Tenable Post-Quantum Cryptography Inventory Support
Summary The advent of quantum computing presents a significant threat to current cryptographic algorithms. Organizations worldwide are beginning the critical transition to post-quantum cryptography (PQC) resistant algorithms to ensure long-term data security. Government mandates, such as the U.S. National Security Memorandum 10 (NSM-10), outlines deadlines for PQC migration and specific actions agencies must take to migrate vulnerable systems. Our PQC support is designed to help customers inventory use of TLS and SSH quantum-resistant and vulnerable algorithms within their infrastructure using remote Nessus-based scans. Cipher Inventory and Reporting Post-Quantum Cipher Plugins Two remote-based scan informational reporting plugins for TLS and SSH protocols inform customers of their transition posture according to NIST Post-Quantum Encryption Standards. Services Using Post Quantum Cryptography: Reports on services equipped with at least one post-quantum cipher. It will specify which post-quantum ciphers were discovered, reporting by port and protocol. Services Not Using Post Quantum Cryptography: Reports on services that support no post-quantum ciphers. These plugins will be enabled by default and included in existing scans. Cryptographic Inventory Plugin Reporting To enable a JSON-based inventory of each target by service and cipher, enable through either a preference on your Advanced Network Scan or by running the Cryptographic Inventory scan template. These preferences will initially be supported in Nessus and Tenable Vulnerability Management. They are planned to be added to Tenable Security Center at a later date. Warning: Enabling this preference through the Advanced Network Scan is expected to increase the overall size of the plugin output per target and resulting Nessus database size. If you do not need to produce this inventory at all or on your regular scan cadence, it’s recommended to instead run the Cryptographic Inventory scan template to decrease the potential impact to your normal scan results. Options to Enable Inventory Reporting Advanced Scan Preference Post Quantum Cryptography Scan Template Cryptographic Inventory Plugin Details The plugin enabled with the preference or scan template is an information plugin called Target Cipher Inventory. Within the output of this plugin, you will find a JSON structure containing the TLS and SSH inventories for the scanned target. You can export this inventory based on plugin output using the Tenable API if needed. For TLS, the structure contains: Attribute Definition Encaps Protocol encapsulation employed such as TLSv1, TLSv2, TLSv3 Port Port used for TLS communication Curve Group Encryption method Ciphersuite Algorithm used to secure the TLS connection For SSH, the structure contains: Attribute Definition Proto Protocol of SSH Port Port used for SSH communication Name Algorithm used to secure the protocol Type Use of the named algorithm such as “message auth” Release Date Tenable Vulnerability Management and Tenable Nessus: December 8, 2025 Tenable Security Center: - December 8, 2025 for the informational plugins - Cryptographic Inventory scan template release to be determined
November 2025 Tenable Product Newsletter
Greetings! Check out our November newsletter to learn about the latest product and research updates, upcoming and on-demand webinars and educational content — all to help you get more value from your Tenable solutions. Tenable One What’s new in Tenable One: October 2025 release This month’s release delivers greater visibility, faster analysis, and more flexibility across APA and Inventory to help you manage risk with ease. APA enhanced public APIs: We’ve improved our public APIs with a higher chunk limit and standardized naming conventions for smoother integrations and a more consistent experience. Inventory export: Easily export asset and finding information to CSV or JSON, so it’s simpler to share insights and collaborate across teams. APA new filters: Analyze paths and techniques more efficiently with new filtering options, including MITRE ID and “Archived by User,” for faster, more focused investigations. Create tickets in inventory findings: Drive action across all your assets in Tenable One by creating a direct link between security findings and workflows to improve collaboration and accelerate response times. See all platform enhancements. Tenable is named a Leader in the first-ever Gartner® Magic Quadrant™ for Exposure Assessment Platforms We believe Tenable’s recognition as a Leader, positioned highest in Ability to Execute and furthest in Completeness of Vision among all vendors evaluated, is validation of the path we've forged together with our customers. Together, we’re redefining exposure management. This exciting report comes on the heels of both the IDC MarketScape: Worldwide Exposure Management 2025 Vendor Assessment and The Forrester Wave™: Unified Vulnerability Management, Q3 2025. Tenable is the only vendor recognized as a Leader across all three of these trusted industry reports. Tenable Cloud Security Reminder: Tenable Cloud Security requires that you log in to view documentation and release notes. To try/see the product, contact your account manager or request a demo. Accelerate your cloud security maturity! Now launched: Tenable Cloud Vulnerability Management! This new offering, part of Tenable One, delivers foundational risk prevention and container security for hybrid environments, granting vulnerability management stakeholders key capabilities to: Achieve an agentless inventory of all cloud virtual machines, images and containers Unify vulnerability risk visibility across on-premises and multi-cloud environments Receive clear remediation steps for closing risk while laying the foundation for a holistic exposure management program tomorrow Tenable Cloud Vulnerability Management extends the power of Tenable's leading vulnerability management expertise directly into the cloud for consistent security controls across your entire attack surface. New, actionable use cases to accelerate your cloud security program: Enforce least privilege across cloud identities Mitigate the blast radius of vulnerabilities New Tenable research/accolades: New AI discovery: 7 novel AI vulnerabilities in ChatGPT New insights brief from our State of the Cloud and AI Security research Named CTEM Leader in Latio’s 2025 Cloud Security Market Report Console New finding insights widgets: See risk and response at a glance. Get sharper visibility into your cloud risk posture with new widgets for findings, trending, mean time to resolve (MTTR), and resolved findings. Quickly spot patterns, track progress, and measure response efficiency, all from your dashboard. These new measurement tools equip you to better assess and quantify your cloud security program’s progress and response efficiency. Smarter, custom dashboards for deeper, side-by-side insights: Go beyond static views. Apply granular filters to dashboard widgets, further customization of your dashboards to address your specific needs. Add the same widget multiple times with different filters to instantly reveal insights such as severity trends, without navigating away. Bulk resource labeling: Organize at scale in seconds. Save time and maintain a clean cloud inventory. Apply one or more custom labels to multiple resources at once, like tagging all Production EC2 instances in a single action, for faster organization, enriched context, and more efficient reporting. These features contribute to an ever-more tailored solution, giving you the flexibility to secure your dynamic cloud environment while meeting your operational needs. Data Snowflake data scanning: Find sensitive data fast, now in Snowflake. Tenable Cloud Security now supports inventory and data protection for Snowflake, scanning the platform to detect and classify sensitive data, and give visibility into where critical data lives and if it’s at risk. Reduce your exposure across this popular cloud data platform. Learn more in the Snowflake FAQ in the Documentation. Workload Smarter Linux vulnerability detection: No more noise. Tenable now improves Linux vulnerability detection by ignoring unused kernel versions left after upgrades. Expect fewer unnecessary findings and a clearer picture of the real risks affecting your Linux workloads. Identity IAM access visibility: Spot high-risk resources fast. The IAM Access Level column in Inventory now covers both Azure and AWS. See the highest (maximum) access level any principal has to a resource across your multicloud environment, quickly identify publicly or externally exposed resources, and reduce the risk of over-permissioned accounts. Upcoming changes New network scanning: We’re excited to inform all Tenable Cloud Security users that, starting in December, a powerful new network scanner capability will be available, activated by default. This feature improves your cloud visibility by actively verifying which resources are truly reachable from the internet. It also helps prioritize verified risks more effectively and reduce false positives, so your teams can focus on what truly matters. No further configuration needed. Find results under Inventory > Network Endpoints. To opt out, please go to Settings > Cloud Security > Network > Scanner. Tenable Vulnerability Management Get control over vulnerability exceptions with query-based recast You need to trust your