Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Tenable research

The leader in vulnerability and exposure research

Tenable Research is the source of all Tenable solutions. By providing exposure intelligence, security advisories and alerts, data science insights and zero-day research, Tenable helps organizations secure their modern attack surface.

Contact us

Research alerts

critical vulnerability of interest
CVE-2025-55182: This unauthenticated remote code execution flaw in React has been exploited in the wild and multiple exploit scripts have been made public. Immediate patching is required.
critical vulnerability being monitored
CVE-2025-59719: Fortinet devices are often exploited by malicious actors. While no exploitation has been observed, these flaws are rated as critical and should be patched immediately.
critical vulnerability being monitored
CVE-2025-59718: Fortinet devices are often exploited by malicious actors. While no exploitation has been observed, these flaws are rated as critical and should be patched immediately.
critical vulnerability being monitored
CVE-2025-10573: This cross-site scripting flaw was given the highest CVSS score of 10. Immediate patching is recommended to protect against this vulnerability.
high vulnerability being monitored
CVE-2025-66516: This XXE flaw affecting Apache Tika has received the highest CVSS score of 10.0. While no exploitation has been observed, immediate patching is recommended.

Meet Tenable research

Vulnerability intelligence

Tenable Research develops detections for vulnerabilities and exposures across the modern attack surface supporting cloud, IT IoT, OT, web apps and identity assets. New detections are released within 24 hours of high profile issues.

View the content psortal See latest plugins pipeline

Audits & compliance

Tenable Research creates compliance audits against published standards and baselines (e.g. CIS Benchmarks, DISA STIGs) and across more than 25 security frameworks (e.g. HIPAA, NIST 800-53).

View the audit portal Download audit files

Security response

The Security Response Team (SRT) tracks the threat and vulnerability landscapes to provide critical analysis and inform rapid detection coverage across Tenable solutions.

See latest security advisories

Zero-Day research

The team includes "white hat" researchers that analyze popular software platforms to proactively identify vulnerabilities and exposures to better protect customers.

See latest zero-day research

Attack path research

Tenable Research monitors the threat landscape and builds new attack techniques in support of Tenable Attack Path Analysis to uncover all potential attack paths that could impact organizations.

View attack path techniques

Asset management

Tenable Research develops asset identification and configuration audit plugins to identify operating systems, devices, applications and service identifications.

Search plugins

Tenable research alliance

The Tenable Research Alliance Program is an intelligence sharing initiative among leading technology organizations to help protect customers before attackers become aware of exposures through formal vendor announcements.

Learn about the tenable research alliance program
Tenable One

Tenable Research develops detections for vulnerabilities and exposures across the modern attack surface supporting cloud, IT IoT, OT, web apps and identity assets. New detections are released within 24 hours of high profile issues.

View the content portal See latest plugins pipeline
Tenable One

Tenable Research creates compliance audits against published standards and baselines (e.g. CIS Benchmarks, DISA STIGs) and across more than 25 security frameworks (e.g. HIPAA, NIST 800-53).

View the audit portal Download audit files
Tenable One

The Security Response Team (SRT) tracks the threat and vulnerability landscapes to provide critical analysis and inform rapid detection coverage across Tenable solutions.

See latest security advisories
Tenable One

The team includes "white hat" researchers that analyze popular software platforms to proactively identify vulnerabilities and exposures to better protect customers.

See latest zero-day research
Tenable One

Tenable Research monitors the threat landscape and builds new attack techniques in support of Tenable Attack Path Analysis to uncover all potential attack paths that could impact organizations.

View attack path techniques
Tenable One

Tenable Research develops asset identification and configuration audit plugins to identify operating systems, devices, applications and service identifications.

Search plugins
Tenable One

The Tenable Research Alliance Program is an intelligence sharing initiative among leading technology organizations to help protect customers before attackers become aware of exposures through formal vendor announcements.

Learn about the tenable research alliance program

Research insights

AI apps - getting pervasive


As of Aug '24, EMEA ranked first with 22% of AI-related scans resulting in a detection while in APAC it was about 5% and the Americas stood at 18% of scans.

Small organizations can easily see 100 detections while larger ones 30,000-plus a day!

Know your AI exposure


During a 75-day period between late June and early September, Tenable found over 9 million instances of AI applications on more than 1 million hosts

Check out our Tenable VM AI detections here

Tenable One Platform Research

900 Million for Identity, 400 Million for OT, 16 Billion for WAS - data points used by Tenable researchers to cover exposures across the Tenable One Platform

Did you know?

If a vulnerability is exploited / PoC exists, then that CVE is remediated 2.2x faster than those without known exploits, on average.

Critical CVEs are remediated 33% more than the average CVE in the first week of patch availability

Scheduled patch releases help



Microsoft Patch Tuesday vulnerabilities are remediated 30% faster, on average, than other vulnerabilities, and reach about a 50% remediation rate around 20 days after Patch Tuesday each month

Explore research resources

CISA known exploited vulnerabilities (KEV) coverage

Research release highlights

Content portal

Plugins pipeline

Recent publications

Research blog

December 11, 2025

Microsoft Copilot Studio Security Risk: How Simple Prompt Injection Leaked Credit Cards and Booked a $0 Trip
December 1, 2025

Agentic AI Security: Keep Your Cyber Hygiene Failures from Becoming a Global Breach
December 1, 2025

A Practical Defense Against AI-led Attacks
November 19, 2025

Active Directory Trust Misclassification: Why Old Trusts Look Like Insecure External Trusts
More research blogs

Research special operations

December 10, 2025

Microsoft Patch Tuesday 2025 Year in Review
December 9, 2025

Microsoft’s December 2025 Patch Tuesday Addresses 56 CVEs (CVE-2025-62221)

December 3, 2025

CVE-2025-55182: Frequently Asked Questions About React2Shell: React Server Components Remote Code Execution Vulnerability
November 24, 2025

FAQ About Sha1-Hulud 2.0: The "Second Coming" of the npm Supply-Chain Campaign
More research special operations

Webinars and reports

Report: Tenable Cloud Risk Report 2024

Report: Auditing Pimcore Enterprise Platform

Report: 2024 Cloud Security Outlook - Navigating Barriers and Setting Priorities

Webinar: Tenable Cloud Security Outlook 2024

Report: How Generative AI Is Changing Security Research

Tenable 2022 Threat Landscape Report

Report: Managing Risk in the Metaverse

Report: Router Vulnerability Present for a Decade - Why IoT Supply Chain Is to Blame

Tenable Research @ Medium

CVE-2024–8182 : Accidental Discovery of an Unauthenticated DoS

While reviewing some LLM related products with the team, we came across FlowiseAI.FlowiseAI is an open-source tool for building conversational AI appl…Joshua Martinelle
September 13, 2024

IoT firmware emulation and device fingerprinting challenges

Gathering information on a device could be tricky if you don’t have direct access to exposed services like SNMP, HTTP, FTP, or any other ports or pr…Gabriel Compan
August 6, 2024

Using conflicting objects in Active Directory to gain privileges

SummaryActive Directory (AD) uses a multi-master replication model to have a decentralized infrastructure. As long as one domain controller (DC) is up…Antoine Cauchois
July 31, 2024

Solidus — Code Review

Solidus — Code ReviewAs a Research Engineer at Tenable, we have several periods during the year to work on a subject of our choice, as long as …Joshua Martinelle
June 10, 2024

Stealthy Persistence with “Directory Synchronization Accounts” Role in Entra ID

SummaryThe “Directory Synchronization Accounts” Entra role is very powerful (allowing privilege escalation to the Global Administrator role) while…Clément Notin [Tenable]
June 3, 2024

WordPress : From vulnerability identification to compromising

WordPress Core is the most popular web Content Management System (CMS). This free and open-source CMS written in PHP allows developers to develop web …Joshua Martinelle
May 29, 2024

Another Path to Exploiting CVE-2024-1212 in Progress Kemp LoadMaster

IntroRhino Labs discovered a pre-authentication command injection vulnerability in the Progress Kemp LoadMaster. LoadMaster is a load balancer product…Ben Smith
April 2, 2024

Stealthy Persistence & PrivEsc in Entra ID by using the Federated Auth Secondary Token-signing Cert.

Exploiting Entra ID for Stealthier Persistence and Privilege Escalation using the Federated Authentication’s Secondary Token-signing CertificateSumm…Clément Notin [Tenable]
January 31, 2024

Learn more about Tenable

Careers

Secure your spot
@ Tenable Research

Explore

Awards

See why customers
trust Tenable

Explore

Community

Learn, share, and
contribute

Explore
Try for free Buy now

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy.

Your Tenable Vulnerability Management trial also includes Tenable Web App Scanning.

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

100 assets

Choose your subscription option:

Buy Now
Try for free Buy now

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy.

Your Tenable Vulnerability Management trial also includes Tenable Web App Scanning.

