Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Tenable Blog


A Look at the 5 Most Common Types of Cyberattacks

Learn more about the key threat vectors you will need to combat with vulnerability assessment tools and cybersecurity best practices.

The modern cybersecurity landscape is incredibly complex by any standard. Whether or not you are a cybersecurity professional, everyone can benefit from learning about the dangers you're most likely to face — and determine how security tactics like vulnerability assessment can help protect you. 

Read More

5 Ways to Protect Scanning Credentials for Windows Hosts

This is the second installment in our three-part series exploring how to use Tenable products to protect credentials used for network assessments. Here, we provide specific guidance for Microsoft Windows systems.

In my last post, I covered general best practices for protecting credentials when performing network assessments. When it comes to protecting credentials in a Microsoft Windows Active Directory environment, though, we have specific guidance.

Read More

4 Major Signs You Need to Focus on Network Vulnerabilities

Network vulnerabilities can manifest in many forms. It's critical that you remain on the lookout for some of their most notable signs and work to address them sooner rather than later.

There's no denying the severity of the threat posed by cyberattacks and breaches to organizations of all kinds, across both the public and private sectors: 

Read More

How to Protect Scanning Credentials: Overview

Running remote vulnerability scans of your network? This three-part blog series will equip you with tips on how to keep your scanning credentials safe.

Assessing systems remotely on a network has been a tried-and-true method of open-source and commercial vulnerability scanning since its inception over 20 years ago. External assessments like this are excellent for automatically testing visible network services and finding vulnerabilities or misconfigurations that may expose sensitive information.

Read More

How to Manage Your Nessus Software Updates

Learn how to take advantage of the newest features in Nessus 8.10 to get greater control over your Nessus experience. 

Manual or automated – that is the question. Nessus Professional 8.10 offers system administrators a bit of both.

From new update options that allow you to align Nessus updates with your risk stance to the ability to back up your license and customized settings, the latest features give you greater control of your Nessus experience. 

Read More

How to Protect Yourself from Software Vulnerabilities

Identifying software vulnerabilities is essential in protecting your business against cybersecurity threats. From ransomware to data heists, a wide range of attack types use software vulnerabilities as an entry point into IT configurations.

Dealing with security vulnerabilities requires identifying them in the first place. Before you can start to develop strategies for identifying weak points in your configuration, it's important to first assess the different types of weak points that commonly emerge and how you can stay on top of them.

Read More

Vulnerabilities in Cybersecurity: How to Reduce Your Risk

Configuration transparency is the key to dealing with vulnerabilities.

Vulnerabilities are unavoidable. In contemporary IT configurations, attackers have access to a wide range of entry points they can use to gain access to a network. What's more, you can't control all the attack vectors they may use to target you. 

Read More

What You Need to Know About Vulnerability Assessments

Vulnerability assessments are one of the best methods to take the pulse of your organization’s network security.

Consider for a moment the lifecycle of a vulnerability – of any size – in the security of the network infrastructure that your organization relies upon. If discovered by malicious online actors, they may choose to exploit it. They can implement everything from dedicated denials of service, which stun your organization's activities, to rootkits that allow more subtle, gradually destructive access. 

Read More

How to Know If Your Smart Home Is Vulnerable

Do you ever wonder if your smart home is vulnerable to cyber threats? As we place more and more connected devices in our homes to automate simple tasks that used to be done manually, we also place more and more risk for unwanted attackers to compromise our personal lives.

What if you had a way to find out whether there are vulnerabilities in your home systems that attackers can exploit?

Read More

What You Need to Know About Ethical Hacking

Ethical hacking, in which an organization uses the tools and practices of cyberattackers against their own systems, can be a valuable part of your cybersecurity strategy. 

Cybersecurity has been important, in some form or another, since the birth of the internet. In the early days, data breaches and hacks were relatively rare occurrences. But, now they are risks that impact all businesses, government agencies and nonprofit foundations. As a result, it's essential for all organizations to employ a variety of tactics to protect the integrity of their data and digital assets. 

Read More

5 Tips on How to Conduct a Vulnerability Assessment

So, your boss asked you to do a vulnerability assessment. You hardly remember anything about the topic from your security classes. Since it is about finding vulnerabilities in your infrastructure, it must be something like penetration testing…or is it?

Formally, vulnerability assessment is the process of identifying, classifying and prioritizing vulnerabilities in computer systems, applications and network infrastructures. It helps the organization doing the assessment understand the threats to its environment and react appropriately.

