Tenable Cloud Security Features

Access pre-built and custom reports and dashboards.

Creates new or streamlines existing workflows to better handle IT support tickets and service.

Provides Administration tools/console that are easy to use and learn for routine maintenance tasks

Allows users to create, edit, and relinquish user access privileges.

Provides required reports to manage business. Provides adequate logging to troubleshoot and support auditing.

Application Programming Interface - Specification for how the application communicates with other software. API's typically enable integration of data, logic, objects, etc. with other software applications.

Constantly monitors acivity related to user behavior and compares activity to benchmarked patterns.

Stores data securely either on premise or in an adjacent cloud database to prevent loss of data at rest.

Analyzes data associated with security configurations and infrastructure to provide vulnerability insights and best practices.

Analyzes data associated with denied entries and policy enforcement, giving information of better authentication and security protocols.

Monitors data quality and sends alerts based on violations or misuse.

Constantly monitors acivity related to user behavior and compares activity to benchmarked patterns.

Stores data securely either on premise or in an adjacent cloud database to prevent loss of data at rest.

Analyzes data associated with denied entries and policy enforcement, giving information of better authentication and security protocols.

Monitors data quality and send alerts based on violations or misuse.

Identifies potential network security risks, vulnerabilities, and compliance impacts.

Creates reports outlining log activity and relevant metrics.

Allows users to create, edit, and relinquish user access privileges.

Ensures user access management, data lineage, and data encryption.

Supports compliance with PII, GDPR, HIPPA, PCI, and other regulatory standards.

Allows administrators to set policies for security and data governance.

Analyzes data associated with web traffic and site performance to provide vulnerability insights and best practices.

Creates new or streamlines existing workflows to better handle IT support tickets and service.

Documents access and alterations of the database for analytics and reporting.

Unveils data connected to infrastructure and applications used to help manage and maintain compliance within complex IT systems.

Supports LDAP Protocol to enable access control and governance.

Creates access requirements and standards and establishes user, roles, and access rights.

Allows administrators to approve or reject access changes to using defined workflows.

Automates provisioning and deprovisioning to reduce the amount of administrative manual work.

Reduces manual administrative work.

Manages identity information from on-premise and cloud applications.

Automatically allows access if users meet policy requirements.

Streamline the flow of work processes by establishing triggers and alerts that notify and route information to the appropriate people when their action is required within the compensation process.

Integrates additional security tools to automate security and incident response processes.

Allows users to track and control activity across cloud services and providers.

Protects sensitive data by disguising or encrypting data, keeping it usable by the organization and approved parties.

Manages policies for user data access and data encryption.

Stores data securely either on premise or in an adjacent cloud database to prevent loss of data at rest.

Constantly monitors acivity related to user behavior and compares activity to benchmarked patterns.

Supports compliance with PII, GDPR, HIPPA, PCI, and other regulatory standards.

Analyzes data associated with denied entries and policy enforcement, giving information of better authentication and security protocols.

Monitors data quality and send alerts based on violations or misuse.

Allows for reporting and documentation of individual user behavior and privileges.

Track issues as vulnerabilities are discovered. Documents activity throughout the resolution process.

The rate at which scans accurately detect all vulnerabilities associated with the target.

The rate at which scans falsely indicate detection of a vulnerability when no vulnerabilitiy legitimately exists.

Runs pre-scripted vulnerability scans without requiring manual work.

Allows users to scan applications and networks for specific compliance requirements.

Analyzes network devices, servers and operating systems for vulnerabilities.

Monitors configuration rule sets and policy enforcement measures and document changes to maintain compliance.

Allows users to perfrom hands-on live simulations and penetration tests.

Scans application source code for security flaws without executing it.

Scans functional applications externally for vulnerabilities like SQL injection or XSS.

Provides support for Multi-Factor authentication, so users are required to provide multiple factors to authenticate.

Provides a single access point for users to access multiple cloud products without multiple logins.

Enables users to bring-your-own-device to access company applications.

Stores credentials and passwords in a secure vault. Eliminates hard-coded passwords. Hides passwords from users.

Ensures that credentials are centrally stored (in a secure vault) and when changed, that systems remain connected.

Allows privileges based on roles, such as business unit or other factors.

Configure which events will trigger a notification to prevent privileged access abuse in real-time.

Offers live session recording and playback for compliance and auditing purposes.

Offers the option to hide passwords when sharing with users, such as contract workers

Allows for temporary privileges for a defined task or period of time, to reduce the risk of credential abuse.

Simplifies or automates user provisioning, deprovisioning, and other user role changes.

Offers password management tools to end users.

