Full Report
We have enhanced our Tenable Cloud Security CNAPP product to give you greater visibility, smarter prioritization, and a more streamlined user experience.Key takeawaysTenable has improved our CNAPP by streamlining its navigation, making reports more customizable, and boosting visibility with a new "TV mode". Cloud workload protection has been enhanced with a more efficient Vulnerability Priority Rating (VPR) and granular Kubernetes vulnerability mapping. New identity and access management (IAM) features and just-in-time (JIT) updates simplify the enforcement of least-privilege policies.The Tenable Cloud Security team is always hard at work to ensure our cloud-native application protection platform (CNAPP) has all the capabilities you need to secure your multi-cloud environment. In this blog, we’ll outline our latest round of enhancements, focused on providing greater visibility, smarter prioritization, and a more streamlined user experience. Read on to get all the details.A more intuitive and efficient platformWe're excited to introduce these significant usability and reporting enhancements to the Tenable Cloud Security CNAPP:Streamlined console navigation: We've completely redesigned the console navigation menu for a more intuitive and efficient user experience. This major update helps you find the insights you need faster.Customizable inventory reports: You can now customize your inventory reports by selecting specific columns to include. This allows you to create more focused and efficient reports with just the information you need for expedited decision-making. TV mode: For continuous, real-time operational display and broad visibility of your security status, you can now view any dashboard in a full-screen, distraction-free "TV mode." These updates are all about providing more context and value, allowing you to see and act on your security data more efficiently with intuitive navigation, tailored reports, and always-on visibility.Enhanced cloud workload protection (CWP)We've made significant strides in our cloud workload protection capabilities to provide you with more precise, risk-contextualized visibility and prioritization:Enhanced Vulnerability Priority Rating (VPR): Our enhanced VPR is now twice as efficient, enabling your teams to focus on the 1.6% of vulnerabilities that pose a real risk, sharpening your prioritization efforts.Improved coverage and accuracy: We've improved vulnerability detection accuracy by adding scoped npm packages for better visibility into workloads running Node.js and by no longer flagging unused kernel versions in Linux workloads.Granular Kubernetes vulnerability management: You can now directly map vulnerability findings in container images to specific Kubernetes workloads, which clarifies risk attribution and streamlines remediation.Advanced identity and access management (IAM)Identity-related issues are a top concern in cloud security. We're introducing new features to help you establish a pervasive and frictionless least-privilege posture:Configure trusted vendors: You can now mark external vendors as trusted users to reduce non-critical alerts about them. This helps focus your monitoring and toxic-combination analysis on truly risky identity exposures.Automated remediation of unused SSO permissions: You can now quickly identify and remove inactive single sign-on (SSO) groups or users with a single click to streamline your process of eliminating dormant roles and their permissions.Streamlined just-in-time (JIT) access: We’ve enhanced our Slack support with key actions from the JIT Portal, including self-revoking active sessions and submitting recurring access requests. These updates streamline the adoption of least-privilege policies. These new features in Tenable Cloud Security are designed to empower you to work faster and smarter. By providing a more intuitive platform, enhancing workload protection, and offering advanced IAM and JIT capabilities, we're helping you to stay ahead of evolving cloud threats and proactively secure your multi-cloud environment.New cloud security use cases and research from TenableCheck out these new cloud security resources we’ve recently published: Four common uses for Tenable Cloud Security:Ecosystem view of riskComplete cloud lifecycle visibilityCloud misconfiguration identification and remediationAchieve least privilegeRecent cloud security research:Gemini Trifecta: Read about the three (now-remediated) vulnerabilities Tenable Research discovered within Google’s Gemini AI assistant suite.A new insight brief: Explore key observations on complexity gleaned from our recent “State of the Cloud & AI Security” report.
Analysis Summary
# Industry News: Tenable Enhances CNAPP with Focus on Usability, Prioritization, and IAM
## Summary
Tenable has rolled out significant updates to its Cloud-Native Application Protection Platform (CNAPP), focusing on improving user experience through streamlined navigation and customizable reporting, alongside enhancements to core security functionality. Key improvements include faster vulnerability prioritization via an enhanced Vulnerability Priority Rating (VPR), deeper Kubernetes workload visibility, and advancements in Identity and Access Management (IAM) features, particularly around enforcing least privilege.
## Key Details
- Date: Not explicitly stated, but announced as a recent round of enhancements.
