Looking for a Kenna Replacement? Migrate to PlexTrac
With Cisco Vulnerability Management (formerly Kenna Security) sunsetting, PlexTrac is supporting security teams through a smooth transition helping them migrate data, maintain prioritization discipline, and operationalize CTEM-aligned exposure assessment and remediation workflows.
For a limited time, customers with up to 12 months remaining on their Kenna contract who migrate to PlexTrac under a PlexTrac subscription agreement will receive up to 12 months of PlexTrac free, subject to terms and conditions.
Trusted by Security Leaders
“For the first time, we can clearly explain to leadership what’s getting fixed, why it matters, and how our risk profile is improving. That alone made the transition worth it.”
—CISO, Global Technology Company
Kenna End-of-Life Announcement
On December 9, 2025, Cisco announced that it is retiring its suite of vulnerability management tools, stating
“There is no replacement available for the Cisco Vulnerability Management, Vulnerability Intelligence, and Application Security Module (formerly known as Kenna.VM, Kenna.VI, and AppSec) at this time.”
The key end-of-life milestone dates are listed below.
End-of-Sale Date – March 10, 2026 | End of Subscription Changes or Renewals – June 11, 2026 | End of Support – June 30, 2026
Kenna Replacement Timeline
Week 1
Configuration & Development
Working with your implementation specialist to get your PlexTrac set up to meet your needs.
Week 2
Workflow Development
What will your new workflow be? How will we help get you there?
Week 3
Training
Get your end users up to speed with training options to meet your needs and designed with your workflow in mind.
Week 4
Go Live
Everyone is trained, you are ready to go into PlexTrac and work with your data!
Learn how to unify vulnerability management in a centralized collaboration platform like PlexTrac, recognized as a niche player in the Gartner Magic Quadrant.
Exposure Assessment Platform (EAP) is a recent product category defined by Gartner that helps organizations support Continuous Threat Exposure Management (CTEM) programs. EAP focuses on the activities related to identifying vulnerabilities, aggregating them across various sources, prioritizing them effectively, and facilitating the remediation lifecycle.
Replace Kenna with PlexTrac FAQs
-
Which products are being deprecated?
The end-of-life (EOL) announcement includes Cisco Vulnerability Management, Vulnerability Intelligence, and Application Security Module (previously known as Kenna.VM, Kenna.VI, and AppSec before Kenna was acquired by Cisco).
-
What is the end-of-life timeline for Cisco Vulnerability Management, Vulnerability Intelligence, and Application Security Module?
You can see a full timeline of end-of-life milestones and cutoff dates on the Cisco website. As of March 10, 2026, Cisco Vulnerability Management, Vulnerability Intelligence, and Application Security Module are no longer being sold to new customers. For existing customers, subscription changes or renewals will no longer be available as of June 11, 2026. The products will become obsolete on June 30, 2028, when all subscription and support services for the product will become unavailable.
-
When was Kenna Security acquired by Cisco?
Cisco’s acquisition of Kenna Security was completed in June of 2021. The acquisition was meant to expand Cisco’s vulnerability management offerings with a combined risk-based vulnerability management solution, though the Kenna tool suite is ultimately being deprecated within five years of the acquisition date.
-
How long does it take to migrate from Cisco’s VM tools to PlexTrac?
Most security teams are able to migrate from the Cisco VM suite to PlexTrac within a month. The migration process typically includes configuration, integration setup, workflow development, and training and onboarding.
-
Can PlexTrac map to existing data sources, priorities, and remediation workflows in Cisco’s VM tools?
Yes, PlexTrac’s Kenna migration program provides tailored support to replicate Cisco’s vulnerability management workflows, help security teams implement PlexTrac, and train new users. PlexTrac’s support team is available to help minimize disruption, avoid excessive platform costs, and implement the same data sources, prioritization focus, and remediation workflows your team is accustomed to in Cisco Vulnerability Management, Vulnerability Intelligence, and Application Security Module.
PlexTrac Package Pricing
Service Provider
Scale service delivery by accelerating pentest reporting and continuously managing threat exposure in a single platform.
Scale pentest reporting services by streamlining the end-to-end workflow—from scoping through to the final end deliverable.
Go beyond pentest reporting and shift to continuous testing to deliver exposure management and prioritized remediation services.
Evolve and scale risk-based service offerings that align with the CTEM framework to show a measurable risk reduction over time.
*Plex AI is available as an add-on to the PlexTrac Essential, Core or Premium Packages. You must be using a cloud-based version of the PlexTrac platform to leverage AI features
Enterprise
Accelerate pentest reporting and continuously manage threat exposure in a single platform.
Streamline and automate the internal testing and documentation life cycle—from scoping through to the final end deliverable.
Conduct continuous testing, automate the findings handoff through ticketing integrations, and manage exposures across your entire attack surface.
Evolve into the CTEM framework by centralizing data management, contextually prioritizing risk, and automating remediation orchestration.
*Plex AI is available as an add-on to the PlexTrac Essential, Core or Premium Packages. You must be using a cloud-based version of the PlexTrac platform to leverage AI features
Featured Resources
Migrate from Kenna / Cisco Vulnerability Management to PlexTrac
For a limited time, organizations transitioning from Kenna can take advantage of PlexTrac’s migration program, designed to minimize disruption and avoid incremental platform costs, subject to standard terms.