Improvement: Handling Component Installs for Vulnerability Assessment
Background On Friday, February 6, 2026, Tenable Research published a plugin update that changed the way component installs are assessed for vulnerabilities. Those changes are outlined in a previous release highlight: Component Installs Require Paranoid Checks, This update essentially reverts this change, while adding new functionality to allow users to choose whether or not they want component installs assessed for vulnerabilities. Component installs are no longer influenced by scan paranoia settings. What are “Component Installs”? Software components, such as applications or language modules/libraries, are installed and managed by a primary "parent" package or application. The crucial point is that these components often cannot be updated individually. Instead, their vulnerability assessment and upgrade are entirely dependent on an update of the parent package. For instance, the SQLite database component is installed as part of the Trend Micro Deep Security Agent and is updated only when the Agent itself is updated. Nessus uses several factors to determine if a detected product is a component, or a standalone installation, including: Was the product installed by a package manager? These products are not considered components, as they are managed by the package manager and not a “parent” application Is the component a “language library”, i.e. a library or module used by the interpreter of a programming language like Python or Node.js? These enumerated libraries are marked as components by default. Does the product reside in a directory that is recognized for installations that are not component-based? Changes By default, component installs are once again assessed for vulnerabilities, as was the case prior to the release of the aforementioned update. If users wish to turn this setting off, so that component installs will not be assessed by generic vulnerability detection plugins, they can do so via the newly created scan preference. The end result of this change should be that fewer “false positives”, i.e. reported vulnerabilities for components that are “owned” by another application, are shown in scan results. Components with vulnerabilities that cannot be addressed independently of the “parent” application will not show in scan results. However, some customers have expressed a desire to see these vulnerabilities in their scan results anyway, to ensure full awareness of the risk profile of every application in their environment. This is still possible through the updated scan configuration settings. To modify this setting in your scan policy, go to Settings > Assessment > Accuracy > Override Normal Accuracy > Assess component installs for potential vulnerabilities. This setting is ON (checkbox is ticked) by default, so users must enable the Override Normal Accuracy checkbox (which is OFF / unchecked by default) if they wish to disable the setting and ensure that component installs are not assessed by generic vulnerability detection plugins in this scan. Please note that this update makes no other changes to the existing paranoia logic, outside of what is described above. For now, “Managed”, “Managed by OS” and “Backported” installs are still controlled by the Show/Avoid potential false alarms radio button. How can I tell if the detected install is a component or not? In addition to the above, we have also updated the relevant detection plugins so they will show if the component flag is set or not. At present, this includes detection plugins for OpenSSL, Curl, LibCurl, Apache HTTPD, Apache Tomcat, SQLite, Python Packages, Node.js modules and, soon to follow, Ruby and Nuget libraries. Using plugin ID 174788, SQLite Detection (Windows), here is a before and after example of the expected plugin output. Before: After: Expected Impact With the new default setting in place, users should anticipate an increase in vulnerability findings for the products in scope, returning to a level similar to what was observed before the first update. If users do not wish to surface these additional potential vulnerabilities, they should disable the "Assess component installs for potential vulnerabilities” setting. If the new scan preference is disabled, the volume of findings will remain consistent with current levels, when scanning with normal accuracy (paranoia) settings. Affected Plugins 12288, global_settings.nasl (updated to support the new scan policy preference) Any plugin that operates downstream of those in the list below: SQLite: 174788 - sqlite_nix_installed.nasl 171077 - sqlite_win_installed.nasl OpenSSL: 168007 - openssl_nix_installed.nasl 168149 - openssl_win_installed.nasl Curl: 182774 - curl_nix_installed.nasl 171860 - curl_win_installed.nasl LibCurl: 182848 - libcurl_nix_installed.nasl Apache HTTPD: 141394 - apache_http_server_nix_installed.nasl 141262 - apache_httpd_win_installed.nasl Apache Tomcat: 130175 - apache_tomcat_nix_installed.nasl 130590 - tomcat_win_installed.nasl Python Packages: 164122 - python_packages_installed_nix.nasl 139241 - python_win_installed.nasl Node.js Modules: 178772 - nodejs_modules_linux_installed.nasl 179440 - nodejs_modules_mac_installed.nasl 200172 - nodejs_modules_win_installed.nasl Targeted Release Date Tenable Nessus and Vulnerability Management: Monday, March 9, 2026 (ETA 22:30 Eastern Standard Time) Tenable Security Center: Monday, March 16, 2026
Tenable product update: Standardizing Tenable risk scoring
