Vulnerability Management: Plugins Endpoints Response Improvement
The plugins endpoints that accept user input now return an HTTP 404 Not Found
status code with an empty response body if the specified plugin ID, plugin family ID, or plugin family name cannot be found. Previously, Tenable Vulnerability Management returned an HTTP 200 OK
status code with "plugins": null
in the response body. This change aligns the plugins endpoints with the standard used for other Vulnerability Management endpoints.
Vulnerability Management: Deprecated Workbench Export Endpoints
Tenable has deprecated three Tenable Vulnerability Management endpoints related to workbench exports.
Cloud Security: New Cloud Account Management Endpoints
New endpoints have been added to the Tenable Cloud Security API to allow customers to onboard and manage their cloud accounts. You can now onboard Amazon Web Services (AWS), Microsoft Azure, and Google Cloud Platform (GCP) accounts and assign them to projects via the API.
PCI ASV: List Undisputed Failures
A new endpoint has been added to the Tenable PCI ASV API to allow customers to retrieve a list of undisputed failures for a specified PCI attestation. You can specify the attestation you want to retrieve the undisputed failures for via the attestation_uuid
path parameter. For more information about PCI ASV, see Get Started with PCI ASV Scanning in the Tenable Vulnerability Management User Guide.
PCI ASV: List Attestation Assets
A new endpoint has been added to the Tenable PCI ASV API to allow customers to retrieve a list of assets identified in a specified PCI attestation. You can specify the attestation you want to retrieve the assets for via the attestation_uuid
path parameter. For more information about PCI ASV, see Get Started with PCI ASV Scanning in the Tenable Vulnerability Management User Guide.
PCI ASV: List Attestation Disputes
A new endpoint has been added to the Tenable PCI ASV API to allow customers to retrieve a list of disputes for a specified PCI attestation. You can specify the attestation you want to retrieve the disputes for via the attestation_uuid
path parameter. For more information about PCI ASV, see Get Started with PCI ASV Scanning in the Tenable Vulnerability Management User Guide.
Tenable MSSP Permissions Update
The user permissions requirement for some Tenable Managed Security Service Provider (MSSP) endpoints has been reduced from ADMINISTRATOR [64] to BASIC [16]. For more information about permissions and roles, see Permissions.
Cloud Security: New has_violation Query Parameter for List Violations
A new parameter is now available for the Tenable Cloud Security List violations endpoint that allows you to filter ignored violations. Use a value of true
if you want the results to match the user interface since the UI sends true
by default.
Important API Changes Coming Soon
Tenable is enhancing the Tenable Vulnerability Management and Tenable Web App Scanning APIs to better reflect data presented in the user interface.
Vulnerability Management: List Plugins in Family (by Name)
A new endpoint has been added to the Tenable Vulnerability Management API to allow customers to retrieve a list of plugins for a specified plugin family name. You can specify the name of the plugin family you want to retrieve the plugin list for via the name
body parameter.