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

100 assets

Choose your subscription option:

Buy Now
Try for free Buy now

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy.

Your Tenable Vulnerability Management trial also includes Tenable Web App Scanning.

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

100 assets

Choose your subscription option:

Buy Now
Try for free Buy now

Try Tenable Web App Scanning

Enjoy full access to our latest web application scanning offering designed for modern applications as part of the Tenable One Exposure Management platform. Safely scan your entire online portfolio for vulnerabilities with a high degree of accuracy without heavy manual effort or disruption to critical web applications. Sign up now.

Your Tenable Web App Scanning trial also includes Tenable Vulnerability Management.

Buy Tenable Web App Scanning

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

5 FQDNs

$3,578

Buy Now

Request a demo

Tenable Security Center

Identify and prioritize vulnerabilities based on risk to your business. Managed on premises.

Request a demo

Tenable OT Security

Close OT exposure with the unified security solution for converged OT/IT environments.

Request a demo

Tenable Identity Exposure

Close identity exposure with the essential solution for the identity-intelligent enterprise.

Request a demo

Tenable Cloud Security

Close cloud exposure with the actionable cloud security platform.

Request a demo

Tenable One

The world’s leading AI-powered exposure management platform.

Request a demo

Tenable AI Exposure

See, secure, and manage how your teams use AI platforms.

Request a demo

Tenable Attack Surface Management

Gain visibility into your internet-connected assets to eliminate blind spots and unknown sources of risk.

Request a demo

Tenable Enclave Security

Know, expose and close IT and container vulnerabilities.

Try for free Buy now

Try Tenable Nessus Professional free

Tenable Nessus is the most comprehensive vulnerability scanner on the market today.

Fill out the form below to continue with a Nessus Pro trial.

Buy Tenable Nessus Professional

Tenable Nessus is the most comprehensive vulnerability scanner on the market today. Tenable Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.

Buy a multi-year license and save. Add Advanced Support for access to phone, community and chat support 24 hours a day, 365 days a year.

Select your license

Buy a multi-year license and save.

Add support and training
Buy Now
Renew an existing license Find a reseller
Try for free Buy now

Try Tenable Nessus Professional free

Tenable Nessus is the most comprehensive vulnerability scanner on the market today.

Fill out the form below to continue with a Nessus Pro trial.

Buy Nessus Pro

Adopt the gold standard in vulnerability assessment to find and fix security gaps across your IT environment.

1 year license
$365.83
per month
Buy now for $4,390
Renew a license Find a reseller or distributor
  • Real-time vulnerability updates
  • Unlimited vulnerability scanning
  • Pre-built policies for configuration & compliance audits
  • Vulnerability scoring for prioritization
  • Configurable reports
  • Flexible deployment
Choose multi-year license and save
Save with 2 years
$8,560.50
Buy now
Save with 3 years
$12,511.50
Buy now
Try for free Buy now

Try Tenable Nessus Expert free

Built for the modern attack surface, Nessus Expert enables you to see more and protect your organization from vulnerabilities from IT to the cloud.

Already have Tenable Nessus Professional?
Upgrade to Nessus Expert free for 7 days.

Buy Tenable Nessus Expert

Built for the modern attack surface, Nessus Expert enables you to see more and protect your organization from vulnerabilities from IT to the cloud.

Select your license

Buy a multi-year license and save more.

Add support and training
Buy Now
Renew an existing license Find a reseller
Try for free Buy now

Try Tenable Nessus Expert free

Built for the modern attack surface, Nessus Expert enables you to see more and protect your organization from vulnerabilities from IT to the cloud.

Already have Tenable Nessus Professional?
Upgrade to Nessus Expert free for 7 days.

Buy Nessus Expert

Expand your vulnerability assessment with advanced functionality that includes web app scanning and external attack surface discovery scanning.

1 year license
$532.50
per month
Buy now for $6,390
Renew a license Find a reseller or distributor
  • Real-time vulnerability updates
  • Unlimited vulnerability scanning
  • Web app scanning (5 FQDNs)
  • External attack surface discovery scanning (5 domains)
  • Pre-built policies for configuration & compliance audits
  • Vulnerability scoring for prioritization
  • Configurable reports
  • Flexible deployment
Choose multi-year license and save
Save with 2 years
$12,460.50
Buy now
Save with 3 years
$18,211.50
Buy now
Request a demo

Tenable Patch Management

Streamline security and IT collaboration and shorten the mean time to remediate with automation.

× Contact our sales team

Contact a sales representative