Tenable One

FAQs

What is Tenable One?

Tenable One is an Exposure Management Platform to help organizations gain visibility across the modern attack surface, focus efforts to prevent likely attacks and accurately communicate cyber risk to support optimal business performance.

The platform combines the broadest vulnerability coverage spanning IT, OT and IoT assets, cloud resources, containers, web apps and identity systems, builds on the speed and breadth of vulnerability coverage from Tenable Research and adds comprehensive analytics to prioritize actions and communicate cyber risk. Tenable One allows organizations to:

• Gain comprehensive visibility across the modern attack surface
• Anticipate threats and prioritize efforts to prevent attacks
• Communicate cyber risk to make better decisions

Which Tenable products are included in Tenable One?

Tenable One includes the following Tenable products. The full functionality of each of these products is included in Tenable One.

• Tenable Vulnerability Management
• Tenable Web App Scanning
• Tenable Cloud Security
• Tenable Identity Exposure
• Tenable OT Security
• Tenable Attack Surface Management
• Tenable One Connectors

Which capabilities are included in Tenable One?

Capabilities include:

• Exposure View: Enables focused security efforts through clear, concise insight into your organization’s security exposure answering such critical questions as “how secure are we” and “where do we stand in our preventative and mitigation efforts?” “how are we doing over time?” and “what are the key events?”
• Unified Dashboards: Powered by native and third-party data, Tenable One dashboards give security teams deep, actionable insights into exposure across the entire attack surface. With pre-built and customizable dashboards, security teams can analyze risk, drill into key metrics, track progress over time, and clearly communicate insights to stakeholders—driving better decisions and stronger security outcomes.
• Tag Performance: Addresses which tags make up an exposure card and how much that group of assets contributes to a given exposure score.
• Attack Path Analysis: With more than 150 supported attack techniques, Attack Path Analysis gives security practitioners a glimpse into the attacker mindset. It continuously monitors gaps across endpoint, identity and cloud to proactively visualize attack paths and mitigate high-risk exposures. It performs this function by mapping critical risks to the MITRE ATT&CK framework to visualize all viable attack paths continuously — both on-prem and in the cloud.
• Exposure Signals: A cross domain prioritization capability to identify toxic combinations of vulnerabilities, identities, threats, installed software and assets that amplify organizational risk. By fusing Tenable’s sensor data with risk-scoring metrics and asset context (e.g., criticality, ownership), organizations can surface high-exposure scenarios that require immediate remediation.
• Inventory: Centralized view of all assets, weaknesses and tags, including IT, OT, IoT, cloud, identities and web apps, with the ability to create specific asset tags from a variety of sources.
• External Attack Surface Management (EASM): Provides insight into the external attack surface, empowering your organization to identify and reduce risks from the attacker’s perspective.
• Custom Exposure Cards: Enables concise, flexible communication of specific security insights.
• News: Integration with Tenable Research blogs allow for creation of custom exposure cards that reflect cyber security developments.
• Tenable One Connectors: Bring in data from top vendors across vulnerability management, application security, cloud security, endpoint security, OT security, and asset inventory and management -providing a fully unified, contextual view of risk across the entire attack surface.

How does Tenable leverage AI across its exposure management platform?

Tenable's use of AI (generative artificial intelligence, deep learning, AI and machine learning) for exposure management empowers security teams to make informed decisions, ultimately enhancing cybersecurity prioritization, resilience and reduces the burden on security professionals by democratizing access to advanced threat analysis and mitigation guidance.

• Generative AI Assistant: Tenable’s ExposureAI leverages generative AI and deep learning to accelerate analysis, simplify insights, and drive faster, more effective security decisions—empowering organizations to proactively manage and reduce their cyber exposure.

• Exposure Prioritization: Tenable uses patented machine learning models for advanced prioritization, including vulnerability priority rating (VPR), OS prediction from network data, and predictive scoring for assets, helping teams focus on a small percentage of vulnerabilities most likely to be exploited, improving remediation effectiveness.

• AI Risk Visibility & Management: Tenable AI Aware is a proactive solution that gives security teams visibility into AI usage and development within their environments, helping them detect unauthorized AI usage, surface vulnerabilities, and manage AI-related risks across the enterprise.

• Securing AI Workloads in the Cloud: Tenable’s AI Security Posture Management (AI-SPM) helps organizations identify and fix risks in AI workloads across cloud environments, ensuring secure configuration, governance, and visibility of AI resources.

What types of third-party connectors are available in Tenable One?

Tenable One offers a broad range of 3rd party connectors across vulnerability management, application security, cloud security, endpoint security, OT security, and asset inventory and management. We're continuously expanding our ecosystem by adding more connectors and supporting new security categories. Explore all connectors.

How does Tenable One manage third-party data?

All data ingested into Tenable One is fed into our exposure data lake, where it is combined with Tenable sensor data and native exposure intelligence. Our AI-driven ingestion engine then correlates, normalizes, and deduplicates the data, ensuring you are left with a clean and accurate view of risk. This creates a consistent, structured semantic layer, reducing manual intervention and enhancing data accuracy, context, and usability.

Are there other options available for Tenable One?

Yes, add-on SKUs are available for additional cloud scanners for WAS, Tenable Just in Time (JIT) and Identity Exposure On-Prem.

Is Tenable One cloud-based?

Yes, Tenable One is mainly a cloud-based solution. However, customers can deploy their vulnerability management assets in the cloud with Tenable Vulnerability Management and/or on-premises with Tenable Security Center Plus.