At Tenable, we are committed to providing the most accurate, defensible, and actionable view of organizational risk. To achieve this, we must continually refine the intelligence that powers your prioritization. On July 1, 2026, we are implementing a series of foundational updates to our risk scoring engines. As part of this update, you may see changes to your risk scores, depending on the Tenable product(s) you own. These changes simplify your workflow by standardizing scoring on a single, high-fidelity model for vulnerability and asset risk. The new standard for VPR For the past several months, many of you have utilized VPR (Beta) to gain deeper insights into exploitability. We are excited to announce that on July 1, this model will be promoted to the primary Vulnerability Priority Rating (VPR) across the Tenable platform. By standardizing on this advanced model, we are retiring legacy VPR scoring to ensure every customer benefits from our most sophisticated threat intelligence. The new version of VPR incorporates more threat intelligence and vulnerability metadata so that you can focus on the 1.6% of vulnerabilities that actually matter. Better context through enhanced asset classification Alongside the VPR update, we are enhancing our asset classification engine. This update improves how we identify the function and importance of assets across your entire attack surface, including Cloud, OT, and third-party devices. As a result, customers with access to Asset Criticality Ratings (ACR) will see these scores more accurately reflect real-world business risk. What this means for you These are backend enhancements designed to provide immediate value with zero manual configuration. On July 1, your dashboards, reports, and APIs will automatically reflect these updated metrics. Because both VPR and ACR serve as inputs to Cyber Exposure Score (CES) and Asset Exposure Score (AES), customers using these scores may see changes that reflect a more accurate understanding of exposure. Customer FAQ What happens to the VPR (Beta) score in the Tenable UI? The Beta label will be removed. The high-fidelity model you’ve been previewing will become the standard VPR. The legacy version of VPR will be retired to ensure a single, unified source or truth. Do I need to rewrite my custom API scripts using VPR? No. For customers using APIs, updated values will be mapped into legacy VPR fields on the back end to ensure compatibility and a smooth transition for your scripts and third-party tools. How does this affect my SLAs? Because many organizations use VPR as their operational prioritization layer, your SLA statistics and remediation tracking will now reflect the more precise scoring model. This helps ensure your team is meeting response goals for the vulnerabilities that pose the highest actual risk. How does Enhanced Asset Classification affect my scores? The system now automatically identifies the function and criticality of assets across Cloud, OT, and third-party sources. This improved context leads to more accurate Asset Criticality Rating (ACR) adjustments. For customers with access to ACR, this ensures your most critical business assets are effectively prioritized. For a detailed guide on our enhanced VPR, check out this FAQ. Want to see the why behind our scoring? View our scoring explained.Action Required: Preparation for January 2026 Tenable Security Center Feed Update
We are writing to announce an important upcoming change to the Tenable Security Center feed data. Starting in mid-January 2026, the size of Tenable Security Center feeds will increase due to the addition of new Vulnerability Priority Rating (VPR) data; this data will be available in Tenable Security Center 6.8, anticipated for release later in Q1 2026. This update ensures you continue to receive comprehensive vulnerability data, but it requires immediate action to ensure your environment is prepared. What you need to do To prevent the feed size from causing PHP memory exhaustion in your environment, please follow the resolution path for your specific version: Versions 6.5.1 – 6.7.2: Patch 202601.1 is now available. Applying this patch will automatically modify the PHP configuration to increase the memory limit. Versions Prior to 6.5.1: Follow the instructions outlined in this Knowledge Base article to modify the PHP configuration. Note: Tenable Security Center consoles with less than 8 GB RAM may need to have their hardware resources updated. Review Tenable Security Center hardware recommendations Why this matters Taking action now allows you to adopt a proactive approach to this feed expansion, ensuring your nightly updates continue seamlessly. Prevent SC Feed Update Failures: Without this fix, SC Feed updates may fail and log an "Allowed memory size... exhausted" error or terminate abnormally with error status '255'. Protect Disk Space: Failing feed updates can leave behind orphaned files in /opt/sc/data/feed.XXXXX folders, which may build up and cause disk space issues over time. Access our related documentation to learn more: Tenable Security Center Patch 202601.1 (2026-01-06) Knowledge Base: Tenable Security Center Feed Update Failing with "terminated abnormally with error status '255'" Due to PHP Memory Exhaustion
Tenable Post-Quantum Cryptography Inventory Support
Summary The advent of quantum computing presents a significant threat to current cryptographic algorithms. Organizations worldwide are beginning the critical transition to post-quantum cryptography (PQC) resistant algorithms to ensure long-term data security. Government mandates, such as the U.S. National Security Memorandum 10 (NSM-10), outlines deadlines for PQC migration and specific actions agencies must take to migrate vulnerable systems. Our PQC support is designed to help customers inventory use of TLS and SSH quantum-resistant and vulnerable algorithms within their infrastructure using remote Nessus-based scans. Cipher Inventory and Reporting Post-Quantum Cipher Plugins Two remote-based scan informational reporting plugins for TLS and SSH protocols inform customers of their transition posture according to NIST Post-Quantum Encryption Standards. Services Using Post Quantum Cryptography: Reports on services equipped with at least one post-quantum cipher. It will specify which post-quantum ciphers were discovered, reporting by port and protocol. Services