Webinar: Customer Product Update Webinars - July 2025
Check out the latest monthly Customer Update Webinars below and save your spot! Recordings will be posted after the live webinar has concluded. Tenable WAS, July 8, 2025, 11 am ET: Join us for a deep dive into recently released WAS features and capabilities. Tenable Nessus, July 8, 2025, 1 pm ET: Testing for specific CVEs with Nessus. Tenable OT Security, July 9, 2025, 11 am ET: Learn how Tenable OT Security 4.3 unlocks unprecedented visibility and control across your OT/IT environment. Tenable Vulnerability Management, July 9, 2025, 1 pm ET: Credentialed scans versus uncredentialed scans and how to use managed credentials. Tenable One, July 10, 2025, 11 am ET: Learn how Tenable One can now ingest important security context from non-Tenable security tools to help better identify, prioritize and reduce cyber risk. Tenable Security Center, July 10, 2025, 1 pm ET: OS breakdown: reporting exposures by operating system.
September 2025 product newsletter
Greetings. Check out our September newsletter to learn about the latest product and research updates, upcoming and on-demand webinars and educational content — all to help you get more value from your Tenable solutions. NEW! Tenable AI Exposure We have officially launched Tenable AI Exposure. It helps you see, secure and manage how your organization uses AI tools like ChatGPT Enterprise and Microsoft Copilot across your enterprise. Safeguard sensitive data, stop AI-driven attacks and establish governance for safe AI adoption. Be among the first to try it! Learn more and sign up for the private customer preview here. Tenable One August 2025 release: This month's release delivers faster insights, broader coverage and greater control over your exposure data. Release highlights: Dashboard enhancements: With daily data updates, new chart types and dedicated filters for CISA KEV and end-of-life software, Tenable One dashboards now make it easier to analyze specific risks, communicate impact and speed up response. Tenable On-Prem Connector: Install the Tenable On-Prem Connector to create a secure, encrypted connection to safely bring on-premises exposure data into Tenable One. Get the insights you need without putting your network at risk. Asset information source display: Deduplication in Tenable One is key to ensuring a clean, accurate view of each asset, without redundant information from multiple sources. With this release, the asset details screen now clearly displays the source that populates findings and property information, so your team fully understands and trusts asset data. Dynamic asset tagging: Define dynamic rule-based criteria that automatically apply tags to all Tenable One data for easier customization and greater control over tagging rules. This improvement enables smarter segmentation, precise asset management and deeper analysis across the platform. Explore all platform enhancements Tenable Connect Coming soon: Enhanced Support case experience We're excited to announce a new case creation and management experience. This release will streamline how you open and track cases while leveraging Generative AI to improve search and help you find answers faster. Stay tuned for enablement resources posted within Tenable Connect to maximize this new functionality. Tenable Cloud Security Reminder: Tenable Cloud Security requires that you log in to view documentation and release notes. To try/see the product, contact your account manager – or request a demo. Read all about it: New Tenable white paper by Analyst IDC: “Bridging cloud security and exposure management for unified risk reduction.“ This commissioned piece explores the value of exposure management and Tenable strengths. White paper • Blog Featuring fintech customer Snoop. We are honored to share the Tenable story of Snoop, using CIEM and JIT to enforce least privilege. Video [Want to tell your Tenable story? Let your Tenable rep know. We’d love to capture it!] Security alert: Tenable Research detected a supply chain attack in certain Nx build system packages that exfiltrated secrets to GitHub. GitHub has disabled the repos, yet compromised versions may persist. We’ve flagged any affected packages in your Tenable Console (Vulnerability ID: GHSA-cxm3-wv7p-598c). Act now: Update packages and rotate exposed secrets. Platform: Default Home and Favorite dashboards. Set a default Home dashboard to see your most important security insights first, and mark frequently used dashboards as Favorites for instant access. Benefit: These usability updates let you focus on what matters most in your workflow so you can work faster, make informed decisions and keep pace as the platform adapts to your needs. Japanese language support is here. You can now navigate the full Tenable Cloud Security Console in Japanese (switch via your profile menu), and access our documentation portal in Japanese for a smoother, more localized experience. Benefit: Japanese customers are the first to benefit from our new language infrastructure, designed to accelerate the rollout of additional languages. Watch this space! CWP: Workload Protection Clusters filter and column. Identify vulnerable clusters and all related vulnerabilities more easily. (The column is hidden by default.) Resolved filter. In the Workload > Vulnerabilities table, quickly display only vulnerabilities marked as resolved. Benefit: Get clear visibility into cluster-level risks and easily distinguish open from resolved issues to streamline vulnerability management and save time. CSPM: New and updated security best practice support Tenable now supports AWS Foundational Security Best Practices, CIS Azure 2.0, CIS Kubernetes 1.8 and CIS OpenShift 1.5. Benefit: Stay ahead of evolving threats and strengthen your security posture across cloud and container environments. Up-to-date best practices simplify compliance, reduce risk and make it easier to consistently implement proven security controls. DSPM: AWS RDS support for Oracle Data protection scanning is now available for Oracle on AWS RDS, for both Enterprise and Standard license holders. Benefit: Extend visibility into sensitive data stored in Oracle RDS to improve protection and compliance across more of your cloud database environments. Tenable Identity Exposure Tenable Identity Exposure uncovers Storm-0501's cloud identity threats: Financially motivated threat actor Storm-0501 is advancing cloud-based ransomware and hybrid identity compromises to move seamlessly between on-premises Active Directory (AD) and Microsoft Entra ID. Tactics include initial identity exploitation that compromises AD and abuses non-human synced Global Admin accounts in Entra ID, along with malicious persistence, where they establish backdoors by adding rogue federated domains with tools like AADInternals to gain persistent access and impersonation capabilities. Attacker tactic How Tenable Identity Exposure prevents it Initial compromise Flags high-privilege, improperly synced Entra ID accounts from on-prem AD, a configuration Microsoft advises against. MFA bypass Identifies critical, privileged accounts missing MFA, one of the most exploited gaps in hybrid identity attacks. Malicious persistence Detects backdoor federated domains and anomalous signing certificates using multiple indicators of exposure (IOEs), including: Known Federated Domain Backdoor, Federation Signing Certificates Mismatch, Unusual Federation Certificate Validity, Federated Domains List for verification against legitimate IDPs. Tenable Identity Exposure continuous monitoring of IoEs uncovers and aids remediation of critical identity risks before groups like Storm-0501 can exploit them. Tenable Identity Exposure documentation. Tenable Vulnerability Management Streamline ACSC Essential 8 compliance with new dashboards Simplify and strengthen your Essential 8 