vulnerability data, and that means your exceptions must be spot-on. We've enhanced Tenable Vulnerability Management with Query-Based Recast to give you the precision and automation necessary to confidently manage your risk posture. Here’s how you gain control and speed: Gain precision: Create highly granular vulnerability exceptions using 14 new criteria like Asset Tags, CVEs, networks and multiple plugins. You define the rule exactly, so your exceptions are exactly right. Simplify management: The modernized Rules Management experience now helps you avoid administrative headaches. You see Related Rules upfront, which means you eliminate confusing, conflicting policy outcomes before they take effect. Automate your workflow: Use the new Recast API to fully automate the creation and deployment of your Recast rules. You can integrate exception management directly into your existing security and ticketing workflows. Streamline your operations and get to a more accurate view of your risk faster. Read the Release Notes and review the Documentation. Accelerate your plugin deployment Significantly speed up plugin testing and deployment using the new Accelerated Plugin Updates toggle in agent profiles. When enabled, your agents check in more frequently, about every 33 minutes, to rapidly detect changes to the "Select Plugin set from the last 30 days" scheduling setting. This allows you to quickly push the latest plugins to production systems to minimize deployment latency. For more information, see documentation. Centralized management with scanner profiles Streamline scanner management using new Scanner Profiles, mirroring the functionality of Agent Profiles. Access this feature on the Sensors page under the Scanners menu. Profiles enable you to centrally control: Disabling scanner software version updates Pinning the scanner software version Configuring declarative plugin scheduling options This control simplifies maintenance and ensures consistency across your deployment. Note that Nessus scanners version 10.10.0 and above support this feature. For details, see the Release Note and User Guide. Nessus Tenable Nessus 10.10 now available We released Tenable Nessus 10.10, which includes a new global scan timeout setting so you can define a maximum duration for a host scan for greater control over scan windows. See the release notes for more details on new features and performance enhancements. Additionally, Terrascan has been removed from all standalone Nessus products. iIt is no longer supported. Refer to the Tenable Nessus Terrascan End-of-Service FAQ for more information. Tenable Security Center What’s new in Tenable Security Center 6.7 See your environment more clearly and act faster on what matters most. This release delivers a modern, intuitive experience that improves usability, scalability, and efficiency across your operations. Here’s what’s new: Explore – Assets (Preview): Get a modern view of your assets with advanced filtering and improved navigation that helps you identify risks faster. Triggered Agent Scanning: Automate Tenable Agent scans based on conditions you define, so you can catch vulnerabilities sooner and respond confidently. Credential Verification Scan Policy: Quickly validate Windows and Unix credential pairs with a built-in template that confirms authentication success. Performance and Reporting Enhancements: Experience faster scan ingestion, faster reporting, and improved backend performance that keeps pace with your team. Before you upgrade: Tenable Security Center 6.7 supports upgrades from version 6.3.0 and later. Hardware specifications are updated for this release. Systems below the new recommendations will still upgrade successfully, but performance may vary. Upgrade now to take advantage of these improvements and keep your environment running at peak performance. Read the release notes or upgrade now. Patches for Tenable Security Center Address recent vulnerabilities by applying two security patches: 202509.2.1 (resolves Critical SimpleSAML CVEs) and 202509.1 (resolves High PostgreSQL CVEs). You need manual installation for both. The Software Updates feature is not compatible with these patches. Key requirements: Compatibility: Patch 202509.2.1 applies to SC 6.4 through 6.6. Patch 202509.1 applies to SC 6.5.1 and 6.6.0. Prerequisite: If you are on SC 6.5.0, you must first upgrade to 6.5.1. Upgrade Note: Patch 202509.2.1 may impact future SC upgrades. See this KB article for more information. See the Release Notes and advisories (TNS-2025-20 and TNS-2025-18) for full details and download the patches here. Tenable Patch Management Tenable Patch Management now available in the cloud! We’re excited to announce that Tenable Patch Management is now available in the cloud. It’s easily accessible through your Tenable Workspace. This version includes all the great features you’ve grown to love in the on-premises version of Tenable Patch Management. Please note: if you’re currently on an on-premises version of Tenable Patch Management and would like to migrate to the cloud version, please contact your account team. See a list of third-party applications covered here and note that we are always adding more. For more information, please read the Tenable documentation and release notes. Tenable OT Security Fortify your CPS security posture with Tenable OT Security 4.4 The latest version of Tenable OT Security is now available, designed to give you a more integrated, efficient, and comprehensive view of your operational environment. New features and enhancements in this release include: Unified enterprise reporting for your exposure management program: Sync OT asset tags directly to Tenable One and Tenable Security Center to enrich your enterprise-wide security workflows with critical OT context. Reduced alert fatigue: A new Policy Violations dashboard unifies disparate alerts into actionable insights to help you focus on your most critical exposures first. Deep visibility for specialized environments: Gain granular asset details on sensitive devices by importing PLC project files (starting with Rockwell Automation) without active queries. We’ve also added support for Foxboro DCS and VXLAN environments. Streamlined workflows and sensor configuration: A new workflow helps you easily find and merge duplicate assets for a more accurate inventory, while a simplified sensor configuration reduces deployment complexity. Review the full release notes to learn more about what’s new and how to upgrade. Tenable Identity Exposure Tenable Identity Exposure (SaaS) v3.106 available now With this release, we’re strengthening our ability to surface the identity hygiene issues most likely to enable privilege abuse. The enhanced Password Weaknesses Indicator of Exposure now delivers deeper analysis and clearer guidance, so your teams can move faster from discovery to risk reduction. For full details, please review the release notes: https://docs.tenable.com/release-notes/Content/identity-exposure/saas/2025.htm Tenable Identity Exposure (On-Prem) v3.77.14 now shipping To support customers running complex or regulated environments, this update focuses on resilience and operational integrity. Improvements to RabbitMQ recovery and identity telemetry processing help ensure consistent, dependable analysis, so teams always have the visibility they need to act with confidence. Full release notes are available here. Tenable Ecosystem Tenable App for Microsoft Sentinel v3.1.1 This update for the Tenable App for Microsoft Sentinel v3.1.1 includes: Azure Gov Cloud support with a dedicated link on the Data Connector UI for Azure Gov Cloud. Update to the Azure Sentinel Tenable Vulnerability Management Connector’s Function Extension Bundle to the latest version. Improved performance and general bug fixes. For more details, check out the Tenable documentation and visit the Azure Marketplace to download. Note: this application is also available via Microsoft Azure Gov Cloud marketplace. Tenable Web Application Scanning Scan management just got smarter Two features, Scan by Tag and Add New Application, are now available. These fundamentally change how you manage and scan your web application portfolio, shifting your focus from individual scans to application-centric security. Scan by Tag: Now use your established tagging structure to define scan targets. You no longer need to manually enter or maintain extensive lists of web applications for every scan. By leveraging tags, you ensure consistency, making it easier to manage RBAC and efficiently filter and organize your scan data. Tags are configured in the "Settings" page. Add New Application: You have the power to define your applications manually or via the API before scanning them. This lets you define targets with greater precision, using criteria like port, protocol, or path in addition to the FQDN. By defining your application targets upfront, you ensure scan results consolidation into the correct, cumulative application data, for more accurate and meaningful findings. For more details, please refer to the Documentation and the Release Notes. Tenable Enclave Security Tenable Enclave Security: Now available as a hosted FedRAMP High and IL5 offering Tenable Enclave Security is now available as a hosted and managed solution for high security environments, delivered in partnership with Tenable partner, UberEther. This new offering brings the power of Tenable Security Center and container security to