI speed: Unmanaged cyber risk Supply chain attack on Axios npm package: Scope, impact, and remediations Research release highlights Potential Vulnerabilities: Tenable Research is officially introducing Potential Vulnerabilities. A potential vulnerability is a finding that has a lower degree of certainty as to whether the assessed application is or is not vulnerable. Improvement to printer OS fingerprinting: Scanned printers will now have an OS artifact surfaced in their scan host metadata if the target has been identified as a printer when the Scan Network Printers policy option is disabled. Content coverage highlights Almost 4,500 new published vulnerability plugins. More than 130 new audits delivered to customers. Read Tenable documentation.
[GA] Tenable Patch Management v10.0.971.26 is officially LIVE!
We are pleased to announce the General Availability of Tenable Patch Management (TPM) v10.0.971.26! This quality-focused update delivers critical stability and performance fixes for both On-Premise and SaaS environments. Enhanced Reliability & Precision Reporting This release addresses high-priority issues including strategy corruption, database scaling, and compliance reporting accuracy. Top Fixes to Pitch: Strategy Integrity: Fixes a critical defect where simplified patching strategies could become corrupted or fail to load "How to Patch" configurations. Precision Reporting: Corrects compliance percentage variables to eliminate "over 100%" reporting errors. Improved SaaS Reliability: Resolves "502 Bad Gateway" errors and database deadlocks by optimizing connection pooling and PostgreSQL-specific ports. Patch Filter Conditions: Corrects errors in Patch Filter UI and Tenable.Vpr filter handling. Added a dropdown for true/false boolean fields and updated VPR filters to require the Tenable.VprInteger format. Cloud Compatibility: Fixed the cloud install script (.sh) for successful execution when used in JAMF script payloads. Platform Modernization: Full integration of Java 25 and log4j 2.25.3 for peak security and performance. WSUS Intelligence: Improved WSUS scanning logic to mark patches as "Not Applicable" if a superseding patch is already present. P2P Configuration: New brp2p.minimum_viable_volunteer_count setting to better manage peer-to-peer download sources. Customer-Facing Resources: Release Date: March 5, 2026 Hotfix Version: 10.0.971.26 Changelog: View Release Notes Docs: TPM Complete Documentation Upgrade Path: SaaS/Cloud: Your SaaS Tenants are upgraded to v10.0.971.26 automatically. Please upgrade your clients accordingly. On-Premise: Customers can download the latest version of server and clients from the TPM Downloads portal immediately. Questions? We’re a ping away! Reach us at connect.tenable.com. Happy Upgrading! - Ahmad Maruf Tenable Patch Product Management[GA] Tenable Patch Management 10.0 is officially LIVE! Experience the magic of simplicity.
Today, we are thrilled to unveil the latest evolution of Tenable Patch Management (TPM): The General Availability (GA) of TPM v10.0. This update represents a significant transformation of our product, designed to deliver on the promise of modern, frictionless, and autonomous patching. Big News: One Product, One Experience We have officially unified our product experience by retiring the "Express" vs. "Enterprise" distinction in favor of a Single SKU model. Whether you require high-speed simplicity or deep granular control, you no longer have to choose, every customer now has access to the full power of the Tenable patching engine. Experience the Magic of Simplicity TPM 10.0 reduces operational complexity by focusing on the daily workflow of the administrator. Here is what you will find inside: Administrator-first interface: Our new homepage prioritizes "Blind Spots" and "Delta Numbers," giving you an instant view of unpatched gaps and real-time changes in your environment. 6-step guided setup: A new interactive onboarding wizard replaces hours of manual setup, covering integration and device verification in minutes. "What, When, & How" strategy builder: Build complex patching strategies using a guided process focused on three simple questions: What are we patching? When is it happening? How should it behave? Deployment rings: We have evolved "Waves" into Deployment Rings with automated Transitions (Success, Approval, or Delay) to control exactly how patches move through your environment safely. The emergency kit: Access a "Global Pause" button, instant rollbacks, and exception controls directly from your dashboard for moments when you need to act fast. Advanced settings hub: We haven't removed the deep customization you love; we've just organized it. Features like Intent Schema and Flex Controls have moved to this hub to keep your main workspace clean. Enhanced RBAC (on-premise): We have introduced new built-in security roles for scoped access and security audits. Release details On-premise version: v10.0.971.19 (Server & Client) SaaS version: v10.0.971.18 (Server) | v10.0.971.15 (Client) Technical update: Both Server and Client have been updated to use Java 25 for peak performance and security. Migration & licensing: what it means for you Note: Your existing patching strategies and product configurations remain completely untouched by this upgrade and will continue to function exactly as designed. Customer type What happens today? Action required SaaS / Cloud Server: Your Console is updated to v10 automatically. Clients: Please follow the instructions here to upgrade your clients to v10. None. You have immediate access to v10 features. Your subscription transitions to the new model at your next renewal. On-premise Your choice. You remain on your current version until you choose to upgrade. Recommended: Contact us for a Zero-Dollar Exchange Order to unlock v10 features today, then download the update below. Transition to single SKU will be mandatory during renewal. Get started with these resources Explore these resources to hit the ground running: Download: Get TPM On-Premise v10.0 Changelog: View Release Notes At a Glance: What's New in TPM 10.0 Guide Release Demo: TPM 10.0 Video Walkthrough New User Guide: Single, Consolidated User Guide Docs: TPM Complete Documentation Log in now to experience the magic of simplicity combined with deep control. Happy Patching! — Ahmad Maruf Principal Product Manager, Tenable Patch Product ManagementUnify security data, tools, and teams with new Tenable One features
Managing risk across multiple security tools just got a whole lot easier! Tenable One is enhancing its leadership in exposure management with the introduction of third-party connectors and unified dashboards, giving security teams unified visibility and deeper insights across the entire attack surface—all from a single platform. See the guided demo Why we think you'll love it: ✔ Break down silos – Gain unified exposure visibility and context and manage risk from a single platform, across Tenable and 3rd-party tool data. ✔ Prioritize what matters most – Uncover toxic risk combinations based on data from all of your tools across your attack surface. ✔ Holistic risk analysis – Use a single platform for reporting on all risk and exposure findings across your environment. Read more here or contact Tenable Customer Care or a member of your account team for more information.
