Tenable Attack Surface Management Licensing

This topic breaks down the licensing process for Tenable Attack Surface Management as a standalone product. It also explains how assets are counted and describes what happens during license overages or expirations. To learn how to use Tenable Attack Surface Management, see the Tenable Attack Surface Management User Guide.

Tenable Attack Surface Management Versions

You can purchase Tenable Attack Surface Management in two versions:

  • Tenable Attack Surface Management Fortnightly Frequency

  • Tenable Attack Surface Management Daily Frequency

Licensing Tenable Attack Surface Management

To use any version of Tenable Attack Surface Management, you purchase licenses based on your organizational needs and environmental details. Tenable Attack Surface Management then assigns those licenses to your assets: observable objects, which include domain names, subdomains, or IP addresses for internet-connected or internal network devices.

Tip: An observable object is a unique quadruple of DNS record name, DNS record type, DNS record value, and IP address.

When your environment expands, so does your asset count, so you purchase more licenses to account for the change. Tenable licenses use progressive pricing, so the more you purchase, the lower the per-unit price. For prices, contact your Tenable representative.

Note: Tenable offers simplified pricing to managed security service providers (MSSPs). To learn more, contact your Tenable representative.

Note: When you purchase a Tenable Attack Surface Management license, inventory is set to 10% of the purchase limit by default. You can increase this limit on the Inventory Settings page. For more information, see Inventory Settings.

How Assets are Counted

All assets in all inventories are counted towards your license, except archived assets.

Reclaiming Licenses

Tenable Attack Surface Management's license count updates daily. The license count updates when you archive individual assets or remove asset sources—and it also updates when assets age out. Removed assets are only counted when restored.

Note: By default, Tenable Attack Surface Management watches a non-responsive asset for 60 days before removing it from the inventory. To customize this number, contact Tenable support.

Exceeding the License Limit

In Tenable Attack Surface Management, when your asset count exceeds your license limit, Tenable clearly communicates the overage as follows.

Scenario Result
You add a source that is greater than your inventory limit. A message appears in the Source column: “We could not add all of the subdomains for this domain because your inventory is full.
You reach your inventory asset limit. When you click the inventory, a message appears: “You have reached your limit of # assets. Please contact us to increase your limit.
You reach your business limit, which is related to your licensed asset purchase. A message appears in Tenable Attack Surface Management: “Business Asset limit reached. Please contact support to increase the Business Asset limit.

Expired Licenses

The Tenable Attack Surface Management licenses you purchase are valid for the length of your contract. 30 days before your license expires, a warning appears in the user interface. During this renewal period, work with your Tenable representative to add or remove products or change your license count.

After your license expires, you can no longer sign in to the Tenable platform.