reporting with Tenable’s new ASD Essential 8 dashboards. These dashboards take your risk-mitigation SLAs to the next level, giving you a clear, real-time view of progress toward ACSC Essential 8 compliance. Quickly spot gaps, track patching and remediation efforts, and demonstrate measurable risk reduction. Monitor internet-facing assets, ensure critical applications are patched, and confidently report on SLA performance, all in one place. Explore the resources to get started: Applying Tenable’s risk-based VM to the ACSC Essential 8 ASD Essential 8 – Patch Applications dashboard ASD Essential 8 – Internet-Facing Assets dashboard Tenable Security Center Critical security patch 202508.1 now available Protect your Security Center deployment with the new patch 202508.1, which fixes critical third-party vulnerabilities in Apache, PHP and SQLite, including CVE-2025-23048, a critical Apache flaw. The update applies to versions 6.4 through 6.6 and must be installed manually. If you’re running 6.5.0, upgrade to 6.5.1 before applying it. For full details, see the release notes, security advisory, and download the patch; this update will be included in future Security Center releases. Tenable OT Security What's new in Tenable OT Security 4.4 The latest version is now available. It introduces several new features and enhancements to improve visibility, streamline workflows, and expand coverage across your industrial environment. OT asset tag data synchronization: Asset tags you create in Tenable OT Security will sync with Tenable One and Tenable Security Center to integrate OT context directly into your enterprise-wide reporting and security workflows. Policy violations dashboard: A redesigned view aggregates disparate alerts and events (e.g. unauthorized access, configuration changes) into unified and actionable Policy Violations to significantly reduce alert fatigue so you can focus on remediating your most critical exposures. Check out this guided demo to see it in action! PLC product file imports: Import PLC project files (starting with Rockwell Automation) to enrich your asset inventory. This provides deep visibility on live or sensitive OT devices without performing active queries. Merge assets: A new workflow helps you find and merge duplicate asset entries for a cleaner and more accurate OT asset inventory. Foxboro DCS support: Gain visibility into Foxboro Distributed Control Systems to extend security monitoring into complex industrial environments. VXLAN support: Analyze network traffic within Virtual Extensible LANs (VXLAN) to monitor assets and activity in modern virtualized data centers. Multi-interface sensor configuration: A simplified workflow allows a single sensor to simultaneously listen on multiple network interfaces to reduce deployment time and complexity. Review the release notes to learn more about what’s new in this release and how to upgrade. Tenable Nessus Reminder: End of support for Terrascan in all Nessus versions Tenable announced the End of Life for Terrascan in Nessus. The last day to download the affected product(s) is Sept. 30, 2025. Customers will receive continued support through the Last Date of Support. For more information, please refer to the bulletin announcement. Reminder: Nessus 10.9 is generally available Nessus 10.9 introduces several key features to empower your security teams, including offline web application scanning in Nessus Expert. For more information, see the Nessus 10.9 release notes and Nessus 10.9 User Guide. You can also view this announcement under Product Announcements in Tenable Connect. Tenable Training and Product Education Connectors added to Tenable One Intro course The updated Introduction to Tenable One course in Tenable University now shows you how to connect third-party security tools to the exposure management platform, to give you a unified view of risk across your entire attack surface. This no-cost training is open to customers, partners, prospects and the public. Start learning today at Tenable University. Tenable webinars Tune in for product updates, demos, how-to advice and Q&A. See all upcoming live and on-demand webinars at https://www.tenable.com/webinars. Live Oct 1, 2025: Beyond the endpoint: Exposure management that’s proactive. Why endpoint-first vulnerability management isn’t enough. Oct. 7, 2025: Nessus customer update. Troubleshooting common Nessus issues. Oct. 8, 2025: Tenable Vulnerability Management customer update. Operationalizing AI Aware to discover Shadow AI in your environment. Oct. 9, 2025: Tenable One customer update. Identity security in an exposure management program. Oct. 10, 2025: Tenable Security Center customer update. In-depth guide to user roles and permissions. On-demand September Tenable Nessus customer update: From the ground up – building a custom scan policy in Nessus. September Tenable Vulnerability Management customer update: Using Nessus agents in Tenable Vulnerability Management. September Tenable One customer update: Introducing AI Exposure, and other topics. September Tenable Security Center customer update: Answering the CISO – a guide to Assurance Report Cards. Ecosystem view of risk: Integrate cloud security with your security stack. Customer office hours These are recurring ask-me-anything sessions for Tenable Security Center, Tenable Vulnerability Management, Tenable Cloud Security, Tenable Identity Exposure and Tenable OT Security. Time-zone-appropriate sessions are available for the Americas, Europe (including the Middle East and Africa and Asia Pacific (APJ). Learn more and register here. Tenable Research Research Security Operations blog posts Frequently Asked Questions About Chinese State-Sponsored Actors Compromising Global Networks CVE-2025-54135, CVE-2025-54136: Frequently Asked Questions About Vulnerabilities in Cursor IDE (CurXecute and MCPoison) Frequently Asked Questions About SonicWall Gen 7 Firewall Ransomware Activity CVE-2025-54987, CVE-2025-54948: Trend Micro Apex One Command Injection Zero-Days Exploited In The Wild CVE-2025-53786: Frequently Asked Questions About Microsoft Exchange Server Hybrid Deployment Elevation of Privilege Vulnerability Microsoft’s August 2025 Patch Tuesday Addresses 107 CVEs (CVE-2025-53779) CVE-2025-25256: Proof of Concept Released for Critical Fortinet FortiSIEM Command Injection Vulnerability CVE-2025-7775: Citrix NetScaler ADC and NetScaler Gateway Zero-Day Remote Code Execution Vulnerability Exploited in the Wild Research release highlights Include/Exclude Path and Tenable Utils Unzip added to Log4j Detection Nutanix Prism v4 API Compatibility Excluding the SUSE Linux Snapshots directory from Language Library enumeration Content coverage highlights Almost 17,000 new vulnerability plugins published including new AI Aware detections! Over 25 new audits delivered to customers! Quick links Join the Tenable Connect community Sign up for on-demand training Watch Tenable product education videos — more than 250 videos now available Check out all upcoming and on-demand Tenable webinars Read Tenable documentation: Documentation RSS Feed Tenable Vulnerability Management User Guide Vulnerability Management Release Notes Tenable Web App Scanning User Guide Tenable Web App Scanning Release Notes Tenable Cloud Security User Guide Tenable Cloud Security Release Notes Tenable Identify Exposure User Guide Tenable Identity Exposure Release Notes Tenable Security Center Release Notes Tenable Security Center 6.5 User Guide Tenable OT Security Release Notes Tenable OT Security User Guide Tenable Attack Surface Management User Guide Exposure View User Guide Exposure View Release Notes Asset Inventory User Guide Asset Inventory Release Notes Attack Path Analysis User Guide Attack Path Analysis Release Notes Tenable Nessus Release Notes Tenable Nessus 10.8 User Guide Tenable Nessus Agents 10.8 User Guide Tenable Nessus Agents Release Notes Tenable Nessus Network Monitor 6.5 User Guide Tenable Nessus Network Monitor Release NotesOctober 2025 Tenable Product Newsletter
