December 4, 2025

6 Min Read

Tenable Cloud Security delivers critical capabilities to unify security across your entire attack surface. Our latest enhancements let you extend your on-prem vulnerability management program to the cloud; gain granular visibility into external access risk; and discover Snowflake sensitive data.

Organizations are running workloads across hybrid environments — on-prem systems, cloud services, and containers. Yet fragmented visibility and endless alerts make it hard to see real risk. Tenable’s latest updates give teams actionable visibility, context, and control across the entire attack surface — starting with today’s cloud needs while paving the way for broader exposure management tomorrow. 

Built on Tenable’s market-leading approach to exposure assessment, these cloud security enhancements help teams continuously spot, prioritize, and reduce exposure across all environments.
 

Tenable Cloud Vulnerability Management: Extending your vulnerability management to the cloud

If you’ve built a mature on-prem vulnerability management program, you know the drill: asset discovery, vulnerability prioritization, and actionable reporting. What’s changed is the attack surface. Cloud workloads, containers, and ephemeral resources often remain invisible to traditional VM tools, creating blind spots.

Tenable Cloud Vulnerability Management extends your on-prem vulnerability management program into the cloud, giving you agentless visibility and prioritized remediation in a unified view. This means you can secure hybrid workloads with the same confidence as your on-prem environments – and uncover hidden risks, like a critical EC2 vulnerability whose public exposure through a misconfigured security group turns it into a real attack path.
 

^{Traditional VM tools often stop at CVEs but Tenable Cloud Vulnerability Management integrates vulnerability management into a broader exposure strategy. This dashboard shows unified vulnerability risk visibility across on-prem, cloud, and hybrid environments.}

Why it matters for you

• Maintain workflow continuity for on-prem vulnerability management teams
• Eliminate blind spots across multi-cloud and hybrid workloads
• Lay a foundation for future exposure management

Sharper cloud insights with an enhanced console

Visibility isn’t useful unless you can act on it quickly. This month’s console enhancements make cloud risk easier to read, measure, and explain.

• New findings widgets: Track trends, MTTR, and response efficiency at a glance. These widgets turn raw vulnerability data into actionable insights, helping teams prioritize risk and measure progress.
• Smarter, customizable dashboards. Apply filters, compare environments side by side, and reuse widgets to explore different slices of risk. For example, seeing AWS, Azure, and GCP severity trends in one view helps align remediation and communicate multi-cloud posture quickly.
• Bulk resource labeling: Tag dozens or hundreds of cloud resources in seconds, such as all production EC2 instances. This streamlines filtering, reporting, and operational efficiency, providing a cleaner, more actionable inventory.
   

^{New findings widgets track trends, MTTR, and response efficiency at a glance, turning raw vulnerability data into actionable insights}

Data, workload and identity updates

This month’s updates surface high-risk exposures and deliver more actionable cloud security insights while reducing noise.

• Snowflake sensitive data-scanning: Tenable Cloud Security now reduces your exposure across this popular cloud data platform. Automatically discover and classify sensitive data, see where it resides, and assess whether it’s exposed.
• Noise-free Linux vulnerability detection: Getting rid of the noise improves team focus. This enhancement filters out unused kernel versions left after upgrades, reducing false positives to keep the focus on real risk.
• Identity and access management (IAM) visibility across AWS and Azure: Instantly identify over-permissioned or externally exposed identities and reduce risk before it’s exploited

Guided use cases: Solve real problems, fast

Tenable’s guided use cases help you address urgent cloud security challenges and build an exposure management foundation. This month, we’ve added two high-impact packages:

• Enforce Least Privilege Across Cloud Identities. Quickly uncover excessive permissions, rightsize policies with confidence, and stop identity-based lateral movement before it starts.
• Mitigate the Blast Radius of Vulnerabilities. Identify which vulnerabilities matter by seeing their exploitability, the assets they impact, and the identities that can reach them.

Each use case package includes a focused solution brief, a guided implementation demo, and a golden demo, which is a ready-to-run, pre-configured, best-practice deployment you can model your secure cloud program on.

^{Example of a guided workflow that shows how Tenable helps identify and reduce excessive permissions across cloud identities – achieving least privilege.}

Insight you can act on

Tenable combines deep cloud research with practical exposure management. Recognized in 2025 by Gartner, Forrester, IDC and Latio for its leadership and vision in exposure management across hybrid environments, our insights help teams stay ahead of evolving threats.

Tenable Research findings feed directly into the Tenable One Exposure Management Platform, improving detection and prioritization for stronger workload security. In November, we continued our focus on AI security, uncovering seven novel AI vulnerabilities in ChatGPT.

Frequently Asked Questions

1. What is Tenable Cloud Vulnerability Management and why does it matter?
   Tenable Cloud Vulnerability Management brings your on-prem vulnerability management program into cloud and hybrid workloads, providing agentless visibility, unified risk assessment, and actionable remediation. It eliminates blind spots, links vulnerabilities to exposure and identity risks, and helps teams act faster, giving clarity today and a path toward broader exposure management.
2. What console features help teams act on findings?
   Tenable Cloud Security’s console provides findings insights features and granularity designed to help teams act quickly on security issues; these include:
   • Actionable dashboards: Instant visibility into open and critical finding statuses
   • Trend tracking: Changes in the type and severity of findings over time
   • Resolution metrics: Key operational data like Mean Time to Resolution (MTTR) and detailed resolution status
3. How do guided use cases help?
   Each package includes a golden demo, guided demo, and solution brief to tackle real-world cloud security challenges immediately.
4. Other updates to know:
   Sensitive data scanning for Snowflake, noise-free Linux vulnerability detection, and IAM access visibility across AWS and Azure.

Learn more:

• Tenable Cloud Vulnerability Management
• What is CTEM?
• Insight Brief: AI Adoption Outplaces Security