Tenable is updating its Vulnerability Priority Rating (VPR) method of scoring vulnerabilities to enable organizations to focus their efforts on the most critical and impactful vulnerabilities.
According to the company, Common Vulnerability Scoring System (CVSS), which is used by the CVE database, flags 60% of vulnerabilities as high or critical. When Tenable VPR was launched in 2019, it only flagged 3% as high or critical, and today’s updates bring that number down to 1.6%.
Tenable says this cuts down on noise, leading to faster mean-time-to-remediation, optimized resources, and security efforts that are better aligned with organizational priorities.
Some of the ways Tenable is able to reduce the number of vulnerabilities flagged as critical is that it recalculates risk prioritization every night for over 280,000 different vulnerabilities, predicts the likelihood of a vulnerability being exploited in the near future, and gives a priority rating on a scale from 1 to 10.
VPR also now utilizes AI to generate threat summaries and remediation insights. Additionally, Tenable added enhanced filtering, querying, and metadata to enable organizations to prioritize vulnerabilities based on threats specific to their industry and region.
“We’re taking our game-changing Tenable VPR to the next level with these AI-powered enhancements,” said Eric Doerr, chief product officer at Tenable. “Tenable VPR brings an unmatched precision and depth of threat intelligence, context and explainability to cyber operations. With these critical insights at their fingertips, organizations can clearly visualize why an exposure matters, where they are vulnerable and how to close their priority risks.”
The company will be going through the updates to VPR in a webinar on Tuesday, August 19, 2025 at 11 AM ET (8 AM PT).
The post Tenable updates Vulnerability Priority Rating scoring method to flag fewer vulnerabilities as critical appeared first on SD Times.
Source: Read MoreÂ