Greetings! Check out our October newsletter to learn about the latest product and research updates, upcoming, and on-demand webinars and educational content — all to help you get more value from your Tenable solutions. Tenable One What's New in Tenable One: September 2025 Release This month's release delivers deeper visibility, faster analysis, and more flexibility in managing your organization's risk exposure. Dashboard data drill-down: Dive deeper into your dashboards. Investigate the data behind widgets, KPIs, and trends to validate insights and easily explore details. New dashboard widgets: The widget library now includes seven additional built-in widgets for more ways to visualize and analyze your exposure data. Global Search on Findings page: Build and run complex queries directly from the findings page to pinpoint the exact data you need without switching pages. Dedupe: Information order configuration: Control which sources take priority in property deduplication, so your asset inventory always reflects the most trusted data. See all platform enhancements >> Tenable Cloud Security Reminder: Tenable Cloud Security requires that you log in to view documentation and release notes. To try/see the product, contact your account manager or request a demo. New use cases and research insights Three new demonstrations of common Tenable Cloud Security uses to ease your path to cloudsec maturity: Ecosystem view of risk, Complete cloud lifecycle visibility and Cloud misconfiguration identification and remediation. Recently published Tenable research items: Gemini Trifecta: Read about the three (now-remediated!) vulnerabilities Tenable cloud research discovered within Google’s Gemini AI assistant suite. Security advisory: “Shai Hulud”: Find packages potentially compromised by this NPM supply chain attack flagged in your Tenable Console as “advisory vulnerabilities.” Take action: 1) Update/roll back affected packages. 2) Rotate secrets that may have been exposed. A new Insight Brief that explores key observations on complexity gleaned from our recent “State of the cloud & AI security” report. Platform: Usability and reporting/display enhancements Streamlined console navigation: Enjoy the new console navigation menu, fully redesigned for a more intuitive and efficient user experience. This major update helps you find the insights/tools you need faster. Column selection for inventory reports: Customize your inventory reports by selecting specific columns for inclusion. Create more focused, efficient reports with just the information you need. TV mode: View any dashboard in this full-screen, distraction-free mode. Use for continuous, real-time, operational display and broad visibility of security status. CWP - Workload protection Enhanced Vulnerability Priority Rating (VPR): Benefit from Tenable's enhanced VPR, now twice as efficient. Enable teams to focus on just the 1.6% of vulnerabilities posing real risk, with prioritization inclusive of industry/geo context. See the white paper. Improved coverage and accuracy in vulnerability detection: The addition of scoped NPM packages enhances visibility into Node.js workloads. No more flagging in unused kernel versions improves Linux workload vulnerability detection accuracy. Added granularity to Kubernetes workload vulnerability management: Directly map vulnerability findings in container images to specific Kubernetes workloads (e.g., EKS). This enhancement clarifies risk attribution and streamlines remediation by application or team. IAM - Identity and access management Configure trusted vendors: Tenable now lets you mark external vendors as trusted. This helps reduce finding severity and close toxic combinations, and focus monitoring on meaningful external access to make risk management more efficient. Learn more. Automatically remediate unused SSO permissions: Quickly identify and remove inactive SSO groups or users with a single click to streamline your risk mitigation process. This strengthens least-privilege enforcement and reduces identity risk. JIT - Just-In-Time Access Expanded Slack actions: We’ve enhanced Slack support with key actions available in the JIT Portal, including self-revoking active sessions and submitting recurring access requests. These updates make JIT workflows in Slack faster and more productive to drive adoption of this high-value feature. Read about JIT access here. Tenable Vulnerability Management Accelerate plugin testing with quicker agent updates Speed up your plugin testing workflows and deploy the most recent plugins faster using the new Accelerated Plugin Updates feature. This provides an additional toggle within your agent profiles. When enabled, the agent will check in more frequently than the default to look for any changes made to the plugin scheduling section “Select Plugin set from last 30 days.” This increased check-in frequency helps you shorten the time it takes to get tested plugins onto assets. Note that this feature only supports updates to the “Select Plugin set from last 30 days” setting, and does not impact any other plugin update configurations. Find more details in the documentation. Granular control with Agent scan by tag Achieve highly granular control over your vulnerability management by leveraging the new Agent Scan By Tag feature. This empowers you to target your agent scans using both the existing agent group criteria and the asset tags you have defined. This streamlines your scanning workflows by allowing you to zero in on specific asset environments, ownership groups, or criticality levels. Please note, this functionality is currently only supported for scheduled agent scans. To begin configuring your new, targeted scans, read the documentation or release notes. Tenable Nessus Nessus 10.10 Early Access for Nessus 10.10 includes the following features: Global timeout setting to define the maximum duration for a host scan. Support for the upcoming software and plugin updates via scanner profiles for Tenable Vulnerability Management-linked scanners. Support for the upcoming Tenable Vulnerability Management plugin download concurrency feature. Support for the upcoming CPU resource limit setting for Tenable Agents, which will be configurable via agent profiles in Tenable Nessus Manager. To opt in to Early Access, contact your Tenable representative or configure the Nessus Update Plan in the user interface. See release notes. Ended support for Terrascan in Nessus Tenable has ended support for the Terrascan feature, effective Sept. 30, 2025. Terrascan is no longer available for download or supported, and Tenable has removed all related Terrascan functionality from Tenable Nessus. Tenable recommends using Tenable Cloud Security for infrastructure as code (IaC) scanning going forward. For more information, see the Tenable Nessus Terrascan End-of-Service FAQ. Tenable Security Center What’s new in Tenable Security Center 6.7 See your environment more clearly and act faster on what matters most. This release delivers a modern, intuitive experience that improves usability, scalability, and efficiency across your operations. Here’s what’s new: Explore – Assets (Preview): Get a modern view of your assets with structured data, advanced filtering, and improved navigation that helps you identify risks faster. Triggered Agent scanning: Automate Tenable Agent scans based on conditions you define, so you can catch vulnerabilities sooner and respond confidently. Credential verification scan policy: Quickly validate Windows and Unix credential pairs with a built-in template that confirms authentication success. Performance and Reporting Enhancements: Experience faster scan ingest, improved reporting speed, and