Welcome to Tenable Vulnerability Management

Last updated: April 22, 2024

Tenable Vulnerability Management® (formerly known as Tenable.io) allows security and audit teams to share multiple Tenable Nessus, Tenable Nessus Agent, and Tenable Nessus Network Monitor scanners, scan schedules, scan policies, and scan results among an unlimited set of users or groups.

Note: Tenable Vulnerability Management can be purchased alone or as part of the Tenable One package. For more information, see Tenable One.

Tip: The Tenable Vulnerability Management User Guide is available in English and Japanese. The Tenable Vulnerability Management user interface is available in English, Japanese, and French. To switch the user interface language, see Language.

For additional information on Tenable Vulnerability Management, review the following customer education materials:

Tenable One Exposure Management Platform

Tenable One is an Exposure Management Platform to help organizations gain visibility across the modern attack surface, focus efforts to prevent likely attacks and accurately communicate cyber risk to support optimal business performance.

The platform combines the broadest vulnerability coverage spanning IT assets, cloud resources, containers, web apps, and identity systems, builds on the speed and breadth of vulnerability coverage from Tenable Research, and adds comprehensive analytics to prioritize actions and communicate cyber risk. Tenable One allows organizations to:

  •     Gain comprehensive visibility across the modern attack surface
  •     Anticipate threats and prioritize efforts to prevent attacks
  •     Communicate cyber risk to make better decisions

Tenable Vulnerability Management exists as a standalone product, or can be purchased as part of the Tenable One Exposure Management platform.

Tip: For additional information on getting started with Tenable One products, check out the Tenable One Deployment Guide.

For an overview of Tenable One, see the following video:

Tenable Vulnerability Management

Get Started with Tenable Vulnerability Management

By making different resources available for sharing among users and groups, Tenable Vulnerability Management provides endless possibilities for creating customized workflows for vulnerability management programs, regardless of any of the numerous regulatory or compliance drivers that demand keeping your business secure.

Tenable Vulnerability Management can schedule scans, push policies, view scan findings, and control multiple Tenable Nessus scanners from the cloud. This enables the deployment of Tenable Nessus scanners throughout networks to both public and private clouds as well as multiple physical locations.

For a demonstration on getting started with Tenable Vulnerability Management, see the following video:

Tenable Lumin

Get Started with Tenable Lumin

The following feature is not supported in Tenable FedRAMP Moderate environments. For more information, see the Tenable FedRAMP Moderate Product Offering.

Tenable Lumin features augment Tenable Vulnerability Management data. Use Tenable Lumin to quickly and accurately assess your exposure risk and compare your health and remediation performance to other Tenable customers in your Salesforce industry and the larger population.

Tenable Lumin correlates raw vulnerability data with asset business criticality and threat context data to support faster, more targeted analysis workflows than traditional vulnerability management tools.

Tenable Web App Scanning

Tenable Web App Scanning offers significant improvements over the existing Web Application Tests policy template provided by the Tenable Nessus scanner, which is incompatible with modern web applications that rely on Javascript and are built on HTML5. This leaves you with an incomplete understanding of your web application security posture.

Tenable Web App Scanning provides comprehensive vulnerability scanning for modern web applications. Tenable Web App Scanning's accurate vulnerability coverage minimizes false positives and false negatives, ensuring that security teams understand the true security risks in their web applications. The product offers safe external scanning that ensures production web applications are not disrupted or delayed, including those built using HTML5 and AJAX frameworks.

Tenable Container Security

The following feature is not supported in Tenable FedRAMP Moderate environments. For more information, see the Tenable FedRAMP Moderate Product Offering.

Tenble Container Security stores and scans container images as the images are built, before production. It provides vulnerability and malware detection, along with continuous monitoring of container images. By integrating with the continuous integration and continuous deployment (CI/CD) systems that build container images, Tenable Container Security ensures every container reaching production is secure and compliant with enterprise policy.

For a demonstration on getting started with Tenable Container Security, see the following video:

Tenable Vulnerability Management API

See the API

The Tenable Vulnerability Management API can be leveraged to develop your own applications using various features of the Tenable Vulnerability Management platform, including scanning, creating policies, and user management.