Inside the customer environment: Where threat actors, vulnerabilities, and exposed assets intersect

Tenable Research built a directed graph linking 600+ tracked threat actors to vulnerabilities and techniques observed in 7,800 U.S./Canadian customer environments, finding 68% of organizations carry at least one CVE previously exploited by a named adversary and identifying 242 "Elite Arsenal" CVEs (VPR ≥ 9, CISA KEV-listed, and documented exploitation), 241 of which are active in at least one environment; non-CVE exposures (misconfigurations, weak credentials, end-of-life software) are nearly universal and may confer equal or greater breach risk, so Tenable recommends reachability-aware prioritization that accounts for adversary technique mapping rather than per-CVE scoring alone.