smoother backend performance that keeps up with your team. Before you upgrade: Version 6.7 supports upgrades from SC 6.3.0 and higher. Hardware specifications are updated for this release. Systems below the new recommendations will still upgrade successfully, but performance may vary. Upgrade now to take advantage of these improvements and keep your environment running at peak performance. Read the release notes or upgrade now. Patches for Tenable Security Center Address recent vulnerabilities by applying two security patches: 202509.2.1 (resolves Critical SimpleSAML CVEs) and 202509.1 (resolves High PostgreSQL CVEs). You need manual installation for both. The Software Updates feature is not compatible with these patches. Key requirements: Compatibility: Patch 202509.2.1 applies to SC 6.4 through 6.6. Patch 202509.1 applies to SC 6.5.1 and 6.6.0. Prerequisite: If you are on SC 6.5.0, you must first upgrade to 6.5.1. Upgrade Note: Patch 202509.2.1 may impact future SC upgrades. See this KB article for more information. See the release notes and advisories (TNS-2025-20 and TNS-2025-18) for full details and download the patches here. Tenable Patch Management Tenable Patch Management v9.3.969.2 (on-prem) We’re excited to announce Tenable Patch Management (On-Prem) 9.3.969.2. This release includes major feature upgrades, new database server requirements, quality improvements, critical security, and bug fixes across the platform. Key updates include: Cross-platform installation enhancements A new auto-upgrade process enables clients to seamlessly upgrade to match the server version (9.3+). Microsoft 365 Patching Support: Native support for Microsoft 365, Office 2024 LTS, 2024, 2021, Visio, and Project with delta Updates, to reduce monthly updates to 30-50MB from 3GB per language, saving up to 95% bandwidth. New Client Validation Tool to verify deployments For a list of covered third-party applications, please visit here and note that we are always adding more. For more information, please read the Tenable documentation and release notes and visit the downloads portal to download the latest version. Tenable OT Security Fortify your CPS security posture with Tenable OT Security 4.4 The latest version of Tenable OT Security is now available, designed to give you a more integrated, efficient, and comprehensive view of your operational environment. Key highlights in this release include: Unified enterprise reporting for your exposure management program: Sync OT asset tags directly to Tenable One and Tenable Security Center to enrich your enterprise-wide security workflows with critical OT context. Reduced alert fatigue: A new Policy Violations dashboard unifies disparate alerts into actionable insights to help you focus on your most critical exposures first. Deep visibility for specialized environments: Gain granular asset details on sensitive devices by importing PLC project files (starting with Rockwell Automation) without active queries. We’ve also added support for Foxboro DCS and VXLAN environments. Streamlined workflows and sensor configuration: A new workflow helps you easily find and merge duplicate assets for a more accurate inventory, while a simplified sensor configuration reduces deployment complexity. Review the full release notes to learn more about what’s new and how to upgrade. Tenable Identity Exposure Unified Exposure Center Get the full picture, faster. The Exposure Overview and Exposure Instances pages are now combined into a single Exposure Center for a simpler, more unified experience. With new quick filters, you can instantly focus on what matters most and cut through noise with ease. Streamlined IoA deployment Deploy indicators of attack (IoAs) more securely and efficiently. The updated process now uses a signed PowerShell launcher script stored in SYSVOL to reduce complexity and improve security. Plus, Group Policy (GPO) automatically deploys the Tenable certificate, so setup is smoother than ever. See Tenable Identity Exposure documentation. Tenable Ecosystem Tenable for ServiceNow update We’re excited to announce version 6.2.0 of the Tenable apps for ServiceNow, which now support Zurich. The Tenable apps now support Washington, Yokohama, and Zurich. We are sunsetting the Tenable.ot for VR application. Please utilize the ServiceNow built application Vulnerability Response Integration with Tenable. View full details here. For more details, read the ServiceNow User Guide and visit the ServiceNow Store for the appropriate Tenable apps for ServiceNow. Tenable Add-on for Splunk v8.0.1 We’ve updated the Tenable Add-on for Splunk v8.0.1 with general bug fixes, along with improved compliance data collection by preserving original fields. For more information, please read the Tenable documentation, and visit Splunkbase to download. Tenable Connect We're excited to announce a new case creation and management experience. This release will streamline how you open and track cases while leveraging Generative AI to improve search and help you find answers faster. Tenable Research Join Tenable’s Research Special Operations (RSO) team on Tenable Connect and engage with us in the Threat Roundtable group for further discussion on the latest cyber threats. Research security operations CVE-2025-20333, CVE-2025-20362: Frequently Asked Questions About Zero-Day Cisco Adaptive Security Appliance (ASA) and Firewall Threat Defense (FTD) Vulnerabilities Microsoft’s September 2025 Patch Tuesday Addresses 80 CVEs (CVE-2025-55234) How Tenable Found a Way To Bypass a Patch for BentoML’s Server-Side Request Forgery Vulnerability CVE-2025-54381 WordPress - WP Social Ninja exposed API Key WordPress - Feed Them Social exposed API Key BentoML CVE-2025-54381 (SSRF) Bypass Microsoft Learn MCP Server Server-Side Request Forgery Research release highlights Improved Printer Fingerprinting New Plugin Family: UnionTech Local Security Checks Machine Learning SinFP Model Updates for OS Fingerprinting Python Package Enumeration - Detection Updates Content coverage highlights Almost 6,000 new vulnerability plugins published, including new AI Aware detections and Shai-Hulud worm. More than 48 new audits delivered to customers! Tenable Training and Product Education Refreshed courses and better learning experience Explore the updated Introduction to Tenable Cloud Security and Introduction to Tenable Identity Exposure courses. They now feature a modernized interface and smoother navigation for an improved learning experience. Access these two no-cost courses, and many more on-demand options, anytime at Tenable University. Tenable Webinars Tune in for product updates, demos, how-to advice and Q&A. See all upcoming live and on-demand webinars at https://www.tenable.com/webinars Live Oct 22, 2025: Securing the future of AI in your enterprise. Policy frameworks that balance opportunity and oversight. Oct 22, 2025: Beyond the endpoint: Exposure management that’s proactive (EMEA). Why endpoint-first vulnerability management isn’t enough. (EMEA session) Nov. 4, 2025: Nessus customer update. Web application scanning with Nessus Expert. Nov. 4, 2025: Tenable OT Security customer update. What’s new in Tenable OT Security 4.4 and a sneak peek of Tenable OT Security 4.5. Nov. 5, 2025: Tenable Vulnerability Management customer update. Best practices for role-based access control (RBAC). Nov. 5, 2025: Tenable Web App Scanning Management customer update. Using WAS to identify and assess AI in your web applications. Nov. 6, 2025: Tenable One customer update. Third-party data in Tenable One. Nov. 6, 2025: Tenable Security Center customer update. How to automate reporting and remediation with alerts. On-demand Beyond the endpoint: Exposure management that’s proactive. Why endpoint-first vulnerability management isn’t enough. October Nessus customer update. Troubleshooting common Nessus issues. October Tenable Vulnerability Management customer update. Operationalizing AI Aware to discover Shadow AI in your environment. October Tenable One customer update. Identity security in an exposure management program. October Tenable Security Center customer update. In-depth guide to user roles and permissions. Customer office hours These are recurring ask-me-anything sessions for Tenable Security Center, Tenable Vulnerability Management, Tenable Cloud Security, Tenable Identity Exposure and Tenable OT Security. Time-zone-appropriate sessions are available for the Americas, Europe (including the Middle East and Africa and Asia Pacific (APJ). Learn more and register here. Tenable documentation Read Tenable documentation.Webinar: Customer Product Update Webinars - June 2025