Not Using Post Quantum Cryptography: Reports on services that support no post-quantum ciphers. These plugins will be enabled by default and included in existing scans. Cryptographic Inventory Plugin Reporting To enable a JSON-based inventory of each target by service and cipher, enable through either a preference on your Advanced Network Scan or by running the Cryptographic Inventory scan template. These preferences will initially be supported in Nessus and Tenable Vulnerability Management. They are planned to be added to Tenable Security Center at a later date. Warning: Enabling this preference through the Advanced Network Scan is expected to increase the overall size of the plugin output per target and resulting Nessus database size. If you do not need to produce this inventory at all or on your regular scan cadence, it’s recommended to instead run the Cryptographic Inventory scan template to decrease the potential impact to your normal scan results. Options to Enable Inventory Reporting Advanced Scan Preference Post Quantum Cryptography Scan Template Cryptographic Inventory Plugin Details The plugin enabled with the preference or scan template is an information plugin called Target Cipher Inventory. Within the output of this plugin, you will find a JSON structure containing the TLS and SSH inventories for the scanned target. You can export this inventory based on plugin output using the Tenable API if needed. For TLS, the structure contains: Attribute Definition Encaps Protocol encapsulation employed such as TLSv1, TLSv2, TLSv3 Port Port used for TLS communication Curve Group Encryption method Ciphersuite Algorithm used to secure the TLS connection For SSH, the structure contains: Attribute Definition Proto Protocol of SSH Port Port used for SSH communication Name Algorithm used to secure the protocol Type Use of the named algorithm such as “message auth” Release Date Tenable Vulnerability Management and Tenable Nessus: December 8, 2025 Tenable Security Center: - December 8, 2025 for the informational plugins - Cryptographic Inventory scan template release to be determinedImprovement to Printer OS Fingerprinting
Updated: April 3, 2026 Summary Scanned printers will now have an OS artefact surfaced in their scan host metadata if the target has been identified as a printer when the “Scan Network Printers” policy option is disabled. This change will not cause any additional asset licenses to be consumed within Tenable VM or Tenable Security Center. Background Printers are notoriously unstable scan targets. Oftentimes, they can behave erratically when scanned, so some users prefer to avoid scanning them altogether. At present, there is a switch in the scan policies to prevent further scanning of a host when it's identified as a printer. To enable this setting, go to Settings -> Host Discovery -> Fragile devices - Scan Network Printers (Currently, this is a checkbox setting, default value “off”). With that said, how can the scanner know the target is a printer if it cannot be scanned? In reality, the scanner still performs very basic fingerprinting (usually via SNMP) in order to gather enough information to make an educated guess at the device type. When the scan target is thought to be a printer, it essentially gets marked as “Host/dead" in the scan KB. When this happens, the scanner will not perform any further active scanning. Changes With this update, the fingerprint used to identify the printer as such, will now be stored in the scan Knowledge Base (KB) so it can be processed by os_fingerprint2.nasl ("Post-scan OS Identification", plugin ID 83349) and surfaced as metadata in the scan result. The relevant policy setting located at Settings -> Host Discovery -> Fragile devices -> Scan Network Printers. With this update, the printer's OS information will now be surfaced if it is available, regardless of the selected value for this setting. Impact Users can now see the OS information for their printer devices that would have otherwise gone unreported if the scan is not configured to “Scan Network Printers”. As plugin ID 83349 generates no plugin output, only an “operating-system” tag will be added to the scan result (and stored in an exported .nessus file). This information will be visible only the in “Host/Asset Details” section of the Tenable product UI, i.e: Tenable Nessus: Scans -> [Folder] -> [Individual Scan Result] - > Host Details -> OS (sidebar) Tenable Vulnerability Management: Explore -> Assets -> [Asset] -> Details -> Operating System Scans -> Vulnerability Management Scans -> [Individual Scan Result] -> Scan Details -> Asset Details -> Operating System Tenable Security Center: Analysis -> IP Summary -> [IP address] -> System Information -> OS Scans -> Scan Results -> [Individual Scan Result] -> IP Summary -> [IP address] -> System Information -> OS Note, we expect this information to surface mainly in individual scan results. It would only be present in cumulative asset details if a licensed asset already exists for the target in question. This update will not cause additional assets to be created or consume any additional licenses. Affected Plugins 83349 - os_fingerprint2.nasl 11933 - dont_scan_printers.nasl 22481 - dont_scan_settings.nasl Targeted Release Date Wednesday, March 4, 2026
Webinar: Customer Product Update Webinars - July 2025
Check out the latest monthly Customer Update Webinars below and save your spot! Recordings will be posted after the live webinar has concluded. Tenable WAS, July 8, 2025, 11 am ET: Join us for a deep dive into recently released WAS features and capabilities. Tenable Nessus, July 8, 2025, 1 pm ET: Testing for specific CVEs with Nessus. Tenable OT Security, July 9, 2025, 11 am ET: Learn how Tenable OT Security 4.3 unlocks unprecedented visibility and control across your OT/IT environment. Tenable Vulnerability Management, July 9, 2025, 1 pm ET: Credentialed scans versus uncredentialed scans and how to use managed credentials. Tenable One, July 10, 2025, 11 am ET: Learn how Tenable One can now ingest important security context from non-Tenable security tools to help better identify, prioritize and reduce cyber risk. Tenable Security Center, July 10, 2025, 1 pm ET: OS breakdown: reporting exposures by operating system.May 2026 Tenable Product Newsletter