Offers single sign-on functionalities to end users, allowing them to authenticate once and be given access to all of their company accounts.

Enforces user-access policies based on individual, role type, group membership or other factors to prevent unauthorized access to company systems and data.

Authenticates users prior to granting access to company systems.

Offers multi-factor authentication methods to verify a user's identity.

Provides audit logs for compliance reasons.

Monitors, records, and logs both real-time and post-event activity.

Detects abnormal user behavior to mitigate risks.

Creates a comprehnsive log of all activities when utilizing Privileged Access Management Software software.

Includes reporting functionality.

Tracks infrastructure resource needs and alerts administrators or automatically scales usage to minimize waste.

Monitors performance and statistics related to memory, caches and connections.

Detects anomalies in functionality, user accessibility, traffic flows, and tampering.

Actively monitors status of work stations either on-premise or remote.

Provides an IAM solution for on-prem systems.

Provides an IAM solution for cloud-based systems.

Tracks user activities across protected systems.

Provides reporting functionality.

Log and report all modifications to user roles and access rights.

Provide standardized reports for regulatory compliance and audits.

Offers data loss prevention tools to protect data from leaving the environments it is allowed to.

Monitors configuration rule sets and policy enforcement measures and document changes to maintain compliance.

Allows users to track and control security policies across cloud services and providers.

Provides a risk-based approach to determining trust within the network.

Application Programming Interface - Specification for how the application communicates with other software. API's typically enable integration of data, logic, objects, etc. with other software applications.

Provides all-encompassing display and analysis of environments, resources, traffic, and activity across networks.

Detect new assets as they enter a cloud environments and networks to add to asset inventory.

Facilitates the proactive search for emerging threats as they target servers, endpoints, and networks.

Analyzes your existing cloud, network, and IT infrastructure to outline access points that can be easily compromised.

Stores information related to new and common vulnerabilities and how to resolve them once incidents occur.

Allows for vulnerability ranking by customized risk and threat priorities.

Helps define policies for access management

Uses principle of least privilege to ensure access control at granular level of specific resources and apps

Enables organization to define roles and assign access based on these roles

Streamlines the management of user access through AI

Tracks and logs user activities, access requests, and changes to entitlements

Detects and remediates risky, misconfigured permissions for human and machine identities using AI

Provides visibility into all users and identities across the system

Provides reporting capabilities to demonstrate compliance

Scans containers, workloads, and kubernetes clusters for any misconfigurations or vulnerabilities.

Monitor live environments for anomalies, risks and threats to ensure rapid response.

Integrates with CI/CD pipelines to detect security risks early in the development life cycle.

Consolidate all security data across the tech and cloud stacks into one dashboard.

Offers an AI-powered engine to provide remediation guidance to the user based on the type of threat.

Uses context-aware analysis to identify critical and non-critical risks across vulnerabilities.

Help detect anomalies across cloud workloads which could help present a potential breach.

Offers a unified view of all cloud assets across multi-cloud platforms such as AWS, Azure, GCP etc.

Continuously scans cloud environments for any misconfigurations, and provide benchmarks and guided remediation.

Capability to perform complex tasks without constant human input

Anticipates needs and offers suggestions without prompting

Capability to perform complex tasks without constant human input

Anticipates needs and offers suggestions without prompting

Makes informed choices based on available data and objectives

Capability to perform complex tasks without constant human input

Improves performance based on feedback and experience

Grant access based on user attributes, location, device posture or risk.

Automate onboarding, offboarding, and access reviews throughout user lifecycles.

Enable users to reset passwords and update profiles without admin support.

Identify unusual access patterns using machine learning models.

Dynamically adjust access policies based on risk and AI-generated insights.

Suggest appropriate user roles based on usage patterns and peer behavior.

Integrate with existing security infrastructure (SIEM, CASB, IAM, DSPM/CSPM/SSPM) to bring AI‑SPM into the wider security ecosystem.

Discover AI applications, agents, chatbots and integrations across SaaS, APIs and other environments.

Support continuous updates to policies and controls as AI‑tool usage evolves and new threats emerge.

Monitor data flows, permissions and resource access associated with AI integrations and tools.

Enforce AI‑specific security policies in real time, such as limiting agent permissions and blocking unauthorized AI activity.

Continuously assess AI integration risks including misconfigurations, policy violations and exposure to external AI services.

Provide dashboards, risk scores and prioritisation for remediation across the AI‑asset estate.

Monitor AI‑generated content for sensitive/regulated information and apply remediation or blocking controls.

Maintain audit logs, governance controls and reporting tied specifically to AI assets, agent behaviours and integrations.