the cloud with full FedRAMP High and DoD IL5 compliance. For more information review the UberEther FedRAMP Marketplace listing, or read our latest blog to learn why container security is critical in restricted environments. Tenable Connect New in Tenable Connect: Innovators Roundtable We're excited to announce the launch of a new Tenable Connect group designed to foster a stronger community and enhance knowledge sharing: Innovators Roundtable. This group is dedicated to maximizing the value and success of our platform through active collaboration and the sharing of knowledge. A central hub for our most forward-thinking users to exchange cutting-edge resources, share best practices, and collectively push the boundaries of platform utilization. Join the conversation! Join the group today to learn and grow with your peers. Tenable Training and Product Education No-cost course: Introduction to Tenable Web Application Scanning Learn how to secure your web applications with Tenable’s new free, interactive on-demand course. You’ll explore how Tenable Web App Scanning differs from traditional vulnerability management, discover its key capabilities and sensors, and see demos of scan setup and results analysis in Tenable Vulnerability Management and the Tenable One Exposure Management Platform. Available now on Tenable University for everyone! Tenable Webinars Tune in for product updates, demos, how-to advice, and Q&A. See all upcoming live and on-demand webinars at https://www.tenable.com/webinars. Live customer workshops: November 25 & 26, 2025 (EMEA): Hands-on workshops on Tenable One Connectors. December 3, 2025: From fundamentals to focus (EMEA): Strengthening identity and access management in the Cloud. On-demand Escape the patching cycle. A guide to autonomous risk-based patching. Securing the future of AI in your enterprise. Policy frameworks that balance opportunity and oversight. Beyond the endpoint: Exposure management that’s proactive (EMEA). Why endpoint-first vulnerability management isn’t enough. (EMEA session) Nov. 4, 2025: Nessus customer update. Web application scanning with Nessus Expert. Nov. 4, 2025: Tenable OT Security customer update. What’s new in Tenable OT Security 4.4 and a sneak peek of Tenable OT Security 4.5. Nov. 5, 2025: Tenable Vulnerability Management customer update. Best practices for role-based access control (RBAC). Nov. 5, 2025: Tenable Web App Scanning Management customer update. Using WAS to identify and assess AI in your web applications. Nov. 6, 2025: Tenable One customer update. Third-party data in Tenable One. Nov. 6, 2025: Tenable Security Center customer update. How to automate reporting and remediation with alerts. Live Customer Office Hours These are recurring ask-me-anything sessions for Tenable Security Center, Tenable Vulnerability Management, Tenable Cloud Security, Tenable Identity Exposure, and Tenable OT Security. Time zone-appropriate sessions are available for the Americas, Europe (including the Middle East and Africa), and Asia Pacific (APJ). Learn more and register here. Tenable Research Research blog posts Why Early Visibility Matters: Risk Lurks in the Vulnerability Disclosure Gaps F5 BIG-IP Breach: 44 CVEs That Need Your Attention Now Frequently Asked Questions About The August 2025 F5 Security Incident CVE-2025-61882: Frequently Asked Questions About Oracle E-Business Suite (EBS) Zero-Day and Associated Vulnerabilities Oracle October 2025 Critical Patch Update Addresses 170 CVEs< Microsoft’s October 2025 Patch Tuesday Addresses 167 CVEs (CVE-2025-24990, CVE-2025-59230) Tenable Discovers Critical Vulnerabilities in SimpleHelp Tool: CVE-2025-36727 and CVE-2025-36728 Content coverage highlights Almost 6,000 new vulnerability plugins published, including new detections for the recent F5 BIG-IP Breach! More than 90 new audits delivered to customers! Documentation Read Tenable documentation.
Tenable Patch Management TPM SaaS is Now Live [GA Announcement]
Release Date: November 17, 2025 We are thrilled to announce that Tenable Patch Management TPM is now available as a fully managed SaaS solution. For too long, IT and Security teams have been stuck in a paradox. Security demands speed to reduce risk, while IT demands stability to ensure uptime. This friction creates a dangerous gap between vulnerability discovery and remediation. Today, we are closing that gap. With the launch of TPM SaaS, you can now replace reactive, manual patching with autonomous, cloud-native remediation. By moving to the cloud, we are empowering your teams to shift their focus from maintaining patch servers to managing business risk. Why Move to the Cloud? Legacy on-premise tools like BigFix, Tanium, and SCCM were built for a different era. TPM SaaS offers a modern approach that is scalable, secure, and effortless to maintain. Zero Infrastructure Overhead Eliminate the need for on-prem hardware, database management, and manual maintenance. Our platform updates automatically, ensuring you always have the latest features without the downtime. Prioritize Risk, Not Volume Stop drowning in patch Tuesdays. TPM leverages Tenable’s Vulnerability Priority Rating VPR and Asset Criticality Rating ACR to automatically identify and remediate the vulnerabilities that pose the greatest risk to your specific environment. Global Scalability Whether you are a local business or a global enterprise, TPM SaaS scales instantly. We have launched with global data centers in the US, UK, Germany, Japan, Australia, and Singapore, ensuring low-latency performance and data sovereignty wherever you operate. Unmatched Coverage Secure your entire estate with industry-leading support for Windows, Linux, and macOS, covering over 20,000 third-party applications and 250,000 unique patches. Key Capabilities at a Glance Autonomous Set and Forget Policies: Define your risk tolerance and let the engine handle the rest. 100 Percent Granular Control: Maintain full authority with tiered deployments, rollbacks, and flexible approval workflows. Resilient Architecture: Built-in redundancy, failover, and our signature Peer-to-Peer (P2P) content distribution to protect your network bandwidth. Centralized Management: Manage admin accounts and identity providers OIDC SAML directly through the Tenable Workspace. Ready to Get Started? Stop managing servers. Start managing risk. Deliver fully autonomous, closed-loop remediation that finally bridges the gap between IT and Security. Start Now at https://www.tenable.com/products/patch-management Read the Release Notes at https://docs.tenable.com/release-notes/Content/patch-management/2025.htm Dive Deeper at https://docs.tenable.com/integrations/Tenable-Patch-Management/Content/welcome.htm – Tenable Patch Product ManagementGA Announcement – Tenable Patch Management v9.3.970.6 (On-Premise – Linux & macOS Coverage Release)
Release Date: October 14, 2025 Download: Get 9.3.970.6 here at https://www.tenable.com/downloads/tenable-patch-management) Changelog: View Release Notes here at https://docs.tenable.com/release-notes/Content/patch-management/2025.htm#Tenable-Patch-Management-9.3.970.6-(2025-10-14) Docs: Tenable Patch Management Documentation at https://docs.tenable.com/patch-management.htm We’re pleased to announce that Tenable Patch Management on-premise v9.3.970.6 is here! This major release brings expanded OS coverage and significant improvements to patching workflows across all platforms. This version also includes key enhancements to metadata automation, reboot handling, and overall performance. Note: We strongly recommend upgrading to version 9.3.970.6 to ensure continued coverage and reliability. Key Release Highlights: Linux Expanded OS Coverage: Now officially supporting more enterprise distributions, including: RHEL, Oracle, Alma, & Rocky Linux (versions 8, 9, 10) Debian (11, 12, 13) CentOS Stream (9, 10) Reboot Chaining: Added support for automated post-patch reboots, especially for kernel-level updates, to reduce manual intervention. Metadata Automation: Automatically generates repository metadata for enterprise Linux applications, ensuring version accuracy. macOS Expanded Apple Silicon Support: Full third-party patching support for M-Series devices running macOS 26 (Tahoe), macOS Sequoia (15), Sonoma (14), and Ventura (13). Vastly Improved 3rd-Party App Patching: Added metadata and patching for a wide range of business-critical apps. Please see list of apps here at https://docs.tenable.com/release-notes/Content/patch-management/2025.htm#Tenable-Patch-Management-9.3.970.6-(2025-10-14). Windows BIOS & Driver Patching: Enhanced support for BIOS and hardware driver updates from major vendors including Dell, HP, and Lenovo. Workflow Improvements: Folder-based operations now better utilize provided path context for more reliable actions. Questions? We’re a ping away! Reach us at connect.tenable.com. Thanks, Ahmad Maruf Tenable Ecosystem Product ManagementOctober 2025 Tenable Product Newsletter