Each month, Tenable hosts Customer Update webinars on different products and topics. Check out the Customer Update Webinars below and save your spot! Recordings will be posted after the live webinar has concluded. Vulnerability Management: Tune in for product updates and how-to guidance for getting more value from Tenable Vulnerability Management. June 4, 2025 • 1:00PM EDT / 10:00AM PDT . Register here. Tenable One: Learn how you can improve the effectiveness and impact of your exposure management programs with Tenable One. June 5, 2025 • 11:00AM EDT / 8:00AM PDT. Register here. Security Center: Learn how to improve vulnerability management efficiency and effectiveness with Tenable Security Center. June 5, 2025 • 1:00PM EDT / 10:00AM PDT. Register here. Nessus: Learn how you can improve vulnerability management efficiency and effectiveness with Nessus. June 3, 2025 • 1:00PM EDT / 10:00AM PDT. Register here Cloud Security: Just-in-time (JIT) access dramatically reduces exposure from compromised identities. Join us to learn how this capability is enabled with Tenable Cloud Security. June 4, 2025 • 11:00AM EDT / 8:00AM PDT. Register here Identity Exposure: Learn how you can boost the effectiveness and impact of your identity security efforts with Tenable Identity Exposure. June 3, 2025 • 11:00AM EDT / 8:00AM PDT. Register here🚨 Announcing: Tenable AI Exposure 🚨
AI platforms like ChatGPT Enterprise and Microsoft Copilot are boosting productivity, but they also expand your attack surface. AI Exposure, now in Tenable One, gives security teams the visibility and control they need to see, secure, and govern AI use across the organization. Tenable AI Exposure is currently available as a private customer preview for companies actively using ChatGPT Enterprise and/or Microsoft Copilot. If you are interested in joining this exclusive 120-day preview, please sign up through the form found on our product page. With AI Exposure, customers will be able to: Gain deep visibility into AI usage, including prompts, data flows, and risky interactions Identify misconfigurations or unsafe integrations that may expose sensitive data Monitor for AI-specific threats like prompt injection or other AI attacks Enable enforcement of organizational policies and governance standards for AI usage Deploy quickly without agents or disruptions in five minutes or less 🔍 To learn more about AI Exposure, visit our product page.Webinar: Customer Product Update Webinars - August 2025
Check out the latest monthly Customer Update Webinars below and save your spot! Recordings will be posted after the live webinar has concluded. Tuesday, August 12, 2025 Nessus Customer Update - 1 pm ET / 10 am PT How to: Using credentialed scanning to discover AI software. Wednesday, August 13, 2025 Tenable Vulnerability Management - 1 pm ET / 10 am ET How-to: Assessing network conformance with common compliance benchmarks. Thursday, August 14, 2025 Tenable One Customer Update - 11 am ET/ 8 am PT This month, we'll explore how you can leverage Tenable Cloud Security data within Tenable One. Tenable Security Center - 1 pm ET / 10 am PT How-to: Generating trending dashboards in Tenable Security Center.November 2025 Tenable Product Newsletter
Greetings! Check out our November newsletter to learn about the latest product and research updates, upcoming and on-demand webinars and educational content — all to help you get more value from your Tenable solutions. Tenable One What’s new in Tenable One: October 2025 release This month’s release delivers greater visibility, faster analysis, and more flexibility across APA and Inventory to help you manage risk with ease. APA enhanced public APIs: We’ve improved our public APIs with a higher chunk limit and standardized naming conventions for smoother integrations and a more consistent experience. Inventory export: Easily export asset and finding information to CSV or JSON, so it’s simpler to share insights and collaborate across teams. APA new filters: Analyze paths and techniques more efficiently with new filtering options, including MITRE ID and “Archived by User,” for faster, more focused investigations. Create tickets in inventory findings: Drive action across all your assets in Tenable One by creating a direct link between security findings and workflows to improve collaboration and accelerate response times. See all platform enhancements. Tenable is named a Leader in the first-ever Gartner® Magic Quadrant™ for Exposure Assessment Platforms We believe Tenable’s recognition as a Leader, positioned highest in Ability to Execute and furthest in Completeness of Vision among all vendors evaluated, is validation of the path we've forged together with our customers. Together, we’re redefining exposure management. This exciting report comes on the heels of both the IDC MarketScape: Worldwide Exposure Management 2025 Vendor Assessment and The Forrester Wave™: Unified Vulnerability Management, Q3 2025. Tenable is the only vendor recognized as a Leader across all three of these trusted industry reports. Tenable Cloud Security Reminder: Tenable Cloud Security requires that you log in to view documentation and release notes. To try/see the product, contact your account manager or request a demo. Accelerate your cloud security maturity! Now launched: Tenable Cloud Vulnerability Management! This new offering, part of Tenable One, delivers foundational risk prevention and container security for hybrid environments, granting vulnerability management stakeholders key capabilities to: Achieve an agentless inventory of all cloud virtual machines, images and containers Unify vulnerability risk visibility across on-premises and multi-cloud environments Receive clear remediation steps for closing risk while laying the foundation for a holistic exposure management program tomorrow Tenable Cloud Vulnerability Management extends the power of Tenable's leading vulnerability management expertise directly into the cloud for consistent security controls across your entire attack surface. New, actionable use cases to accelerate your cloud security program: Enforce least privilege across cloud identities Mitigate the blast radius of vulnerabilities New Tenable research/accolades: New AI discovery: 7 novel AI vulnerabilities in ChatGPT New insights brief from our State of the Cloud and AI Security research Named CTEM Leader in Latio’s 2025 Cloud Security Market Report Console New finding insights widgets: See risk and response at a glance. Get sharper visibility into your cloud risk posture with new widgets for findings, trending, mean time to resolve (MTTR), and resolved findings. Quickly spot patterns, track progress, and measure response efficiency, all from your dashboard. These new measurement tools equip you to better assess and quantify your cloud security program’s progress and response efficiency. Smarter, custom dashboards for deeper, side-by-side insights: Go beyond static views. Apply granular filters to dashboard widgets, further customization of your dashboards to address your specific needs. Add the same