- Companies Involved: Tenable
- Category: Product Update / Feature Enhancement (CNAPP)
## The Story
Tenable announced a major update cycle for its Cloud Security CNAPP, designed around three pillars: greater visibility, smarter prioritization, and a streamlined user experience. Usability improvements include a redesigned console navigation and customizable inventory reports, complemented by a new full-screen "TV mode" for continuous operational display. On the technical side, cloud workload protection now benefits from a VPR that is twice as efficient, allowing teams to focus on the most critical risks, and granular mapping of container image vulnerabilities to specific Kubernetes workloads. Furthermore, Tenable is addressing the critical area of identity security with new IAM features, such as trusted vendor configuration, automated remediation for unused SSO permissions, and enhancements to Just-in-Time (JIT) access workflows via Slack integration to push least-privilege adoption. The company also referenced recent research, including findings related to vulnerabilities in Google's Gemini AI suite, underscoring its focus on next-generation threats.
## Business Impact
### For the Companies Involved
- **Tenable:** These enhancements solidify Tenable’s commitment to continuous innovation within the crowded CNAPP space, directly increasing the competitive value proposition of its flagship Tenable One platform. Improving UX addresses common enterprise friction points, aiming to boost customer satisfaction, adoption rates, and retention across the cloud security portfolio.
### For Competitors
- Competitors in the CNAPP and CNAPP-adjacent markets (CSPM, CWPP, CIEM) now face pressure to match Tenable's speed on usability gains and efficiency improvements like the revamped VPR. The integration of granular Kubernetes mapping and deep least-privilege tooling (especially JIT enhancements) raises the baseline expectation for integrated cloud security offerings.
### For Customers
- Customers gain immediate efficiency through faster navigation and tailored reporting, which speeds up decision-making. More efficient VPR means security teams spend less time chasing false positives or low-risk issues, leading to reduced operational overhead and a lower mean time to remediation (MTTR) for high-priority risks. Enhanced IAM/JIT features directly support compliance goals around principle of least privilege.
### For the Market
- This update reinforces the trend of CNAPP consolidation, where platform vendors must integrate best-of-breed functionality (like refined VPR, Kubernetes context, and strong IAM/JIT) into a single, easy-to-use pane of glass. The focus on operational efficiency acknowledges that security teams are overwhelmed by sheer data volume.
## Technical Implications
The introduction of a twice-as-efficient VPR suggests an improved correlation engine that better contextualizes vulnerabilities based on the actual running environment and exploitability data. Granular Kubernetes mapping is a significant technical lift, bridging vulnerability scanning data (image-level) directly with runtime orchestration context (workload-level), a necessary step for effective DevSecOps integration. The JIT enhancements via Slack integration show a commitment to weaving access management directly into developer workflows.
## Strategic Analysis
- **Market Positioning:** Tenable is reinforcing its position as a comprehensive platform provider (Tenable One) by ensuring the core cloud component (CNAPP) is highly functional and addresses pain points in prioritization fatigue and identity sprawl—two major roadblocks cited by CISOs.
- **Competitive Advantage:** The combination of superior risk prioritization (VPR) with workflow integration (JIT via Slack) creates a strong practical advantage over solutions that offer broad visibility but lack actionable, integrated prioritization.
- **Challenges:** Proving the effectiveness of the "twice as efficient" VPR and achieving rapid uptake of the new workflow integrations will be crucial to maintain momentum.
## Industry Reactions
(No direct industry reactions were provided in the source text, but general context applies.)
Experts typically welcome features that reduce alert fatigue and enhance context, as this directly impacts the productivity of SecOps teams. The focus on IAM/JIT aligns perfectly with current market demands seeking to control the escalating risks associated with excessive cloud permissions.
## Future Outlook
- Watch for Tenable to continue integrating AI/ML deeper into the VPR engine based on their released research on AI security (e.g., the Gemini findings). Future updates are likely to focus on further blurring the lines between development and security, especially concerning open-source dependencies and AI model risks.
## For Security Professionals
Security teams can expect to spend less time triaging false positives or irrelevant findings due to the enhanced VPR. The ability to map container vulnerabilities directly to Kubernetes workloads simplifies accountability and remediation ownership within CI/CD pipelines. New JIT controls offer practical mechanisms to enforce better least-privilege policies without severely disrupting developer productivity.