Open
Cached
·
just now
95/100
SECURITY SCORE
Certificate Information
Subject
CN=cloud.tenable.com
Issuer
C=US, O=Google Trust Services, CN=WE1
Valid From
December 14, 2025
Valid Until
March 14, 2026
71 days
Public Key
ECDSA
256 bit
(P-256)
Adequate
Signature Algorithm
ECDSA-SHA256
SHA-256 Fingerprint
8C:81:51:A9:3D:13:2C:E2:51:A1:71:94:0A:7A:B5:24:A5:5D:52:76:5A:1D:3E:B2:08:ED:50:BB:A1:A4:F2:ED
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Good
max-age=63072000; includeSubDomains
Content-Security-Policy
Good
default-src; object-src; frame-ancestors; +13 more
default-src 'self'; object-src 'none'; frame-ancestors 'self'; base-uri 'self'; script-src 'self' content.pendo-tio.tenable.com app.pendo.io cdn.pendo.io pendo-io-static.storage.googleapis.com pendo-static-6670168804032512.storage.googleapis.com data.pendo.io challenges.cloudflare.com www.datadoghq-browser-agent.com cdn.ravenjs.com cdn.astronomer.io cdn.metarouter.io cdn.amplitude.com static.cloudflareinsights.com platform.cloud.coveo.com info.tenable.com app.getbeamer.com backend.getbeamer.com static.getbeamer.com 'sha256-hiLNVf8Wb4hkpMRvUiZXP0xD5krU++OYspwRDiFAwzg='; style-src 'self' app.pendo.io pendo-io-static.storage.googleapis.com pendo-static-6670168804032512.storage.googleapis.com content.pendo-tio.tenable.com platform.cloud.coveo.com app.getbeamer.com 'unsafe-inline'; img-src 'self' app.pendo.io cdn.pendo.io content.pendo-tio.tenable.com pendo-io-static.storage.googleapis.com pendo-static-6670168804032512.storage.googleapis.com data.pendo-tio.tenable.com data.pendo.io app.getbeamer.com data: blob:; font-src 'self' fonts.gstatic.com cdn.pendo.io data:; connect-src 'self' pendo-static-6670168804032512.storage.googleapis.com data: app.pendo.io data.pendo-tio.tenable.com content.pendo-tio.tenable.com data.pendo.io backend.getbeamer.com rum-http-intake.logs.datadoghq.com *.browser-intake-datadoghq.com e.metarouter.io api.amplitude.com api2.amplitude.com cdn.amplitude.com analytics.cloud.coveo.com tenable.com www.tenable.com api.tenable.com; child-src 'self' www.youtube.com s.ytimg.com; frame-src app.getbeamer.com app.pendo.io www.youtube.com s.ytimg.com challenges.cloudflare.com; worker-src 'self' blob:; report-to tenable-cloud-csp; block-all-mixed-content; upgrade-insecure-requests; report-uri /csp-reports;
X-Frame-Options
Excellent
DENY
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Good
strict-origin-when-cross-origin
Permissions-Policy
Missing
Not configured
Recommendations
- • Consider adding 'preload' to HSTS for maximum security
- • Strengthen CSP by removing 'unsafe-eval'
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Configured
(Restricts certificate issuance)
Current Issuer
Authorized
(Matches CAA policy)
Authorized CAs
Wildcard CAs
Recommendations
- • Consider using critical flag (flags=128) for stricter CAA enforcement
- • Consider adding 'iodef' records to receive notifications about unauthorized certificate issuance attempts
Subject Alternative Names
26 domains
cloud.tenable.com
ap-syd-1.cloud.tenable.com
appliance.cloud.tenable.com
asm-demo.cloud.tenable.com
asm.cloud.tenable.com
br01.cloud.tenable.com
ca01.cloud.tenable.com
fra.cloud.tenable.com
impersonation.cloud.tenable.com
in01.cloud.tenable.com
jp01.cloud.tenable.com
mssp-us-1.cloud.tenable.com
playground-staging.cloud.tenable.com
playground.cloud.tenable.com
registry.cloud.tenable.com
sing.cloud.tenable.com
telemetry.cloud.tenable.com
uae01.cloud.tenable.com
uk-lon-1.cloud.tenable.com
us-1a.cloud.tenable.com
us-2a.cloud.tenable.com
us-2b.cloud.tenable.com
us-3a.cloud.tenable.com
us-4a.cloud.tenable.com
us-5a.cloud.tenable.com
us08.cloud.tenable.com