Greetings! Check out our October newsletter to learn about the latest product and research updates, upcoming, and on-demand webinars and educational content — all to help you get more value from your Tenable solutions. Tenable One What's New in Tenable One: September 2025 Release This month's release delivers deeper visibility, faster analysis, and more flexibility in managing your organization's risk exposure. Dashboard data drill-down: Dive deeper into your dashboards. Investigate the data behind widgets, KPIs, and trends to validate insights and easily explore details. New dashboard widgets: The widget library now includes seven additional built-in widgets for more ways to visualize and analyze your exposure data. Global Search on Findings page: Build and run complex queries directly from the findings page to pinpoint the exact data you need without switching pages. Dedupe: Information order configuration: Control which sources take priority in property deduplication, so your asset inventory always reflects the most trusted data. See all platform enhancements >> Tenable Cloud Security Reminder: Tenable Cloud Security requires that you log in to view documentation and release notes. To try/see the product, contact your account manager or request a demo. New use cases and research insights Three new demonstrations of common Tenable Cloud Security uses to ease your path to cloudsec maturity: Ecosystem view of risk, Complete cloud lifecycle visibility and Cloud misconfiguration identification and remediation. Recently published Tenable research items: Gemini Trifecta: Read about the three (now-remediated!) vulnerabilities Tenable cloud research discovered within Google’s Gemini AI assistant suite. Security advisory: “Shai Hulud”: Find packages potentially compromised by this NPM supply chain attack flagged in your Tenable Console as “advisory vulnerabilities.” Take action: 1) Update/roll back affected packages. 2) Rotate secrets that may have been exposed. A new Insight Brief that explores key observations on complexity gleaned from our recent “State of the cloud & AI security” report. Platform: Usability and reporting/display enhancements Streamlined console navigation: Enjoy the new console navigation menu, fully redesigned for a more intuitive and efficient user experience. This major update helps you find the insights/tools you need faster. Column selection for inventory reports: Customize your inventory reports by selecting specific columns for inclusion. Create more focused, efficient reports with just the information you need. TV mode: View any dashboard in this full-screen, distraction-free mode. Use for continuous, real-time, operational display and broad visibility of security status. CWP - Workload protection Enhanced Vulnerability Priority Rating (VPR): Benefit from Tenable's enhanced VPR, now twice as efficient. Enable teams to focus on just the 1.6% of vulnerabilities posing real risk, with prioritization inclusive of industry/geo context. See the white paper. Improved coverage and accuracy in vulnerability detection: The addition of scoped NPM packages enhances visibility into Node.js workloads. No more flagging in unused kernel versions improves Linux workload vulnerability detection accuracy. Added granularity to Kubernetes workload vulnerability management: Directly map vulnerability findings in container images to specific Kubernetes workloads (e.g., EKS). This enhancement clarifies risk attribution and streamlines remediation by application or team. IAM - Identity and access management Configure trusted vendors: Tenable now lets you mark external vendors as trusted. This helps reduce finding severity and close toxic combinations, and focus monitoring on meaningful external access to make risk management more efficient. Learn more. Automatically remediate unused SSO permissions: Quickly identify and remove inactive SSO groups or users with a single click to streamline your risk mitigation process. This strengthens least-privilege enforcement and reduces identity risk. JIT - Just-In-Time Access Expanded Slack actions: We’ve enhanced Slack support with key actions available in the JIT Portal, including self-revoking active sessions and submitting recurring access requests. These updates make JIT workflows in Slack faster and more productive to drive adoption of this high-value feature. Read about JIT access here. Tenable Vulnerability Management Accelerate plugin testing with quicker agent updates Speed up your plugin testing workflows and deploy the most recent plugins faster using the new Accelerated Plugin Updates feature. This provides an additional toggle within your agent profiles. When enabled, the agent will check in more frequently than the default to look for any changes made to the plugin scheduling section “Select Plugin set from last 30 days.” This increased check-in frequency helps you shorten the time it takes to get tested plugins onto assets. Note that this feature only supports updates to the “Select Plugin set from last 30 days” setting, and does not impact any other plugin update configurations. Find more details in the documentation. Granular control with Agent scan by tag Achieve highly granular control over your vulnerability management by leveraging the new Agent Scan By Tag feature. This empowers you to target your agent scans using both the existing agent group criteria and the asset tags you have defined. This streamlines your scanning workflows by allowing you to zero in on specific asset environments, ownership groups, or criticality levels. Please note, this functionality is currently only supported for scheduled agent scans. To begin configuring your new, targeted scans, read the documentation or release notes. Tenable Nessus Nessus 10.10 Early Access for Nessus 10.10 includes the following features: Global timeout setting to define the maximum duration for a host scan. Support for the upcoming software and plugin updates via scanner profiles for Tenable Vulnerability Management-linked scanners. Support for the upcoming Tenable Vulnerability Management plugin download concurrency feature. Support for the upcoming CPU resource limit setting for Tenable Agents, which will be configurable via agent profiles in Tenable Nessus Manager. To opt in to Early Access, contact your Tenable representative or configure the Nessus Update Plan in the user interface. See release notes. Ended support for Terrascan in Nessus Tenable has ended support for the Terrascan feature, effective Sept. 30, 2025. Terrascan is no longer available for download or supported, and Tenable has removed all related Terrascan functionality from Tenable Nessus. Tenable recommends using Tenable Cloud Security for infrastructure as code (IaC) scanning going forward. For more information, see the Tenable Nessus Terrascan End-of-Service FAQ. Tenable Security Center What’s new in Tenable Security Center 6.7 See your environment more clearly and act faster on what matters most. This release delivers a modern, intuitive experience that improves usability, scalability, and efficiency across your operations. Here’s what’s new: Explore – Assets (Preview): Get a modern view of your assets with structured data, advanced filtering, and improved navigation that helps you identify risks faster. Triggered Agent scanning: Automate Tenable Agent scans based on conditions you define, so you can catch vulnerabilities sooner and respond confidently. Credential verification scan policy: Quickly validate Windows and Unix credential pairs with a built-in template that confirms authentication success. Performance and Reporting Enhancements: Experience faster scan ingest, improved reporting speed, and smoother backend performance that keeps up with your team. Before you upgrade: Version 6.7 supports upgrades from SC 6.3.0 and higher. Hardware specifications are updated for this release. Systems below the new recommendations will still upgrade successfully, but performance may vary. Upgrade now to take advantage of these improvements and keep your environment running at peak performance. Read the release notes or upgrade now. Patches for Tenable Security Center Address recent vulnerabilities by applying two security patches: 202509.2.1 (resolves Critical SimpleSAML CVEs) and 202509.1 (resolves High PostgreSQL CVEs). You need manual installation for both. The Software Updates feature is not compatible with these patches. Key requirements: Compatibility: Patch 202509.2.1 applies to SC 6.4 through 6.6. Patch 202509.1 applies to SC 6.5.1 and 6.6.0. Prerequisite: If you are on SC 6.5.0, you must first upgrade to 6.5.1. Upgrade Note: Patch 202509.2.1 may impact future SC upgrades. See this KB article for more information. See the release notes and advisories (TNS-2025-20 and TNS-2025-18) for full details and download the patches here. Tenable Patch Management Tenable Patch Management v9.3.969.2 (on-prem) We’re excited to announce Tenable Patch Management (On-Prem) 9.3.969.2. This release includes major feature upgrades, new database server requirements, quality improvements, critical security, and bug fixes across the platform. Key updates include: Cross-platform installation enhancements A new auto-upgrade process enables clients to seamlessly upgrade to match the server version (9.3+). Microsoft 365 Patching Support: Native support for Microsoft 365, Office 2024 LTS, 2024, 2021, Visio, and Project with delta Updates, to reduce monthly updates to 30-50MB from 3GB per language, saving up to 95% bandwidth. New Client Validation Tool to verify deployments For a list of covered third-party applications, please visit here and note that we are always adding more. For more information, please read the Tenable documentation and release notes and visit the downloads portal to download the latest version. Tenable OT Security Fortify your CPS security posture with Tenable OT Security 4.4 The latest version of Tenable OT Security is now available, designed to give you a