widget multiple times with different filters to instantly reveal insights such as severity trends, without navigating away. Bulk resource labeling: Organize at scale in seconds. Save time and maintain a clean cloud inventory. Apply one or more custom labels to multiple resources at once, like tagging all Production EC2 instances in a single action, for faster organization, enriched context, and more efficient reporting. These features contribute to an ever-more tailored solution, giving you the flexibility to secure your dynamic cloud environment while meeting your operational needs. Data Snowflake data scanning: Find sensitive data fast, now in Snowflake. Tenable Cloud Security now supports inventory and data protection for Snowflake, scanning the platform to detect and classify sensitive data, and give visibility into where critical data lives and if it’s at risk. Reduce your exposure across this popular cloud data platform. Learn more in the Snowflake FAQ in the Documentation. Workload Smarter Linux vulnerability detection: No more noise. Tenable now improves Linux vulnerability detection by ignoring unused kernel versions left after upgrades. Expect fewer unnecessary findings and a clearer picture of the real risks affecting your Linux workloads. Identity IAM access visibility: Spot high-risk resources fast. The IAM Access Level column in Inventory now covers both Azure and AWS. See the highest (maximum) access level any principal has to a resource across your multicloud environment, quickly identify publicly or externally exposed resources, and reduce the risk of over-permissioned accounts. Upcoming changes New network scanning: We’re excited to inform all Tenable Cloud Security users that, starting in December, a powerful new network scanner capability will be available, activated by default. This feature improves your cloud visibility by actively verifying which resources are truly reachable from the internet. It also helps prioritize verified risks more effectively and reduce false positives, so your teams can focus on what truly matters. No further configuration needed. Find results under Inventory > Network Endpoints. To opt out, please go to Settings > Cloud Security > Network > Scanner. Tenable Vulnerability Management Get control over vulnerability exceptions with query-based recast You need to trust your vulnerability data, and that means your exceptions must be spot-on. We've enhanced Tenable Vulnerability Management with Query-Based Recast to give you the precision and automation necessary to confidently manage your risk posture. Here’s how you gain control and speed: Gain precision: Create highly granular vulnerability exceptions using 14 new criteria like Asset Tags, CVEs, networks and multiple plugins. You define the rule exactly, so your exceptions are exactly right. Simplify management: The modernized Rules Management experience now helps you avoid administrative headaches. You see Related Rules upfront, which means you eliminate confusing, conflicting policy outcomes before they take effect. Automate your workflow: Use the new Recast API to fully automate the creation and deployment of your Recast rules. You can integrate exception management directly into your existing security and ticketing workflows. Streamline your operations and get to a more accurate view of your risk faster. Read the Release Notes and review the Documentation. Accelerate your plugin deployment Significantly speed up plugin testing and deployment using the new Accelerated Plugin Updates toggle in agent profiles. When enabled, your agents check in more frequently, about every 33 minutes, to rapidly detect changes to the "Select Plugin set from the last 30 days" scheduling setting. This allows you to quickly push the latest plugins to production systems to minimize deployment latency. For more information, see documentation. Centralized management with scanner profiles Streamline scanner management using new Scanner Profiles, mirroring the functionality of Agent Profiles. Access this feature on the Sensors page under the Scanners menu. Profiles enable you to centrally control: Disabling scanner software version updates Pinning the scanner software version Configuring declarative plugin scheduling options This control simplifies maintenance and ensures consistency across your deployment. Note that Nessus scanners version 10.10.0 and above support this feature. For details, see the Release Note and User Guide. Nessus Tenable Nessus 10.10 now available We released Tenable Nessus 10.10, which includes a new global scan timeout setting so you can define a maximum duration for a host scan for greater control over scan windows. See the release notes for more details on new features and performance enhancements. Additionally, Terrascan has been removed from all standalone Nessus products. iIt is no longer supported. Refer to the Tenable Nessus Terrascan End-of-Service FAQ for more information. Tenable Security Center What’s new in Tenable Security Center 6.7 See your environment more clearly and act faster on what matters most. This release delivers a modern, intuitive experience that improves usability, scalability, and efficiency across your operations. Here’s what’s new: Explore – Assets (Preview): Get a modern view of your assets with advanced filtering and improved navigation that helps you identify risks faster. Triggered Agent Scanning: Automate Tenable Agent scans based on conditions you define, so you can catch vulnerabilities sooner and respond confidently. Credential Verification Scan Policy: Quickly validate Windows and Unix credential pairs with a built-in template that confirms authentication success. Performance and Reporting Enhancements: Experience faster scan ingestion, faster reporting, and improved backend performance that keeps pace with your team. Before you upgrade: Tenable Security Center 6.7 supports upgrades from version 6.3.0 and later. Hardware specifications are updated for this release. Systems below the new recommendations will still upgrade successfully, but performance may vary. Upgrade now to take advantage of these improvements and keep your environment running at peak performance. Read the release notes or upgrade now. Patches for Tenable Security Center Address recent vulnerabilities by applying two security patches: 202509.2.1 (resolves Critical SimpleSAML CVEs) and 202509.1 (resolves High PostgreSQL CVEs). You need manual installation for both. The Software Updates feature is not compatible with these patches. Key requirements: Compatibility: Patch 202509.2.1 applies to SC 6.4 through 6.6. Patch 202509.1 applies to SC 6.5.1 and 6.6.0. Prerequisite: If you are on SC 6.5.0, you must first upgrade to 6.5.1. Upgrade Note: Patch 202509.2.1 may impact future SC upgrades. See this KB article for more information. See the Release Notes and advisories (TNS-2025-20 and TNS-2025-18) for full details and download the patches here. Tenable Patch Management Tenable Patch Management now available in the cloud! We’re excited to announce that Tenable Patch Management is now available in the cloud. It’s easily accessible through your Tenable Workspace. This version includes all the great features you’ve grown to love in the on-premises version of Tenable Patch Management. Please note: if you’re currently on an on-premises version of Tenable Patch Management and would like to migrate to the cloud version, please contact your account team. See a list of third-party applications covered here and note that we are always adding more. For more information, please read the Tenable documentation and release notes. Tenable OT Security Fortify your CPS security posture with Tenable OT Security 4.4 The latest version of Tenable OT Security is now available, designed to give you a more integrated, efficient, and comprehensive view of your operational