added

Attack Surface Management: Microsoft Azure Keys

Documentation is now available for new endpoints added to the Tenable Attack Surface Management API. The new endpoints enable customers to create and manage Microsoft Azure keys for integration with Microsoft Azure. For more information about integrating Tenable Attack Surface Management with Microsoft Azure, see Integrate with Microsoft Azure in the Tenable Attack Surface Management User Guide.

added

Tenable MSSP: Account Groups

Documentation is now available for new endpoints added to the Tenable Managed Security Service Provider (MSSP) API. The new endpoints enable customers to create and manage account groups in the Tenable MSSP Portal. For more information about account groups, see Create an Account Group in the Tenable Managed Security Service Provider (MSSP) User Guide.

added

pyTenable 1.6.0 Released

Tenable has released pyTenable version 1.6.0.

improved

Vulnerability Management: New Asset and Vulnerability Export Properties

Tenable has added 5 new properties to the asset export data returned by the Download assets chunk endpoint, and 7 new properties to the vulnerability export data returned by the Download vulnerabilities chunk endpoint.

added

Vulnerability Management: Continuous Assessment Scanning

Documentation is now available for new body parameters and response properties added to the Tenable Vulnerability Management API to support continuous assessment scanning. Continuous assessment scanning is a scanning method that Tenable Vulnerability Management can perform through linked Tenable Nessus Agents. It provides continuous monitoring and reporting of software inventory changes on your hosts.

improved

Vulnerability Management: Compliance Export Timeout

Tenable has made several changes to the compliance export API to improve performance and reliability. A new timeout limitation has been implemented as a result of these changes. Compliance exports that take longer than 24 hours to complete are now auto-canceled. This timeout limitation is being deployed to customers on a rolling basis, and will be deployed for all customers on October 22, 2024.

improved

Vulnerability Management: Updated Risk Factor for List Plugins

The risk_factor property returned by the List plugins endpoint now honors the Vulnerability Severity Metric setting on the user's container. The Vulnerability Severity Metric can be set to either CVSSv2 or CVSSv3. Previously, the risk_factor property always defaulted to a plugin's CVSSv2 value, resulting in a mismatch with the user interface if customers selected CVSSv3 as the default severity metric.

added

pyTenable 1.5.1 Released

Tenable has released pyTenable version 1.5.1.

added

Web App Scanning: Custom Role-Based Access Control

Tenable is pleased to announce the availability of custom role-based access control for Web App Scanning. Custom roles are a custom set of privileges that enable you to tailor user privileges and access to resources on your Tenable Web App Scanning instance that are specific to your organization's needs. You can now create custom roles and assign users to those roles to provide more granular control for users to access, modify, and execute WAS scans. For example, you can create WAS-only users to allow AppSec or Dev teams to access the Tenable One platform without giving them access to Vulnerability Management tools.

added

Attack Path Analysis: List Attack Paths

A new endpoint has been added to the Tenable Attack Path Analysis API that enables users to retrieve a list of attack path vectors. The new endpoint is described in the following table: