The plugins endpoints that accept user input now return an HTTP 404 Not Found status code with an empty response body if the specified plugin ID, plugin family ID, or plugin family name cannot be found. Previously, Tenable Vulnerability Management returned an HTTP 200 OK status code with "plugins": null in the response body. This change aligns the plugins endpoints with the standard used for other Vulnerability Management endpoints.

Tenable has deprecated three Tenable Vulnerability Management endpoints related to workbench exports.

New endpoints have been added to the Tenable Cloud Security API to allow customers to onboard and manage their cloud accounts. You can now onboard Amazon Web Services (AWS), Microsoft Azure, and Google Cloud Platform (GCP) accounts and assign them to projects via the API.

A new endpoint has been added to the Tenable PCI ASV API to allow customers to retrieve a list of undisputed failures for a specified PCI attestation. You can specify the attestation you want to retrieve the undisputed failures for via the attestation_uuid path parameter. For more information about PCI ASV, see Get Started with PCI ASV Scanning in the Tenable Vulnerability Management User Guide.

A new endpoint has been added to the Tenable PCI ASV API to allow customers to retrieve a list of assets identified in a specified PCI attestation. You can specify the attestation you want to retrieve the assets for via the attestation_uuid path parameter. For more information about PCI ASV, see Get Started with PCI ASV Scanning in the Tenable Vulnerability Management User Guide.

A new endpoint has been added to the Tenable PCI ASV API to allow customers to retrieve a list of disputes for a specified PCI attestation. You can specify the attestation you want to retrieve the disputes for via the attestation_uuid path parameter. For more information about PCI ASV, see Get Started with PCI ASV Scanning in the Tenable Vulnerability Management User Guide.

The user permissions requirement for some Tenable Managed Security Service Provider (MSSP) endpoints has been reduced from ADMINISTRATOR [64] to BASIC [16]. For more information about permissions and roles, see Permissions.

A new parameter is now available for the Tenable Cloud Security List violations endpoint that allows you to filter ignored violations. Use a value of true if you want the results to match the user interface since the UI sends true by default.

Tenable is enhancing the Tenable Vulnerability Management and Tenable Web App Scanning APIs to better reflect data presented in the user interface.

A new endpoint has been added to the Tenable Vulnerability Management API to allow customers to retrieve a list of plugins for a specified plugin family name. You can specify the name of the plugin family you want to retrieve the plugin list for via the name body parameter.