Check out our May newsletter to learn about the latest product and research updates, events, and educational content — all to help you get more value from your Tenable solutions. Tenable One Tenable Hexa AI: Intelligence into action at machine speed. We are thrilled to announce that Tenable Hexa AI, the agentic engine of the Tenable One Exposure Management Platform, is now generally available. Tenable Hexa AI orchestrates and automates security workflows to accelerate risk reduction. Built-in or custom agents: Start immediately with our pre-built agents for common security tasks like asset management and dashboard creation, or build custom agents via the MCP server for your unique environment. Execute the fix: Tenable Hexa AI handles complex multi-step tasks like identifying the root cause of a threat and automatically creating the necessary remediation tickets. Automate with confidence: You define the guardrails. Every action is fully auditable and requires the level of human oversight you choose, so you can scale automation without risking your production environment. Get more details on Tenable Connect or read the documentation. To learn more about how to leverage Tenable Hexa AI, reach out to your account team or contact us. The Tenable One Open Connector Connect more. See more. Act faster. We built Tenable One to be the open, connected hub that turns your scattered tools into a one-stop shop for risk reduction. While our standard Connectors already keep your favorite tools in sync, we’re taking integration to the next level with the new Tenable One Open Connector. We're no longer just talking about official integrations; we're talking about bringing in your data from across unsupported or custom tools, spreadsheets, and even homegrown internal systems. What this means for you: Get a more complete view of risk by bringing your security data together in a single, contextual view. Unlock an open, flexible platform for your security stack by staying independent of pre-built integrations. Act faster with automated data syncs that keep your information always current. Tailor your data mapping to enable precise segmentation that fits your organization’s needs. Ready to achieve a truly unified view of your entire attack surface? Read the blog and view the demo. To get started, see the setup guide. Lifecycle management in attack path analysis Take control of your security workflows with our new lifecycle management features in attack path analysis. You can now manually transition attack techniques through specific stages — To Do, In Review, In Progress, Resolved, and Excluded — to ensure seamless collaboration across your team. What’s new: Manual technique control: Track progress accurately by assigning specific statuses to each technique. Smart attack path sync: When you update a technique’s status, the system automatically updates the status of all related attack paths to reflect that change. Unified workflow: Align your team around a shared lifecycle, providing a clear and consistent view of every identified threat. Learn more. Tenable One + Recorded Future integration Our new Recorded Future connector bridges the gap between your internal exposure data and the external threat landscape, giving you a single source of truth to accelerate remediation where it matters most. By layering Recorded Future’s threat intelligence over Tenable’s deep attack surface visibility, you can now achieve: Truly unified visibility: View high-fidelity threat intelligence alongside your full exposure data in one pane of glass. Holistic context: Instantly see how internal asset criticality aligns with real-world exploit trends. Targeted remediation: Ignore the noise and focus exclusively on the vulnerabilities threat actors are actively weaponizing in the wild. Learn more. Tenable integrates with the Claude Compliance API for AI governance Tenable has announced an integration between the Tenable One Exposure Management Platform and the Claude Compliance API. This new capability provides security and compliance teams with unprecedented visibility and governance over enterprise AI usage directly within their existing workflows. Key highlights of this release include: Granular visibility: Monitor enterprise Claude AI interactions, including chats and file uploads, natively within Tenable One. Risk detection: Identify malicious or suspicious activity across your AI ecosystem. Regulatory alignment: Ensure AI usage complies with corporate acceptable-use policies and global mandates like the EU AI Act. This integration is available immediately for all Tenable One customers, allowing organizations to safely adopt Claude Enterprise at scale while proactively managing AI-related risks. Tenable One Cloud Exposure This month, we are focusing on automated orchestration and shifting security further left into native developer workflows. What's New: Retroactive cloud automations: Apply new or re-enabled automation rules retrospectively to your entire backlog of cloud findings to wipe out historical cloud risks in a single click. 