Tenable Research

The Leader in Vulnerability and Exposure Research

Tenable Research is the source of all Tenable solutions. By providing exposure intelligence, security advisories and alerts, data science insights and zero-day research, Tenable helps organizations secure their modern attack surface.

Kontakt

Research Alerts

Today's Landscape

CVE-2024-57727: CISA has issued an advisory for the targeting of unpatched instances of SimpleHelp RMM to exploit this flaw by ransomware actors since January 2025.
CVE-2025-23121: Veeam VBR is a frequent target for ransomware groups. While no exploitation has been observed for this CVE, we are monitoring this CVE for any signs of exploitation
CVE-2025-34511: Technical details have been released for this CVE. As such, immediate patching is recommended as threat actors are quick to implement new exploits into their attacks
CVE-2025-34510: Technical details have been released for this CVE. As such, immediate patching is recommended as threat actors are quick to implement new exploits into their attacks
CVE-2025-34509: Technical details have been released for this CVE. As such, immediate patching is recommended as threat actors are quick to implement new exploits into their attacks

Meet Tenable Research

Tenable Research develops detections for vulnerabilities and exposures across the modern attack surface supporting cloud, IT IoT, OT, web apps and identity assets. New detections are released within 24 hours of high profile issues.

View the Content Portal See Latest Plugins Pipeline

Tenable Research creates compliance audits against published standards and baselines (e.g. CIS Benchmarks, DISA STIGs) and across more than 25 security frameworks (e.g. HIPAA, NIST 800-53).

View the Audit Portal Download Audit Files

The Security Response Team (SRT) tracks the threat and vulnerability landscapes to provide critical analysis and inform rapid detection coverage across Tenable solutions.

See Latest Security Advisories

The team includes "white hat" researchers that analyze popular software platforms to proactively identify vulnerabilities and exposures to better protect customers.

See Latest Zero-Day Research

Tenable Research monitors the threat landscape and builds new attack techniques in support of Tenable Attack Path Analysis to uncover all potential attack paths that could impact organizations.

View Attack Path Techniques

Tenable Research develops asset identification and configuration audit plugins to identify operating systems, devices, applications and service identifications.

Search Plugins

The Tenable Research Alliance Program is an intelligence sharing initiative among leading technology organizations to help protect customers before attackers become aware of exposures through formal vendor announcements.

Learn About the Tenable Research Alliance Program

Forschungserkenntnisse

AI apps - getting pervasive

As of Aug '24, EMEA ranked first with 22% of AI-related scans resulting in a detection while in APAC it was about 5% and the Americas stood at 18% of scans.

Small organizations can easily see 100 detections while larger ones 30,000-plus a day!
Know your AI exposure

During a 75-day period between late June and early September, Tenable found over 9 million instances of AI applications on more than 1 million hosts

Check out our Tenable VM AI detections here
Tenable One Platform Research

900 Million for Identity, 400 Million for OT, 16 Billion for WAS - data points used by Tenable researchers to cover exposures across the Tenable One Platform
Did you know?

If a vulnerability is exploited / PoC exists, then that CVE is remediated 2.2x faster than those without known exploits, on average.

Critical CVEs are remediated 33% more than the average CVE in the first week of patch availability
Scheduled patch releases help

Microsoft Patch Tuesday vulnerabilities are remediated 30% faster, on average, than other vulnerabilities, and reach about a 50% remediation rate around 20 days after Patch Tuesday each month

Explore Research Resources

CISA Known Exploited Vulnerabilities (KEV) Coverage

Research Release
Highlights

Content
Portal

Plugins
Pipeline

Recent Publications

Forschung - Blog

June 17, 2025 GerriScary: Hacking the Supply Chain of Popular Google Products (ChromiumOS, Chromium, Bazel, Dart & More)

June 3, 2025 Abusing Client-Side Extensions (CSE): A Backdoor into Your AD Environment

May 28, 2025 Where Capability Meets Opportunity: Introducing the Tenable Research Special Operations Team

May 12, 2025 Detecting Remote Monitoring and Management Tools Used by Attackers

More Research Blogs

Learn More About Tenable

Karriere

Secure your spot @ Tenable Research

Explore

Awards

See why customers trust Tenable

Explore

Community

Learn, share, and contribute

Explore

Tenable Research

The Leader in Vulnerability and Exposure Research

Meet Tenable Research

Forschungserkenntnisse

AI apps - getting pervasive

Know your AI exposure

Tenable One Platform Research

Did you know?

Scheduled patch releases help

Explore Research Resources

CISA Known Exploited Vulnerabilities (KEV) Coverage

Research Release Highlights

Content Portal

Plugins Pipeline

Recent Publications

Forschung - Blog

Cyber Exposure-Warnmeldungen

Webinare und Reports

Tenable Research @ Medium

Learn More About Tenable

Karriere

Awards

Community

Tenable Vulnerability Management

Tenable Vulnerability Management

Vielen Dank

Tenable Vulnerability Management

Tenable Vulnerability Management

Vielen Dank

Tenable Vulnerability Management

Tenable Vulnerability Management

Vielen Dank

Tenable Web App Scanning testen

Tenable Web App Scanning kaufen

Vielen Dank

Demo von Tenable Security Center anfordern

Demo von Tenable OT Security anfordern

Demo anfordern

Demo von Tenable Cloud Security anfordern

Erleben Sie Tenable One in Aktion

Erleben Sie Tenable Attack Surface Management in Aktion

Demo von Tenable Enclave Security anfordern

Vielen Dank

Testen Sie Tenable Nessus Professional kostenlos

NEU - Tenable Nessus Expert Jetzt verfügbar

Tenable Nessus Professional kaufen

Testen Sie Tenable Nessus Expert kostenlos

Tenable Nessus Expert kaufen

Learn How Tenable Helps Achieve SLCGP Cybersecurity Plan Requirements

Demo von Tenable Patch Management anfordern

Research Release
Highlights

Content
Portal

Plugins
Pipeline

Erleben Sie
Tenable One
in Aktion

NEU - Tenable Nessus Expert
Jetzt verfügbar