more integrated, efficient, and comprehensive view of your operational environment. Key highlights in this release include: Unified enterprise reporting for your exposure management program: Sync OT asset tags directly to Tenable One and Tenable Security Center to enrich your enterprise-wide security workflows with critical OT context. Reduced alert fatigue: A new Policy Violations dashboard unifies disparate alerts into actionable insights to help you focus on your most critical exposures first. Deep visibility for specialized environments: Gain granular asset details on sensitive devices by importing PLC project files (starting with Rockwell Automation) without active queries. We’ve also added support for Foxboro DCS and VXLAN environments. Streamlined workflows and sensor configuration: A new workflow helps you easily find and merge duplicate assets for a more accurate inventory, while a simplified sensor configuration reduces deployment complexity. Review the full release notes to learn more about what’s new and how to upgrade. Tenable Identity Exposure Unified Exposure Center Get the full picture, faster. The Exposure Overview and Exposure Instances pages are now combined into a single Exposure Center for a simpler, more unified experience. With new quick filters, you can instantly focus on what matters most and cut through noise with ease. Streamlined IoA deployment Deploy indicators of attack (IoAs) more securely and efficiently. The updated process now uses a signed PowerShell launcher script stored in SYSVOL to reduce complexity and improve security. Plus, Group Policy (GPO) automatically deploys the Tenable certificate, so setup is smoother than ever. See Tenable Identity Exposure documentation. Tenable Ecosystem Tenable for ServiceNow update We’re excited to announce version 6.2.0 of the Tenable apps for ServiceNow, which now support Zurich. The Tenable apps now support Washington, Yokohama, and Zurich. We are sunsetting the Tenable.ot for VR application. Please utilize the ServiceNow built application Vulnerability Response Integration with Tenable. View full details here. For more details, read the ServiceNow User Guide and visit the ServiceNow Store for the appropriate Tenable apps for ServiceNow. Tenable Add-on for Splunk v8.0.1 We’ve updated the Tenable Add-on for Splunk v8.0.1 with general bug fixes, along with improved compliance data collection by preserving original fields. For more information, please read the Tenable documentation, and visit Splunkbase to download. Tenable Connect We're excited to announce a new case creation and management experience. This release will streamline how you open and track cases while leveraging Generative AI to improve search and help you find answers faster. Tenable Research Join Tenable’s Research Special Operations (RSO) team on Tenable Connect and engage with us in the Threat Roundtable group for further discussion on the latest cyber threats. Research security operations CVE-2025-20333, CVE-2025-20362: Frequently Asked Questions About Zero-Day Cisco Adaptive Security Appliance (ASA) and Firewall Threat Defense (FTD) Vulnerabilities Microsoft’s September 2025 Patch Tuesday Addresses 80 CVEs (CVE-2025-55234) How Tenable Found a Way To Bypass a Patch for BentoML’s Server-Side Request Forgery Vulnerability CVE-2025-54381 WordPress - WP Social Ninja exposed API Key WordPress - Feed Them Social exposed API Key BentoML CVE-2025-54381 (SSRF) Bypass Microsoft Learn MCP Server Server-Side Request Forgery Research release highlights Improved Printer Fingerprinting New Plugin Family: UnionTech Local Security Checks Machine Learning SinFP Model Updates for OS Fingerprinting Python Package Enumeration - Detection Updates Content coverage highlights Almost 6,000 new vulnerability plugins published, including new AI Aware detections and Shai-Hulud worm. More than 48 new audits delivered to customers! Tenable Training and Product Education Refreshed courses and better learning experience Explore the updated Introduction to Tenable Cloud Security and Introduction to Tenable Identity Exposure courses. They now feature a modernized interface and smoother navigation for an improved learning experience. Access these two no-cost courses, and many more on-demand options, anytime at Tenable University. Tenable Webinars Tune in for product updates, demos, how-to advice and Q&A. See all upcoming live and on-demand webinars at https://www.tenable.com/webinars Live Oct 22, 2025: Securing the future of AI in your enterprise. Policy frameworks that balance opportunity and oversight. Oct 22, 2025: Beyond the endpoint: Exposure management that’s proactive (EMEA). Why endpoint-first vulnerability management isn’t enough. (EMEA session) Nov. 4, 2025: Nessus customer update. Web application scanning with Nessus Expert. Nov. 4, 2025: Tenable OT Security customer update. What’s new in Tenable OT Security 4.4 and a sneak peek of Tenable OT Security 4.5. Nov. 5, 2025: Tenable Vulnerability Management customer update. Best practices for role-based access control (RBAC). Nov. 5, 2025: Tenable Web App Scanning Management customer update. Using WAS to identify and assess AI in your web applications. Nov. 6, 2025: Tenable One customer update. Third-party data in Tenable One. Nov. 6, 2025: Tenable Security Center customer update. How to automate reporting and remediation with alerts. On-demand Beyond the endpoint: Exposure management that’s proactive. Why endpoint-first vulnerability management isn’t enough. October Nessus customer update. Troubleshooting common Nessus issues. October Tenable Vulnerability Management customer update. Operationalizing AI Aware to discover Shadow AI in your environment. October Tenable One customer update. Identity security in an exposure management program. October Tenable Security Center customer update. In-depth guide to user roles and permissions. Customer office hours These are recurring ask-me-anything sessions for Tenable Security Center, Tenable Vulnerability Management, Tenable Cloud Security, Tenable Identity Exposure and Tenable OT Security. Time-zone-appropriate sessions are available for the Americas, Europe (including the Middle East and Africa and Asia Pacific (APJ). Learn more and register here. Tenable documentation Read Tenable documentation.
Tenable Security Center 6.7: Modern Visibility, Smarter Automation, Stronger Performance
With Tenable Security Center 6.7, you gain a faster, clearer, and more flexible way to manage vulnerabilities across your environment. This release modernizes the experience, strengthens automation, and improves performance to help you reduce risk more efficiently. What’s New: Explore – Assets (Preview): See your environment through a modernized interface with structured data, flexible filtering, and grouping tools that make asset analysis faster and easier. Get a walkthrough > Triggered Agent Scanning: Automate Tenable Agent scans using your own triggers—like time intervals or file changes—so vulnerabilities are found as soon as they appear. See in action > Credential Verification Scan Policy: Confirm that your Windows and Unix credentials are working as expected with a simple scan policy designed to verify authentication success. Watch demo on demand > What’s Improved: Consistent Asset Tracking: Asset tracking logic now matches Universal Repository behavior, giving you consistent visibility across IPv4 and IPv6 assets. Simplified Naming: Asset Lists are now Asset Tags, and object identifiers (formerly Tags) are now Labels for greater clarity. Smarter Scanning: Advanced scan policies can now toggle off new plugin families by default—so your customized scan policies don’t change unexpectedly. Get more details > More Accurate Results: Configure Freeze Windows to mark scans as Complete (not Partial) when impacted, so you always get full visibility into your results. See more here > Optimized Performance: Enjoy faster scan ingest and query performance, plus improved PostgreSQL security and efficiency. Expanded Integrations: Use updated PAM support for BeyondTrust and VMware vCenter, along with enhanced Red Hat repository mapping capabilities (more information is available here). Before You Upgrade: You can upgrade directly from Security Center 6.3.0 or higher. Hardware specifications have been updated—systems below the new recommendations will still upgrade, but performance may vary. Tenable Support can help you fine-tune configurations if needed. Important Changes in 6.7.0: Web Application Scanning via Nessus is deprecated. Move your web app scanners to Tenable Core or Docker-based scanners. Kubernetes deployment support ends in this version. Security Center Kubernetes customers will migrate to Tenable Enclave Security, which delivers a secure, modern foundation for Kubernetes-based environments. With these updates, you’ll gain a more responsive, scalable, and unified way to secure your environment—helping you move from detection to action with greater speed and confidence. [Read the Full Release Notes] or [Upgrade Now]September 2025 product newsletter