280 cloud-native secret types: Our original generic categories are now split into 280 specific data types (like GitHub App Tokens), allowing you to customize sensitivity criteria to fit your exact cloud compliance requirements. Native PR scanning (IaC): Catch security risks natively inside GitHub and Azure DevOps pull requests so developers can fix configuration errors directly on the relevant lines of code before merging. Windows container scans: Maintain robust protection across your entire application footprint with shift-left vulnerability scanning that now supports Windows-based container images within cloud CI/CD pipelines. On-demand registry scans: Manually push critical cloud container images or full repositories to the top of the scan queue to instantly verify your security fixes. For more information on these updates, please view “documentation” inside the Tenable One Cloud Exposure interface. Tenable One Vulnerability Management Automate remediation with direct ticketing Stop bouncing between disconnected tools. You can now create Jira or ServiceNow tickets directly within your Explore Findings view and launch Exposure Response Initiatives straight from Vulnerability Intelligence. Even better, Tenable automatically closes these tickets the moment a vulnerability is fixed, eliminating tedious manual cleanup for your team. To keep your security and IT teams aligned, we've also added live ticket log tracking inside the finding details page, new ticket filters for your findings table, and easy exports for Exposure Response logs. To get started, check out our documentation or interactive tour. Clear your blind spots and validate your security coverage To protect your network, you need to know your security tools are working correctly. New dashboards and reports help you eliminate hidden gaps and prioritize fixes faster. The program health dashboard monitors your deployment health and scanning coverage. It gives you a central view to ensure your security agents are active and fully patched, preventing silent operational failures. The program health report unifies fragmented asset data and scan authentication indicators into a single document. It resolves conflicting inventories and credential issues, giving you a clean, trusted report to plan and execute remediation. The endpoint application visibility dashboard cuts out the hours your team spends hunting down software inventories. It automatically consolidates application data across endpoints so you can prioritize fixes based on real-world exploit likelihood and deployment scale. Nessus Whether you are a seasoned pro with Nessus or just starting out as a first-time user, don’t forget to check out our on-demand training courses and learn from the team that built Nessus. Nessus Fundamentals: Maximize your Nessus Professional or Expert deployments. You’ll master the essential building blocks of vulnerability assessment, conquering everything from initial installation and asset discovery to compliance checks and in-depth analysis. No prerequisites necessary. Nessus Advanced: Elevate your Nessus Expert skills. You’ll build upon your foundational knowledge to take command of external attack surface discovery, web app scans, and results analysis. Accelerate your time-to-value with a full year of unlimited access to expert-led video instruction. You will master critical workflows, maximize your security ROI, and earn a digital badge and Certificate of Completion to validate your hard-earned expertise. Learn more and enroll today at www.tenable.com/buy/training Tenable Security Center Tenable Security Center 6.8 Focus on the vulnerabilities that matter with AI-powered VPR insights and mitigation guidance. This release streamlines your operations with unified asset repositories for IPv4, IPv6, and Agents, and improves efficiency with new background query processing and scan optimization capabilities. View the full release notes to learn more. Tenable Patch Management Scale patching and simplify upgrades Broader environment coverage, faster endpoint updates, and a much smoother platform upgrade are available with the latest releases. Version 10.1.971.12 (SaaS & on-premise) expands your coverage across new Linux distributions and architectures. On your endpoints, you can now run lightweight, native driver and BIOS updates without the heavy files that cause CPU bloat, and deploy Windows upgrades via bandwidth-saving peer-to-peer rollouts. This release also cuts console memory usage, hardens library security, and fixes interface bugs affecting patch previews. Version 10.1.972.14 (server) delivers a targeted hotfix that corrects server upgrade task-sequencing and strategy validation issues, ensuring you a seamless, error-free migration from older versions. Broader environment coverage, faster endpoint updates, and a much smoother platform upgrade are available with the latest releases. Version 10.1.971.12 (SaaS and on-premises): Expands your coverage across new Linux distributions and architectures. On your endpoints, you can now run lightweight, native driver and BIOS updates without the heavy files that cause CPU bloat, and deploy Windows upgrades via bandwidth-saving peer-to-peer rollouts. This release also cuts console memory usage, hardens library security, and fixes interface bugs affecting patch previews. Version 10.1.972.14 (server): Delivers a targeted hotfix that corrects server upgrade task-sequencing and strategy validation issues, ensuring a seamless, error-free migration from older versions. How to update: SaaS tenants have been updated automatically. For on-prem deployments, download the latest installers via the Tenable Downloads Portal. For the further details, check out the release notes. Tenable One OT Exposure Tenable OT Security 4.6 Our latest release introduces a variety of new features and performance enhancements, including refined scan controls and streamlined workflows for large-scale enterprise environments. Massive subnet scaling: Now supports up to 5,000 subnets per ICP, significantly increasing visibility for distributed large enterprise deployments. Centralized network management: A new Monitored Networks page includes bulk-add capabilities and the ability to stage inactive networks before monitoring. Precision scanning: New scan customization options allow you to define specific credential usage per scan for safe discovery of sensitive assets. Streamlined platform