environment. New features and enhancements in this release include: Unified enterprise reporting for your exposure management program: Sync OT asset tags directly to Tenable One and Tenable Security Center to enrich your enterprise-wide security workflows with critical OT context. Reduced alert fatigue: A new Policy Violations dashboard unifies disparate alerts into actionable insights to help you focus on your most critical exposures first. Deep visibility for specialized environments: Gain granular asset details on sensitive devices by importing PLC project files (starting with Rockwell Automation) without active queries. We’ve also added support for Foxboro DCS and VXLAN environments. Streamlined workflows and sensor configuration: A new workflow helps you easily find and merge duplicate assets for a more accurate inventory, while a simplified sensor configuration reduces deployment complexity. Review the full release notes to learn more about what’s new and how to upgrade. Tenable Identity Exposure Tenable Identity Exposure (SaaS) v3.106 available now With this release, we’re strengthening our ability to surface the identity hygiene issues most likely to enable privilege abuse. The enhanced Password Weaknesses Indicator of Exposure now delivers deeper analysis and clearer guidance, so your teams can move faster from discovery to risk reduction. For full details, please review the release notes: https://docs.tenable.com/release-notes/Content/identity-exposure/saas/2025.htm Tenable Identity Exposure (On-Prem) v3.77.14 now shipping To support customers running complex or regulated environments, this update focuses on resilience and operational integrity. Improvements to RabbitMQ recovery and identity telemetry processing help ensure consistent, dependable analysis, so teams always have the visibility they need to act with confidence. Full release notes are available here. Tenable Ecosystem Tenable App for Microsoft Sentinel v3.1.1 This update for the Tenable App for Microsoft Sentinel v3.1.1 includes: Azure Gov Cloud support with a dedicated link on the Data Connector UI for Azure Gov Cloud. Update to the Azure Sentinel Tenable Vulnerability Management Connector’s Function Extension Bundle to the latest version. Improved performance and general bug fixes. For more details, check out the Tenable documentation and visit the Azure Marketplace to download. Note: this application is also available via Microsoft Azure Gov Cloud marketplace. Tenable Web Application Scanning Scan management just got smarter Two features, Scan by Tag and Add New Application, are now available. These fundamentally change how you manage and scan your web application portfolio, shifting your focus from individual scans to application-centric security. Scan by Tag: Now use your established tagging structure to define scan targets. You no longer need to manually enter or maintain extensive lists of web applications for every scan. By leveraging tags, you ensure consistency, making it easier to manage RBAC and efficiently filter and organize your scan data. Tags are configured in the "Settings" page. Add New Application: You have the power to define your applications manually or via the API before scanning them. This lets you define targets with greater precision, using criteria like port, protocol, or path in addition to the FQDN. By defining your application targets upfront, you ensure scan results consolidation into the correct, cumulative application data, for more accurate and meaningful findings. For more details, please refer to the Documentation and the Release Notes. Tenable Enclave Security Tenable Enclave Security: Now available as a hosted FedRAMP High and IL5 offering Tenable Enclave Security is now available as a hosted and managed solution for high security environments, delivered in partnership with Tenable partner, UberEther. This new offering brings the power of Tenable Security Center and container security to the cloud with full FedRAMP High and DoD IL5 compliance. For more information review the UberEther FedRAMP Marketplace listing, or read our latest blog to learn why container security is critical in restricted environments. Tenable Connect New in Tenable Connect: Innovators Roundtable We're excited to announce the launch of a new Tenable Connect group designed to foster a stronger community and enhance knowledge sharing: Innovators Roundtable. This group is dedicated to maximizing the value and success of our platform through active collaboration and the sharing of knowledge. A central hub for our most forward-thinking users to exchange cutting-edge resources, share best practices, and collectively push the boundaries of platform utilization. Join the conversation! Join the group today to learn and grow with your peers. Tenable Training and Product Education No-cost course: Introduction to Tenable Web Application Scanning Learn how to secure your web applications with Tenable’s new free, interactive on-demand course. You’ll explore how Tenable Web App Scanning differs from traditional vulnerability management, discover its key capabilities and sensors, and see demos of scan setup and results analysis in Tenable Vulnerability Management and the Tenable One Exposure Management Platform. Available now on Tenable University for everyone! Tenable Webinars Tune in for product updates, demos, how-to advice, and Q&A. See all upcoming live and on-demand webinars at https://www.tenable.com/webinars. Live customer workshops: November 25 & 26, 2025 (EMEA): Hands-on workshops on Tenable One Connectors. December 3, 2025: From fundamentals to focus (EMEA): Strengthening identity and access management in the Cloud. On-demand Escape the patching cycle. A guide to autonomous risk-based patching. Securing the future of AI in your enterprise. Policy frameworks that balance opportunity and oversight. Beyond the endpoint: Exposure management that’s proactive (EMEA). Why endpoint-first vulnerability management isn’t enough. (EMEA session) Nov. 4, 2025: Nessus customer update. Web application scanning with Nessus Expert. Nov. 4, 2025: Tenable OT Security customer update. What’s new in Tenable OT Security 4.4 and a sneak peek of Tenable OT Security 4.5. Nov. 5, 2025: Tenable Vulnerability Management customer update. Best practices for role-based access control (RBAC). Nov. 5, 2025: Tenable Web App Scanning Management customer update. Using WAS to identify and assess AI in your web applications. Nov. 6, 2025: Tenable One customer update. Third-party data in Tenable One. Nov. 6, 2025: Tenable Security Center customer update. How to automate reporting and remediation with alerts. Live Customer Office Hours These are recurring ask-me-anything sessions for Tenable Security Center, Tenable Vulnerability Management, Tenable Cloud Security, Tenable Identity Exposure, and Tenable OT Security. Time zone-appropriate sessions are available for the Americas, Europe (including the Middle East and Africa), and Asia Pacific (APJ). Learn more and register here. Tenable Research Research blog posts Why Early Visibility Matters: Risk Lurks in the Vulnerability Disclosure Gaps F5 BIG-IP Breach: 44 CVEs That Need Your Attention Now Frequently Asked Questions About The August 2025 F5 Security Incident CVE-2025-61882: Frequently Asked Questions About Oracle E-Business Suite (EBS) Zero-Day and Associated Vulnerabilities Oracle October 2025 Critical Patch Update Addresses 170 CVEs< Microsoft’s October 2025 Patch Tuesday Addresses 167 CVEs (CVE-2025-24990, CVE-2025-59230) Tenable Discovers Critical Vulnerabilities in SimpleHelp Tool: CVE-2025-36727 and CVE-2025-36728 Content coverage highlights Almost 6,000 new vulnerability plugins published, including new detections for the recent F5 BIG-IP Breach! More than 90 new audits delivered to customers! Documentation Read Tenable documentation.