Greetings. Check out our September newsletter to learn about the latest product and research updates, upcoming and on-demand webinars and educational content — all to help you get more value from your Tenable solutions. NEW! Tenable AI Exposure We have officially launched Tenable AI Exposure. It helps you see, secure and manage how your organization uses AI tools like ChatGPT Enterprise and Microsoft Copilot across your enterprise. Safeguard sensitive data, stop AI-driven attacks and establish governance for safe AI adoption. Be among the first to try it! Learn more and sign up for the private customer preview here. Tenable One August 2025 release: This month's release delivers faster insights, broader coverage and greater control over your exposure data. Release highlights: Dashboard enhancements: With daily data updates, new chart types and dedicated filters for CISA KEV and end-of-life software, Tenable One dashboards now make it easier to analyze specific risks, communicate impact and speed up response. Tenable On-Prem Connector: Install the Tenable On-Prem Connector to create a secure, encrypted connection to safely bring on-premises exposure data into Tenable One. Get the insights you need without putting your network at risk. Asset information source display: Deduplication in Tenable One is key to ensuring a clean, accurate view of each asset, without redundant information from multiple sources. With this release, the asset details screen now clearly displays the source that populates findings and property information, so your team fully understands and trusts asset data. Dynamic asset tagging: Define dynamic rule-based criteria that automatically apply tags to all Tenable One data for easier customization and greater control over tagging rules. This improvement enables smarter segmentation, precise asset management and deeper analysis across the platform. Explore all platform enhancements Tenable Connect Coming soon: Enhanced Support case experience We're excited to announce a new case creation and management experience. This release will streamline how you open and track cases while leveraging Generative AI to improve search and help you find answers faster. Stay tuned for enablement resources posted within Tenable Connect to maximize this new functionality. Tenable Cloud Security Reminder: Tenable Cloud Security requires that you log in to view documentation and release notes. To try/see the product, contact your account manager – or request a demo. Read all about it: New Tenable white paper by Analyst IDC: “Bridging cloud security and exposure management for unified risk reduction.“ This commissioned piece explores the value of exposure management and Tenable strengths. White paper • Blog Featuring fintech customer Snoop. We are honored to share the Tenable story of Snoop, using CIEM and JIT to enforce least privilege. Video [Want to tell your Tenable story? Let your Tenable rep know. We’d love to capture it!] Security alert: Tenable Research detected a supply chain attack in certain Nx build system packages that exfiltrated secrets to GitHub. GitHub has disabled the repos, yet compromised versions may persist. We’ve flagged any affected packages in your Tenable Console (Vulnerability ID: GHSA-cxm3-wv7p-598c). Act now: Update packages and rotate exposed secrets. Platform: Default Home and Favorite dashboards. Set a default Home dashboard to see your most important security insights first, and mark frequently used dashboards as Favorites for instant access. Benefit: These usability updates let you focus on what matters most in your workflow so you can work faster, make informed decisions and keep pace as the platform adapts to your needs. Japanese language support is here. You can now navigate the full Tenable Cloud Security Console in Japanese (switch via your profile menu), and access our documentation portal in Japanese for a smoother, more localized experience. Benefit: Japanese customers are the first to benefit from our new language infrastructure, designed to accelerate the rollout of additional languages. Watch this space! CWP: Workload Protection Clusters filter and column. Identify vulnerable clusters and all related vulnerabilities more easily. (The column is hidden by default.) Resolved filter. In the Workload > Vulnerabilities table, quickly display only vulnerabilities marked as resolved. Benefit: Get clear visibility into cluster-level risks and easily distinguish open from resolved issues to streamline vulnerability management and save time. CSPM: New and updated security best practice support Tenable now supports AWS Foundational Security Best Practices, CIS Azure 2.0, CIS Kubernetes 1.8 and CIS OpenShift 1.5. Benefit: Stay ahead of evolving threats and strengthen your security posture across cloud and container environments. Up-to-date best practices simplify compliance, reduce risk and make it easier to consistently implement proven security controls. DSPM: AWS RDS support for Oracle Data protection scanning is now available for Oracle on AWS RDS, for both Enterprise and Standard license holders. Benefit: Extend visibility into sensitive data stored in Oracle RDS to improve protection and compliance across more of your cloud database environments. Tenable Identity Exposure Tenable Identity Exposure uncovers Storm-0501's cloud identity threats: Financially motivated threat actor Storm-0501 is advancing cloud-based ransomware and hybrid identity compromises to move seamlessly between on-premises Active Directory (AD) and Microsoft Entra ID. Tactics include initial identity exploitation that compromises AD and abuses non-human synced Global Admin accounts in Entra ID, along with malicious persistence, where they establish backdoors by adding rogue federated domains with tools like AADInternals to gain persistent access and impersonation capabilities. Attacker tactic How Tenable Identity Exposure prevents it Initial compromise Flags high-privilege, improperly synced Entra ID accounts from on-prem AD, a configuration Microsoft advises against. MFA bypass Identifies critical, privileged accounts missing MFA, one of the most exploited gaps in hybrid identity attacks. Malicious persistence Detects backdoor federated domains and anomalous signing certificates using multiple indicators of exposure (IOEs), including: Known Federated Domain Backdoor, Federation Signing Certificates Mismatch, Unusual Federation Certificate Validity, Federated Domains List for verification against legitimate IDPs. Tenable Identity Exposure continuous monitoring of IoEs uncovers and aids remediation of critical identity risks before groups like Storm-0501 can exploit them. Tenable Identity Exposure documentation. Tenable Vulnerability Management Streamline ACSC Essential 8 compliance with new dashboards Simplify and strengthen your Essential 8 reporting with Tenable’s new ASD Essential 8 dashboards. These dashboards take your risk-mitigation SLAs to the next level, giving you a clear, real-time view of progress toward ACSC Essential 8 compliance. Quickly spot gaps, track patching and remediation efforts, and demonstrate measurable risk reduction. Monitor internet-facing assets, ensure critical applications are patched, and confidently report on SLA performance, all in one place. Explore the resources to get started: Applying Tenable’s risk-based VM to the ACSC Essential 8 ASD Essential 8 – Patch Applications dashboard ASD Essential 8 – Internet-Facing Assets dashboard Tenable Security Center Critical security patch 202508.1 now available Protect your Security Center deployment with the new patch 202508.1, which fixes critical third-party vulnerabilities in Apache, PHP and SQLite, including CVE-2025-23048, a critical Apache flaw. The update applies to versions 6.4 through 6.6 and must be installed manually. If you’re running 6.5.0, upgrade to 6.5.1 before applying it. For full details, see the release notes, security advisory, and download the patch; this update will be included in future Security Center releases. Tenable OT Security What's new in Tenable OT Security 4.4 The latest version is now available. It introduces several new features and enhancements to improve visibility, streamline workflows, and expand coverage across your industrial environment. OT asset tag data synchronization: Asset tags you create in Tenable OT Security will sync with Tenable One and Tenable Security Center to integrate OT context directly into your enterprise-wide reporting and security workflows. Policy violations dashboard: A redesigned view aggregates disparate alerts and events (e.g. unauthorized access, configuration changes) into unified and actionable Policy Violations to significantly reduce alert fatigue so you can focus on remediating your most critical exposures. Check out this guided demo to see it in action! PLC product file imports: Import PLC project files (starting with Rockwell Automation) to enrich your asset inventory. This provides deep visibility on live or sensitive OT devices without performing active queries. Merge assets: A new workflow helps you find and merge duplicate asset entries for a cleaner and more accurate OT asset inventory. Foxboro DCS support: Gain visibility into Foxboro Distributed Control Systems to extend security monitoring into complex industrial environments. VXLAN support: Analyze network traffic within Virtual Extensible LANs (VXLAN) to monitor assets and activity in modern virtualized data centers. Multi-interface sensor configuration: A simplified workflow allows a single sensor to simultaneously listen on multiple network interfaces to reduce deployment time and complexity. Review the release notes to learn more about what’s new in this release and how to upgrade. Tenable Nessus Reminder: End of support for Terrascan in all Nessus versions Tenable announced the End of Life for Terrascan