navigation: Updated workflow for SSO/SAML users allows you to instantly pivot back to Tenable One with a single click. Remote agent updates and query restrictions: Update OT agents directly from the ICP, remove local site visits or manual CLI intervention, and restrict specific protocol queries with OT agents. Enhanced diagnostics: Deeper metadata in asset log exports for faster troubleshooting. IoT connector updates: Major stability and performance upgrades for Milestone, AvigilonES, and Exacq Edge integrations for IoT asset discovery. Update required: Tenable OT Security 4.5 Service Pack (version 4.5.61) All customers running version 4.5 should apply this upgrade immediately for optimal system stability and performance when processing high volumes of network conversations. This update also addresses communication gaps with Rockwell Stratix devices and Nessus scans. View the full release notes. Tenable Ecosystem Tenable App for Microsoft Sentinel v3.1.2 Version 3.1.2 of the Tenable App for Microsoft Sentinel is now available, bringing connector enhancements and schema updates to optimize your integration. What’s new: TIE data connector: The UI now supports multiple rsyslog configurations. Schema updates: Updated table schemas for Tenable One Vulnerability Management and Tenable One Web App Scanning vulnerabilities within the ARM Template. Improved data handling: The Tenable Vulnerability SDK now utilizes indexed_at instead of last_found. We highly recommend upgrading to v3.1.2 to ensure full support for these latest changes. For more details, please read Tenable Documentation or visit the Azure Marketplace to download. Please note, this application is also available via the Microsoft Azure Gov Cloud marketplace. Tenable events and webinars Tune in for product updates, demos, how-to advice and Q&A. See all upcoming live and on-demand webinars at https://www.tenable.com/webinars. Customer Office Hours These are recurring ask-me-anything sessions for Tenable Security Center, Tenable One Vulnerability Management, Tenable One Cloud Exposure, Tenable One Identity Exposure and Tenable One OT Exposure. Time-zone-appropriate sessions are available for the Americas, Europe (including the Middle East and Africa and Asia Pacific (APJ). Learn more and register here. On-demand TenableTalk Live: Responding to Mythos and Frontier AI vulnerability discovery: Catch the replay of this conversation about the impact of frontier AI models on the threat landscape and how security teams can evolve vulnerability discovery into a machine-speed agentic defense. Watch on LinkedIn or in Tenable Connect. Tenable customer update: April 2026: Watch this quarterly Tenable customer update to learn how to use AI to augment your security team, secure your expanding AI attack surface, uncover hidden risk across your connected IT/OT environments, and more. Products covered: Tenable One, Tenable One AI Exposure, Tenable One Vulnerability Management, OT functionality, third-party data connections, and Tenable Security Center. Tenable Research Research Security Operations Subscribe to the Research team blog posts here. Why the approaching flood of vulnerabilities changes everything — and what to do about it New content Almost 7,000 new published vulnerability plugins. More than 60 new audits delivered to customers. Read Tenable documentation.March 2026 Tenable Product Newsletter
Check out our March newsletter to learn about the latest product and research updates, upcoming and on-demand webinars, and educational content — all to help you get more value from your Tenable solutions. EXPOSURE 2026 Save 50% on the security conference of the year Don’t miss EXPOSURE 2026, the first-ever conference dedicated exclusively to proactive, unified exposure management. Join us in Boston, Mass., from May 19-21, 2026, to get: Hands-on instruction with Exposure Management Strategy or Tenable One Technical Training Practical resources and real-world insights from Tenable leaders and industry experts Register before March 31 to save 50% off admission and training with early-bird pricing. Tenable customer update webinar 11 a.m. EST/3 p.m. BST, April 9, 2026 Join our upcoming webinar for an informative, fast-paced overview of recent product updates and best practices. Hosted by a team of Tenable product experts, this session will explore how to better secure your expanding attack surface and consolidate critical security data. Register now. Tenable One Coming soon: Data portability for Tenable Attack Path Analysis (APA) We’re introducing Full Export for Tenable APA, allowing you to move beyond single-page views and transform high-level visualizations into actionable offline intelligence. Key capabilities: Comprehensive data: Export full datasets for Top Attack Paths and Top Attack Techniques into CSV or JSON formats. Risk context: Exports include critical metrics like Source NES (Node Exposure Score) and Target ACR (Asset Criticality Rating). High capacity: Easily trigger exports for up to 100K+ results via a new global UI button. API parity: Programmatically pull path data into your SIEM, SOAR, or custom tools using the Tenable Public API. Tenable Cloud Security This month’s updates focus on operational scale, synchronizing security standards, and automating remediation across complex multi-cloud environments. Highlight: Synchronized policy management With linked queries, you can now connect saved explorer searches directly to custom policies and reports. Eliminate manual version control: When you update a source query, every linked policy and report automatically syncs, so your security standards are identical across your entire organization. Operational control: Pause automated workflows for maintenance without losing your configurations using the new enable/disable toggle for automation rules. High-impact capabilities Actionable CI/CD pipelines: Maintain developer velocity by excluding