Cloud Sensors

By default, Tenable provides regional cloud sensors for use in Tenable Attack Surface Management.

The following table identifies each regional cloud sensor and, for allowlist purposes, its IP address ranges. These IP address ranges are exclusive to Tenable.

Tenable Attack Surface Management uses these IP addresses to scan your attack surface, including port scans, webservice scans, and external TLS/SSL certificate checks. Allowing or blocking Tenable Attack Surface Management IP addresses can distort the perceived public attack surface, leading to inaccuracies.

• Example 1 (Allowed IPs): If you have private assets (not publicly visible) and you allow Tenable Attack Surface Management IPs, these assets may appear in Tenable Attack Surface Management as part of your attack surface, even though they are not truly public.

• Example 2 (Blocked IPs): If you have public assets, and you block Tenable Attack Surface Management IPs, these assets, which are legitimately part of your attack surface, may be overlooked and remain vulnerable to exploitation.

Tip: The cloud sensor and IP address information contained in the table below is also provided in JSON format for users that want to parse the data programmatically.

For Cloud IPs associated with Tenable Vulnerability Management or Tenable Web App Scanning, see Cloud Sensors in the Tenable Vulnerability Management User Guide.