in Nessus. The last day to download the affected product(s) is Sept. 30, 2025. Customers will receive continued support through the Last Date of Support. For more information, please refer to the bulletin announcement. Reminder: Nessus 10.9 is generally available Nessus 10.9 introduces several key features to empower your security teams, including offline web application scanning in Nessus Expert. For more information, see the Nessus 10.9 release notes and Nessus 10.9 User Guide. You can also view this announcement under Product Announcements in Tenable Connect. Tenable Training and Product Education Connectors added to Tenable One Intro course The updated Introduction to Tenable One course in Tenable University now shows you how to connect third-party security tools to the exposure management platform, to give you a unified view of risk across your entire attack surface. This no-cost training is open to customers, partners, prospects and the public. Start learning today at Tenable University. Tenable webinars Tune in for product updates, demos, how-to advice and Q&A. See all upcoming live and on-demand webinars at https://www.tenable.com/webinars. Live Oct 1, 2025: Beyond the endpoint: Exposure management that’s proactive. Why endpoint-first vulnerability management isn’t enough. Oct. 7, 2025: Nessus customer update. Troubleshooting common Nessus issues. Oct. 8, 2025: Tenable Vulnerability Management customer update. Operationalizing AI Aware to discover Shadow AI in your environment. Oct. 9, 2025: Tenable One customer update. Identity security in an exposure management program. Oct. 10, 2025: Tenable Security Center customer update. In-depth guide to user roles and permissions. On-demand September Tenable Nessus customer update: From the ground up – building a custom scan policy in Nessus. September Tenable Vulnerability Management customer update: Using Nessus agents in Tenable Vulnerability Management. September Tenable One customer update: Introducing AI Exposure, and other topics. September Tenable Security Center customer update: Answering the CISO – a guide to Assurance Report Cards. Ecosystem view of risk: Integrate cloud security with your security stack. Customer office hours These are recurring ask-me-anything sessions for Tenable Security Center, Tenable Vulnerability Management, Tenable Cloud Security, Tenable Identity Exposure and Tenable OT Security. Time-zone-appropriate sessions are available for the Americas, Europe (including the Middle East and Africa and Asia Pacific (APJ). Learn more and register here. Tenable Research Research Security Operations blog posts Frequently Asked Questions About Chinese State-Sponsored Actors Compromising Global Networks CVE-2025-54135, CVE-2025-54136: Frequently Asked Questions About Vulnerabilities in Cursor IDE (CurXecute and MCPoison) Frequently Asked Questions About SonicWall Gen 7 Firewall Ransomware Activity CVE-2025-54987, CVE-2025-54948: Trend Micro Apex One Command Injection Zero-Days Exploited In The Wild CVE-2025-53786: Frequently Asked Questions About Microsoft Exchange Server Hybrid Deployment Elevation of Privilege Vulnerability Microsoft’s August 2025 Patch Tuesday Addresses 107 CVEs (CVE-2025-53779) CVE-2025-25256: Proof of Concept Released for Critical Fortinet FortiSIEM Command Injection Vulnerability CVE-2025-7775: Citrix NetScaler ADC and NetScaler Gateway Zero-Day Remote Code Execution Vulnerability Exploited in the Wild Research release highlights Include/Exclude Path and Tenable Utils Unzip added to Log4j Detection Nutanix Prism v4 API Compatibility Excluding the SUSE Linux Snapshots directory from Language Library enumeration Content coverage highlights Almost 17,000 new vulnerability plugins published including new AI Aware detections! Over 25 new audits delivered to customers! Quick links Join the Tenable Connect community Sign up for on-demand training Watch Tenable product education videos — more than 250 videos now available Check out all upcoming and on-demand Tenable webinars Read Tenable documentation: Documentation RSS Feed Tenable Vulnerability Management User Guide Vulnerability Management Release Notes Tenable Web App Scanning User Guide Tenable Web App Scanning Release Notes Tenable Cloud Security User Guide Tenable Cloud Security Release Notes Tenable Identify Exposure User Guide Tenable Identity Exposure Release Notes Tenable Security Center Release Notes Tenable Security Center 6.5 User Guide Tenable OT Security Release Notes Tenable OT Security User Guide Tenable Attack Surface Management User Guide Exposure View User Guide Exposure View Release Notes Asset Inventory User Guide Asset Inventory Release Notes Attack Path Analysis User Guide Attack Path Analysis Release Notes Tenable Nessus Release Notes Tenable Nessus 10.8 User Guide Tenable Nessus Agents 10.8 User Guide Tenable Nessus Agents Release Notes Tenable Nessus Network Monitor 6.5 User Guide Tenable Nessus Network Monitor Release Notes
Include/Exclude Path and Tenable Utils Unzip added to Log4j Detection
Summary Tenable has updated the Apache Log4j detection plugins. The Windows plugin will now honor the Include/Exclude Filepath configuration option. The Linux/UNIX plugin will now use the version of ‘unzip’ supplied with the Nessus Agent, when enabled in the Agent’s configuration, and correctly inspect the MANIFEST.MF and pom.properties files. Change Before this update, plugin 156000, Apache Log4j Installed (Linux / Unix), would fail to detect Log4j in specific scan scenarios. The plugin uses several inspection methods to determine if a JAR file is a copy of Log4j. During Nessus Agent scans, as well as scans with ‘localhost’ as a target, the plugin was not properly executing the unzip command to inspect META-INF/MANIFEST.MF and pom.properties files in the JAR archive. If this method was the only option that would result in a successful detection, the copy of Log4j would not be detected properly. In addition, the plugin had failed to launch the unzip binary supplied with the Agent when inspecting files in JAR archives. Note: The Nessus Agent can be configured to use find and unzip binaries that it provides, instead of those supplied by the asset’s operating system. See https://docs.tenable.com/vulnerability-management/Content/Scans/AdvancedSettings.htm#Agent_Performance_Options for more information. Also before this update, plugin 156001, Apache Log4j JAR Detection (Windows), would fail to honor the directories included or excluded for full-disk searches configured in the Windows Include Filepath and Windows Exclude Filepath directives in the Advanced Settings of a scan config. Note: Configuration of these options is described in https://docs.tenable.com/vulnerability-management/Content/Scans/AdvancedSettings.htm#Windows_filesearchOptions. After this update, plugin 156000 will use the Agent-supplied copy of unzip when configured to do so. If this option is not enabled in the scan config, the plugin will use the existing method to find and execute an archive utility supplied by the asset’s operating system. In either case, the plugin will properly inspect Log4j’s MANIFEST.MF and pom.properties files as a version source. Plugin 156001 already properly inspects these files. Also after this update, plugin 156001’s Powershell code will now honor directories included or excluded by the Filepath directives. Plugin 156000 already supported this feature. Impact When scanning Linux / UNIX assets via 'localhost' (i.e. scanning the scanner itself) or with the Nessus Agent, additional Log4j instances from MANIFEST.MF or pom.properties sources may be reported. For Linux Nessus Agents with "Use Tenable supplied binaries for find and unzip" enabled and "Agent CPU Resource Control - Scan Performance Mode" set to Low, plugin 156000 will now properly limit CPU usage during scans. As noted in the product documentation, “Note: Setting your process_priority preference value to low could cause longer running scans. You may need to increase your scan-window timeframe to account for this value.” Customers should be aware of this configuration setting and potential changes to the results provided in the Log4J detection results. When scanning Windows targets, Log4j JAR files stored in paths specified in the Windows Exclude Filepath configuration will no longer be detected. Log4j JAR files stored in paths or drives specified in the Windows Include Filepath configuration that had not been previously scanned will now be detected, assuming they can be assessed before the plugin’s configured timeout has been reached. Plugins 156000 - Apache Log4j Installed (Linux / Unix) 156001 - Apache Log4j JAR Detection (Windows) Target Release Date September 1, 2025
Webinar: Customer Product Update Webinars - August 2025
Check out the latest monthly Customer Update Webinars below and save your spot! Recordings will be posted after the live webinar has concluded. Tuesday, August 12, 2025 Nessus Customer Update - 1 pm ET / 10 am PT How to: Using credentialed scanning to discover AI software. Wednesday, August 13, 2025 Tenable Vulnerability Management - 1 pm ET / 10 am ET How-to: Assessing network conformance with common compliance benchmarks. Thursday, August 14, 2025 Tenable One Customer Update - 11 am ET/ 8 am PT This month, we'll explore how you can leverage Tenable Cloud Security data within Tenable One. Tenable Security Center - 1 pm ET / 10 am PT How-to: Generating trending dashboards in Tenable Security Center.