unresolvable vulnerabilities from container image scans. This prevents noise from breaking builds when no patch is currently available. Confirmed reachability: Bridge the gap between theoretical risk and actual exposure with Network Endpoints now displayed in your Inventory to surface the actual, validated entry points for your resources. Dynamic IaC protection: Tenable now scans Terraform dynamic configurations to give you visibility into scaled infrastructure and complex definitions before deployment. Expanded compliance: Immediate support for CIS AWS 6.0.0 and the NIS2 Directive keeps your cloud accounts aligned with the latest global regulatory benchmarks. Strategic update: Domain transition Note: Critical for continued service. The Console URL has officially transitioned to app.tenable.com. Please update your bookmarks and firewall allow lists to include *.app.tenable.com immediately to prevent service interruption. View Full March Release Notes Tenable Vulnerability Management Introducing VM-Native OT Discovery Safely identify and profile connected PLCs, HMIs, and IoT devices using the vulnerability management toolset you already own. No specialized hardware or complex deployments required. Turn your existing IT security tools into a safe OT discovery engine today and get visibility into your IT/OT security gap. Watch the guided demo to see this new capability in action. For more information, explore the user guide documentation for Scan Templates and Discovery Settings. Clean up your scan data: New OS and app inventory dashboard Our new Operating System and Application Inventory with Data Troubleshooting dashboard gives you an instant, high-level view of your asset counts across every OS and application. By using built-in troubleshooting queries, you can identify and fix scan fidelity issues and prioritize risk based on the most accurate data possible. View the dashboard details. Nessus Maximize your vulnerability assessment strategy with our recently introduced interactive Tenable Nessus demos. Skip the manuals and get immediate, hands-on experience securing your attack surface. Explore the Nessus Professional Onboarding demo to launch your first comprehensive scans in minutes. Dive into the Nessus Expert Onboarding demo to master advanced assessment features and eliminate security blind spots, whether on-prem or in the cloud. Tenable Security Center Uncover the OT blind spots across your network If you’re not already a Tenable OT Security user, your IT environment is likely full of shadow OT, like HVAC controllers and IoT devices, that standard scans can’t see. We recently added native OT discovery capabilities directly inside Tenable Security Center, so you can safely map these assets using the tools you already own. Get deep identity data for PLCs and HMIs without risking a disruption or deploying new network sensors. See it in action in this guided demo, and find out how to configure your first scan here. Reminder: Upgrade to Tenable Security Center 6.8 Focus on the vulnerabilities that truly matter with AI-powered VPR insights and clear mitigation guidance. This release streamlines your operations with unified asset repositories for IPv4, IPv6, and Agents, and improves efficiency with new background query processing and scan optimization tools. Explore the release notes for more information before you upgrade. Tenable Patch Management Improved patching precision and reliability Update (v10.0.971.26) includes critical fixes around strategy corruption and inaccurate compliance reporting. By upgrading, you keep your workflows intact, your data precise, and your environment benefits from the modernized performance and security of Java 25. View the release notes or access TPM documentation. Tenable OT Security Update required: Tenable OT Security 4.5 Service Pack (version 4.5.61) We advise all customers currently running version 4.5 apply this upgrade immediately to ensure optimal system stability and performance when processing high volumes of network conversations. This update also addresses specific communication gaps with Rockwell Stratix devices and Nessus scans. Review the release notes for the full list of fixes and improvements. Introducing Tenable OT Security 4.6 (Early Access) Our upcoming release introduces a variety of new features, performance enhancements, and streamlined workflows for large-scale industrial environments. Massive subnet scaling: Now supports up to 5,000 subnets per ICP, significantly increasing visibility for massive enterprise deployments. Centralized network management: A new Monitored Networks page includes bulk-add capabilities and the ability to stage inactive networks before monitoring. Precision scanning: New Nessus workflows let you define specific credential usage per scan for safe discovery of sensitive assets. Streamlined platform navigation: Updated workflow for SSO/SAML users helps you pivot back to the Tenable One platform instantly with the return button. Remote agent updates and query restrictions: Update OT agents directly from the ICP. and remove local site visits or manual CLI intervention. New infrastructure for OT agents also enables you to restrict specific protocol queries. Enhanced diagnostics: Exported asset logs now include deeper metadata to speed up Support and Engineering troubleshooting. IoT connector overhaul: Major stability and performance fixes for Milestone, AvigilonES, and Exacq Edge integrations for IoT asset discovery. This update focuses heavily on large-scale infrastructure, refined scan controls, and better integration with the Tenable One ecosystem. Check out the release notes and user guide for details. Tenable Web App Scanning Stop chasing dead keys: New secrets validation for WAS Don’t waste time manually verifying every leaked credential. Our new Secrets Validation automatically tests detected tokens, like GitHub or AI service API keys, to see if they are live and