May 2025 Product Update Newsletter
A truncated version of our May product update newsletter follows. To read the full document, which includes updates for Tenable One, Tenable Cloud Security, Tenable Identity Exposure, Tenable OT Security, Tenable Vulnerability Management, Tenable Security Center, Nessus, Patch Management, and more, click here. Tenable One New! Unified Navigation for a Seamless User Experience We are excited to bring you the latest update of Tenable One! This release focuses on maximizing your Exposure Management program by unifying vision, insight, and action across the attack surface. These enhancements include: Streamlined navigation across Tenable One: Easily access key areas like Exposure View, Exposure Signals, Inventory, and Attack Paths from a single location, allowing you to retrieve information faster and more efficiently. New Overview page: Quickly gain high-level insights into the health of critical coverage areas, including exposure scores, assets, attack path matrix, and weakness breakdowns. Enhanced user experience: Enjoy a more intuitive and seamless experience for specific capabilities within Tenable One. New Installed Software page: Easily view software vendors and versions throughout your environment. Pinpoint specific pieces of software, versions, devices, and file paths to enhance discovery and streamline remediation efforts. These changes are now live and ready within your container! To quickly get up to speed, please check out this interactive demo. New! All your security data. All in one place. We’ve introduced powerful new capabilities to elevate your exposure management program. These deliver unified risk visibility, deeper context, and comprehensive reporting across your entire risk landscape. What’s new: Tenable One Connectors: Integrate data from across your security stack into Tenable One to gain complete visibility and context across your attack surface—all within a single platform. Enhancing your Tenable One experience with third-party data gives you: A single, unified inventory of your assets and risk data. Richer context within Exposure Signals to support cross-domain prioritization. Consolidated exposure cards that present a complete view of risk across your environment. Sign up for Connectors See guided demo Explore available connectors Unified Dashboards Easily analyze, track, and share key risk insights across your environment, enabling smarter, more efficient security operations. Unified dashboards include: Pre-built dashboards – Get immediate, actionable insights with best-practice dashboards for common security use cases. Custom dashboards – Use over 40+ widgets to create dashboards tailored to any audience or need. Custom widgets – Develop bespoke widgets that highlight the metrics and data points that matter most to you. Share and collaborate - Make dashboards private or team-accessible, and export them in multiple formats for seamless collaboration. See guided demo Tenable Identity Exposure You Don’t Need More Data — You Need Insights Now available: Identity Insights has launched in the SaaS version of Tenable Identity Exposure — delivering centralized visibility into risks across your identity fabric (Active Directory and Entra ID). This powerful new visualization acts as a command center for security teams to quickly prioritize and address the most critical identity threats. What’s included: Top Risk & Exposure Signals widgets: These widgets surface the most severe indicators of exposure (IOEs) and aggregated risk scenarios using prebuilt insights and custom queries via ExposureAI. Historical risk trends: Track recurring risks over time, identify resurfaced threats, and demonstrate security improvements. Identity demographics: Visualize risk across privileged, service or dormant accounts to better prioritize protection efforts. Fast-action remediation: Use the "If You Only Have 5 Minutes" widget to jump into the most urgent findings. Exportable reports: Generate professional-grade reports with one click to support audits and stakeholder communications. With Insights, security teams move from fragmented data to an actionable overview — saving time, reducing risk, and improving security posture. Check out the Tenable Identity Exposure user guide for more information. Tenable Cloud Security Reminder: You must be logged in to view Tenable Cloud Security documentation. If you need a login or wish to try Tenable Cloud Security, contact your account manager or request a demo. Just-in-Time (JIT) access is now available for all Tenable Cloud Security users. Tenable customers can use their existing (or future) Tenable Cloud Security license to enable and use JIT – with no separate procurement needed! JIT is automatically included with all existing licenses: Enterprise, Standard and CIEM. JIT eliminates standing permissions and reduces cloud risk with on-demand, time-bound access to cloud accounts and identity provider (IdP) groups. See the demo and explore use cases to understand how JIT works and streamlines approvals including by integrating with collaboration platforms like Slack and Microsoft Teams. Unified search and in-product documentation—directly in the Console. Tenable Cloud Security now offers context-aware guidance in the Console, making it easier to find what you need. Queries in the search bar return results across all resources, policies, pages, documentation, and vulnerabilities. In-product documentation is now also accessible directly in the Console through unified search and contextual help links, providing context-aware guidance where you need it. See the documentation for more details. Define projects by resource tags and Azure resource groups. Building on the Projects feature announced in the March 2025 newsletter, Tenable Cloud Security now enables you to scope projects using resource tags (across all Tenable-supported cloud providers) and Azure resource group name patterns. This enhancement provides greater flexibility and granularity in organizing projects based on how your cloud environments are structured: by team, business function, or application boundary. The evolving Projects capability supports stronger cloud security maturity by reducing fragmented visibility and siloed inventories, with dedicated views of resources and security findings, and project-specific dashboards for each team. See the documentation for more details. Enhanced CVSS scoring support with CVSS v4 priority. When multiple CVSS versions are available for a vulnerability, CVSS v4 is prioritized to ensure the severity assessment is the most current and precise. It offers improved accuracy, flexibility, and contextual awareness, enabling better prioritization and automation than CVSS v3. Enhanced 3rd-party support for Microsoft Entra ID apps. Tenable now offers greater IAM visibility for Azure users through enhanced Microsoft Entra ID third-party application mapping, with support for more than 350 applications. From the third-party widget in the IAM Dashboard, you can select a vendor per cloud component and navigate directly to the Identity Intelligence page, filtered by that vendor. You can also now view vendor details for each application in the Microsoft Entra ID Application Inventory page, making it easier to manage third-party applications across your environment. >> To read the rest of the May newsletter, click here.
What's New in Tenable One: October 2025 Release
Hey all! :) This month’s release delivers greater visibility, faster analysis, and more flexibility across APA and Inventory to help you manage risk with ease. Release highlights: APA Enhanced Public APIs: We’ve improved our public APIs with a higher chunk limit and standardized naming conventions, ensuring smoother integrations and a more consistent experience. Inventory Export: Easily export asset and finding information to CSV or JSON, making it simpler to share insights and collaborate across teams. APA New Filters: Analyze paths and techniques more efficiently with new filtering options, including MITRE ID and “Archived by User,” for faster, more focused investigations. See all platform enhancements >>Unify security data, tools, and teams with new Tenable One features
Managing risk across multiple security tools just got a whole lot easier! Tenable One is enhancing its leadership in exposure management with the introduction of third-party connectors and unified dashboards, giving security teams unified visibility and deeper insights across the entire attack surface—all from a single platform. See the guided demo Why we think you'll love it: ✔ Break down silos – Gain unified exposure visibility and context and manage risk from a single platform, across Tenable and 3rd-party tool data. ✔ Prioritize what matters most – Uncover toxic risk combinations based on data from all of your tools across your attack surface. ✔ Holistic risk analysis – Use a single platform for reporting on all risk and exposure findings across your environment. Read more here or contact Tenable Customer Care or a member of your account team for more information.