July Product and Research Update Newsletter
Greetings! Check out our July newsletter to learn about the latest product and research updates, upcoming and on-demand webinars, and educational content — all to help you get more value from your Tenable solutions. Click here for a downloadable PDF of this newsletter Share Your Insights at Black Hat 2025 Attending Black Hat next month? We'd love to hear your thoughts on Tenable products! Join us for a brief, filmed in-booth interview. It's a quick (less than 10 minutes) and impactful way to share your feedback. You'll have the chance to share your opinions on camera, and rest assured, if you prefer, your feedback can remain completely anonymous if you prefer. As a thank you for your time, we'll also give you an exclusive briefing on our latest product updates. Ready to make your voice heard? Email ambassador@tenable.com to schedule your session. We'll find a time that works best for you! Tenable Cloud Security Reminder: Tenable Cloud Security requires you to log in to view documentation and release notes. To access the documentation or try Tenable Cloud Security, contact your account manager or request a demo. Code security for Azure ARM and Bicep frameworks, and APIs. Tenable now natively supports Azure Resource Manager (ARM) and Bicep, expanding on existing coverage for AWS CloudFormation, Kubernetes YAML, and Terraform across all major cloud environments. Azure users can now scan for misconfigurations directly in their infrastructure as code. Notably, Tenable Cloud Security uniquely supports Bicep, which is rapidly gaining adoption due to its simplicity. Tenable tags resources in Bicep files, auto-generates underlying ARM templates, and highlights misconfigurations directly in the Bicep code, so you can work in the Bicep layer without parsing ARM output. We’ve also introduced ingestion of Tenable IaC findings via API using the “Findings” query in the GraphQL API. This enables programmatic management of finding status. The code API has full UI parity and is consistent with all Tenable API endpoints. Workload protection now supports Oracle Cloud Infrastructure + streamlined reporting. Expanding our coverage of Oracle Cloud Infrastructure (OCI), Tenable Cloud Security now offers workload protection for OCI environments. You can scan virtual machines, including those using OCI-native and customer-managed key (CMK) encrypted volumes, alongside container images and account-level resources. Additionally, across all supported cloud environments, we have streamlined reporting: you can now generate reports directly from the Vulnerabilities page, simplifying your workflow. Enhanced IAM security across permissions and access. Tenable Cloud Security’s Microsoft Entra ID integration, recently enhanced with third-party support and MFA monitoring, can now monitor and filter all app API and delegated permissions. IAM admins get a clearer, tenant-wide view of app-level permissions, making it easier to remove unnecessary access. Are you still using the now-retired Microsoft Entra Permissions Management? Tenable is a strong replacement, with advanced CIEM, JIT access, and CNAPP capabilities spanning Entra ID, Azure and more. We’ve also improved IAM visibility for AWS and GCP with exportable Permissions Query results and enhanced tracking of custom policy changes. In GCP, access-level evaluation is now deeper with added behavior analysis and resource details. Introducing custom dashboards that you can easily build in minutes. You’ve got the power! You can now customize how dashboards look and how you present security data to help users focus on what matters most. Personalize dashboards by adjusting metrics, findings and visualizations. Choose whether to make them public or private. Save time by duplicating built-in or custom dashboards. Plus, all dashboards are now centrally located in the menu for easier access. “Projects” capability now supports integrations and automations by scope. Tenable is making it easier to manage accounts and access control across multiple accounts and providers. The Projects capability, which logically groups resources in your cloud environment, now lets you configure integrations and automations at the project level. This enables more granular control and flexibility to let specific accounts or resources follow tailored workflows aligned with your organizational structure and security policies. Tenable Identity Exposure New Entra ID IoEs to strengthen identity hygiene. Tenable has added new indicators of exposure (IoEs) to help you identify and remediate hidden risks in Entra ID environments: Managed devices not required for MFA registration: Flags tenants that allow multi-factor authentication (MFA) registration from devices your organization doesn’t manage. Without requiring managed devices, attackers with stolen credentials could set up their own MFA methods without your knowledge. Admin consent workflow not configured: Detects tenants missing an active admin consent workflow. This absence can cause errors for non-admin users trying to access applications that need consent, leading to user friction or unmonitored workarounds. Password expiration enforced: Identifies domains where password expiration policies, intended to enhance security, might actually weaken it. When you force users to change passwords frequently, they often resort to simpler or repeated passwords, which makes them more vulnerable to breaches. For more information, review the release notes. Tenable Enclave Security Tenable Enclave Security 1.5 release. We’re excited to announce the release of Tenable Enclave Security 1.5. This release includes exciting new features: Deployment assessment scanning: Quickly assess new and updated deployments before they go live, improving visibility and risk reduction during rapid delivery cycles. Expanded software composition analysis (SCA): Broaden insight into your software supply chain with deeper enumeration of third-party libraries and components, including Go, Java, PHP and unpatched vulnerabilities in container images. SecurityCenter 6.6: Now powered by PostgreSQL, the latest version enhances performance, scalability and long-term support for mission-critical environments. Policy management: New and improved experience for managing policies for CI/CD pipelines or Kubernetes clusters. For more information, review the release notes. Tenable Vulnerability Management (TVM) Tenable PCI agent scan template now available. As a result of the PCI DSS 4.x specification release, credentialed scanning is now a requirement for PCI internal scanning. In response, Tenable created the Tenable PCI Agent, which you can use to scan your network via the PCI Internal Nessus Agent scan template in Tenable Vulnerability Management. PCI DSS 4.x enables you to use a customized approach objective. Using PCI DSS 4.x, the PCI Internal Nessus Agent provides the most comprehensive view of local vulnerabilities on your systems. Please visit the Scan Settings site for more details on configuring the PCI Agent and scans. Tenable Patch Management Tenable Patch Management 9.2.967.22 (on-premises). This release features minor quality improvements and bug fixes across the platform. Server updates: Bug fixes: We fixed an issue where the Business Units by Waves column in cycle tables was empty if no deployment waves existed for the cycle owner. Modified the patch server framework component to depend on the feed server, preventing a race condition during registration. Fixed a bug where patching cycles could lose business unit information after a server restart. Improved the update process for supported platforms within existing workflows and activities during server upgrades. Client updates: Bug fixes: Change to WUAHttpServer to include a content-length header on a full GET request for a file. This resolves the Windows Server 2016 patch download issue. Tenable OT Security Tenable OT Security 4.3: Scalable visibility and control for your modern enterprise. The Tenable OT Security 4.3 release delivers powerful new features to enhance visibility and control across your operational technology (OT) environments and entire attack surface. Key updates in this release include: Scalable OT agents: Extend asset discovery to hard-to-reach areas and embedded systems, closing critical visibility gaps with lightweight, easy-to-deploy agents that leverage your existing IT infrastructure. Enhanced Tenable One data integration: Accelerate investigations and improve risk remediation with new Policy Violation Findings and richer Exposure Signals for more comprehensive Attack Path Analysis. Streamlined asset management: Benefit from a responsive Vulnerability Findings side-panel for quick investigations, custom asset tags and groups for better organization, and batch data and ruleset updates in Enterprise Manager to ensure consistent administration across distributed sites or locations. Additional user interface enhancements in v4.3: You can now search the asset serial number in the inventory Updated Sensor page navigation System Log pagination To learn more about what’s new in the latest version of Tenable OT Security, watch the latest customer update and review the release notes. Tenable Nessus Nessus 10.9 is now generally available! Nessus 10.9 introduces several key features to empower your security teams: Offline web application scanning in Nessus Expert: If your organization has strict network segmentation or air-gapped environments, Nessus 10.9 now enables comprehensive web application scanning functionality. This ensures your critical web applications, even in isolated networks, receive the same thorough security assessment as those in connected environments to maintain a consistent security baseline across your entire infrastructure. Triggered agent scans in Nessus Manager: Automatically initiate vulnerability scans via Nessus Manager in response to specific events. This means you get immediate insights into your security posture as soon as the system discovers new assets or critical system changes occur. This functionality will be enabled directly through Tenable Security Center in July. Agent version declaration for offline environments in Nessus Manager: Simplify the management of your Nessus Agents in air-gapped or offline deployments. With Nessus 10.9, you can now declare agent versions for Nessus Manager agent profiles, streamlining updates and ensuring your agents are running the desired software versions, even without direct internet connectivity. Agent safe mode status reporting in Nessus Manager: Get better visibility into our Nessus Agents’ health and operational status. Nessus 10.9 provides reporting on "Agent Safe Mode" status with insights into agents that may experience issues or operate in a limited capacity. This allows for quicker identification and resolution of agent-related problems for uninterrupted scanning coverage. Nessus 10.9 is available now. We encourage all Nessus users to upgrade to take advantage of these new features and continue to strengthen your vulnerability assessment capabilities. For more information, see the Nessus 10.9 release notes and Nessus 10.9 User Guide. You can also view this announcement under Product Announcements in Tenable Connect. End of Support for Nessus and Agents on Windows 32-bit operating systems. Tenable announces End of Support for Nessus and Agents on Windows 32-bit Operating Systems. Please see the bulletin for more details. Click here to continue reading the rest of the newsletter as a downloadable PDF.