exploitable. By distinguishing between a harmless string and a critical vulnerability, you can prioritize your remediation efforts based on real-world risk, rather than noise. View the documentation or read the full breakdown on Tenable Connect. Tenable Training and Product Education Evolve from reactive patching to proactive risk oversight The Exposure Management Business Theory course, now available at no cost in Tenable University, guides you in self-paced modules toward building a sustainable exposure management program through the five pillars of the exposure lifecycle: scoping, discovery, prioritization, validation, and mobilization. Get strategic insight to align Tenable’s capabilities with your business goals, drive meaningful change, and make informed decisions. Get hands-on expertise with current industrial security capabilities The newly-updated Tenable OT Security Specialist instructor-led training course, now aligned with Tenable OT Security version 4.4, ensures you can effectively protect your critical infrastructure using the latest product features and workflows. You will learn to: Maximize visibility: Learn to leverage these enhancements to see and secure every asset in your OT environment. Reduce risk: Practice real-world scenarios to identify vulnerabilities and threats faster. Get expert guidance: Interact directly with instructors to master complex configurations and best practices. Visit tenable.com/education to learn more about our Tenable University education offerings, see global instructor-led training (ILT) schedules, and buy virtual ILT or on-demand courses. Tenable webinars Tune in for product updates, demos, how-to advice, and Q&A. See all upcoming live and on-demand webinars at https://www.tenable.com/webinars. Customer office hours These are recurring ask-me-anything sessions for Tenable Security Center, Tenable Vulnerability Management, Tenable Cloud Security, Tenable Identity Exposure and Tenable OT Security. Time-zone-appropriate sessions are available for the Americas, Europe (including the Middle East and Africa and Asia Pacific (APJ). Learn more and register here. Tenable Research Research Security Operations blog posts Subscribe to the Research team blog posts here. The cloud and AI velocity trap: Why governance is falling behind innovation Dynamic objects in Active Directory: The stealthy threat New malicious npm package "ambar-src" targets developers with open-source malware Research release highlights Improvement: Handling component installs for vulnerability assessment: Adds the ability to remove findings for component-based vulnerabilities from scan results New Dell OS10 compliance plugin and audit files: Customers can now measure compliance against Dell OS10 devices with new plugin ID Dell OS10 Compliance Checks (275781) on Tenable Vulnerability Management and Nessus. Content coverage highlights More than 2,700 new published vulnerability plugins. Nearly 50 new audits delivered to customers. Read Tenable documentation.Now available: VM-Native OT Discovery
VM-Native OT Discovery introduces a powerful new asset discovery engine directly inside Tenable Vulnerability Management and Tenable Security Center. This allows you to identify and profile OT assets—including PLCs, HMIs, and IoT devices—using the VM tools you already own. Use a new "OT Recon" scan template to perform safe, protocol-aware active queries. No additional hardware or sensors are needed. Get started in minutes. Discovered assets count toward your existing license at a 1:1 ratio. Watch this 2-minute guided demo to see VM-Native Discovery in action. For more information, please refer to the user guides for Tenable Vulnerability Management (Discovery Settings, Scan Templates) and Tenable Security Center (Scan Policy Options). For continuous monitoring and access to a wide range of other advanced OT/CPS security capabilities, consider upgrading to Tenable OT Security to maximize the value of your Tenable One deployment.Introducing Tenable Security Center 6.8
Our latest release, Tenable Security Center 6.8, introduces several new features and enhancements to streamline your security operations: Focus on real risk: Stop chasing 60% of Common Vulnerabilities and Exposures (CVE) as High or Critical. Start focusing on the 3% of CVEs that truly matter. Enhanced VPR logic and new AI-powered insights explain why an exposure is significant and provide clear mitigation guidance based on regional and industry-specific threat actor behavior. Streamlined infrastructure: We’ve unified IPv4, IPv6, and Agent repositories into a single, flexible Asset Repository type to reduce administrative overhead and give you more freedom in how you bucket and analyze your data. You can now target any data, including agent, network scan, and passive data, into any repository. Asset grouping and customization: The Explore Assets page includes new "Group By" options for Microsoft ID, Network, System Type, and Asset Criticality Rating (ACR). Other enhancements to the Explore Assets page include the ability to edit ACR scores (available in Tenable Security Center Plus) directly in the Explore interface. You can also export findings and installed software for specific assets to a comma-separated values (CSV) file. Background queries: Start a query and keep working. Tenable Security Center now processes long-running asset searches in the background. Scan optimization: Prevent performance issues with new per-host timeouts that keep your scan schedules on track to prevent a single host from increasing overall scan time. Enhanced security: Use at-rest encryption for External PostgreSQL databases and expanded PAM integration for Delinea and BeyondTrust. Before you upgrade: Tenable Security Center 6.8 supports upgrades from version 6.4.0 and later. Please review the latest updates to Tenable Security Center hardware specifications in the release notes for optimal performance.