Read More

3 Reasons Why Your Business Is Vulnerable to Cyber Threats

Today’s cyber landscape changes in the blink of an eye. It’s critical to understand why your business is vulnerable – so you can take the right steps to protect it.

According to Ponemon Institute’s report, Measuring & Managing the Cyber Risks to Business Operations, 91% of surveyed organizations have suffered cyberattacks in the past 24 months. And 60% have experienced two or more business-disrupting cyber events in that same time period.  

Read More

How Vulnerability Scanning Is Used for Penetration Testing

By the time a data breach occurs, it may be too late to measure the effectiveness of your vulnerability management program. Penetration testing can help detect weaknesses – before threat actors do. Here’s how to get started.

Looking to proactively measure the effectiveness of your vulnerability management program? How can you assess the strengths and weaknesses of your program before a data breach occurs? 

Read More

How To: Run Your First Vulnerability Scan with Nessus

Get your Nessus vulnerability assessment tool up and running with these five easy steps.

With Nessus, you can gain full visibility into your network by conducting a vulnerability assessment. Read on as we guide you through the five steps to run your first Nessus scan. (If you have not yet installed Nessus, please click here to see the installation guide.) 

Read More

Nessus Home Is Now Nessus Essentials

We’ve given Nessus Home a refresh, and we’re excited to share with you the new and updated free vulnerability assessment solution, Nessus Essentials. 

As part of the Nessus family, Nessus Essentials is a free vulnerability assessment solution for up to 16 IPs that provides an entry point into the Tenable ecosystem. 

Read More

Ditch the Spreadsheet and Step Up Your Vulnerability Management Game

Moving from Nessus Pro to Tenable.sc or Tenable.io can easily help you mature your vulnerability management program. Here's what you need to know.

Does your vulnerability management workflow involve a spreadsheet at any point? If so, you’re doing it wrong. Well, maybe not wrong per se, but definitely inefficiently.

In my career, I’ve been both the recipient and the creator of some monster-sized vulnerability spreadsheets that triggered “whack-a-mole” remediation exercises. It can be daunting to determine not only what to fix, but in what order.

Read More

Apache Log4j Flaw Puts Third-Party Software in the Spotlight

Get the Details >

Are You Vulnerable to the Latest Exploits?

Enter your email to receive the latest cyber exposure alerts in your inbox.

Try Tenable.io


Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Sign up now.

Buy Tenable.io

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

65 assets

Choose Your Subscription Option:

Buy Now

Try Nessus Professional Free


Nessus® is the most comprehensive vulnerability scanner on the market today. Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.

Buy Nessus Professional

Nessus® is the most comprehensive vulnerability scanner on the market today. Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.

Buy a multi-year license and save. Add Advanced Support for access to phone, community and chat support 24 hours a day, 365 days a year.

Select Your License

Buy a multi-year license and save.

Add Support and Training

Try Tenable.io Web Application Scanning


Enjoy full access to our latest web application scanning offering designed for modern applications as part of the Tenable.io platform. Safely scan your entire online portfolio for vulnerabilities with a high degree of accuracy without heavy manual effort or disruption to critical web applications. Sign up now.

Buy Tenable.io Web Application Scanning

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.



Buy Now

Try Tenable.io Container Security


Enjoy full access to the only container security offering integrated into a vulnerability management platform. Monitor container images for vulnerabilities, malware and policy violations. Integrate with continuous integration and continuous deployment (CI/CD) systems to support DevOps practices, strengthen security and support enterprise policy compliance.

Buy Tenable.io Container Security

Tenable.io Container Security seamlessly and securely enables DevOps processes by providing visibility into the security of container images – including vulnerabilities, malware and policy violations – through integration with the build process.

Get a Demo of Tenable.sc

Please fill out the form below with your contact information and a sales representative will contact you shortly to schedule a demo. You may also include a short comment (limited to 255 characters). Please note that fields with asterisks (*) are mandatory.

Try Tenable Lumin


Visualize and explore your Cyber Exposure, track risk reduction over time and benchmark against your peers with Tenable Lumin.

Buy Tenable Lumin

Contact a Sales Representative to see how Lumin can help you gain insight across your entire organization and manage cyber risk.

Request a demo of Tenable.ot

Get the Operational Technology Security You Need.
Reduce the Risk You Don’t.


Continuously detect and respond to Active Directory attacks. No agents. No privileges. On-prem and in the cloud.