Vulnerability Management: Exclusion Improvements
Note
Tenable is enabling this update for customers in a rolling fashion and availability is limited. Contact your Tenable Customer Success Manager (CSM) for more information.
(Early Access) Vulnerability Management: Shared Collections
Documentation is now available for new endpoints added to the Tenable Vulnerability Management API to support shared collections. Shared collections enable users to quickly and conveniently share scan configurations with other Tenable Vulnerability Management users and groups. For more information about shared collections, see Shared Collections in the Tenable Vulnerability Management Early Access User Guide.
Vulnerability Management: New ACR and AES Scores in Asset Exports
Tenable is pleased to announce the availability of new enhanced Asset Criticality Rating (ACR) and Asset Exposure Score (AES) metrics in asset export response chunks. The existing ACR and AES metrics have been enhanced using a new algorithm and data platform to provide customers with a more complete view of their exposure.
Web App Scanning: Scan Pause Windows
Tenable is pleased to announce the availability of pause windows for Tenable Web App Scanning scans. Pause windows enable customers to define a time frame during which scheduled scans cannot run. This feature can be used to avoid scanning production environments during peak hours to prevent downtime or adverse customer impact. Additionally, users can now manually pause scans.
pyTenable 1.7.4 Released
Tenable has released pyTenable version 1.7.4.
Vulnerability Management: Vendor Severity in Download Vulnerabilities Chunk
Tenable has added the vendor_severity
property to the plugin
object in the Download vulnerabilities chunk endpoint.
Vulnerability Management: Google Cloud Platform Workload Identity Federation Connector
Tenable has updated the cloud connector API to add support for Google Cloud Platform (GCP) connectors with Workload Identity Federation (WIF) authentication. This enables customers to authenticate with GCP via WIF instead of managing service account keys when creating GCP connectors. A GCP connector is used to discover Google Cloud Platform assets and import them to Tenable Vulnerability Management.
Vulnerability Management: New Vulnerability and Asset Export Properties
Tenable has added new response properties to the Download vulnerabilities chunk and Download asset chunk endpoints. These include the much requestedfinding_id
property, with which you can pinpoint the finding on an asset corresponding to a specific vulnerability.
Vulnerability Management: Vulnerability Intelligence Filters in Vulnerability Exports
Tenable has added new filters to the Export vulnerabilities endpoint to support Vulnerability Intelligence, a user interface feature that compares vulnerabilities in your environment with those in public databases and curated categories.
Vulnerability Management: New Parameter for Resource Tags in Asset Exports (Limited Availability)
Note
Tenable is enabling this update for customers in a rolling fashion and availability is limited. For more information, contact your Tenable representative.