improved

Vulnerability Management: Plugins Endpoints Response Improvement

The plugins endpoints that accept user input now return an HTTP 404 Not Found status code with an empty response body if the specified plugin ID, plugin family ID, or plugin family name cannot be found. Previously, Tenable Vulnerability Management returned an HTTP 200 OK status code with "plugins": null in the response body. This change aligns the plugins endpoints with the standard used for other Vulnerability Management endpoints.

deprecated

Vulnerability Management: Deprecated Workbench Export Endpoints

Tenable has deprecated three Tenable Vulnerability Management endpoints related to workbench exports.

added

Cloud Security: New Cloud Account Management Endpoints

New endpoints have been added to the Tenable Cloud Security API to allow customers to onboard and manage their cloud accounts. You can now onboard Amazon Web Services (AWS), Microsoft Azure, and Google Cloud Platform (GCP) accounts and assign them to projects via the API.

added

PCI ASV: List Undisputed Failures

A new endpoint has been added to the Tenable PCI ASV API to allow customers to retrieve a list of undisputed failures for a specified PCI attestation. You can specify the attestation you want to retrieve the undisputed failures for via the attestation_uuid path parameter. For more information about PCI ASV, see Get Started with PCI ASV Scanning in the Tenable Vulnerability Management User Guide.

added

PCI ASV: List Attestation Assets

A new endpoint has been added to the Tenable PCI ASV API to allow customers to retrieve a list of assets identified in a specified PCI attestation. You can specify the attestation you want to retrieve the assets for via the attestation_uuid path parameter. For more information about PCI ASV, see Get Started with PCI ASV Scanning in the Tenable Vulnerability Management User Guide.

added

PCI ASV: List Attestation Disputes

A new endpoint has been added to the Tenable PCI ASV API to allow customers to retrieve a list of disputes for a specified PCI attestation. You can specify the attestation you want to retrieve the disputes for via the attestation_uuid path parameter. For more information about PCI ASV, see Get Started with PCI ASV Scanning in the Tenable Vulnerability Management User Guide.

improved

Tenable MSSP Permissions Update

The user permissions requirement for some Tenable Managed Security Service Provider (MSSP) endpoints has been reduced from ADMINISTRATOR [64] to BASIC [16]. For more information about permissions and roles, see Permissions.

added

Cloud Security: New has_violation Query Parameter for List Violations

A new parameter is now available for the Tenable Cloud Security List violations endpoint that allows you to filter ignored violations. Use a value of true if you want the results to match the user interface since the UI sends true by default.

improved

Important API Changes Coming Soon

Tenable is enhancing the Tenable Vulnerability Management and Tenable Web App Scanning APIs to better reflect data presented in the user interface.

added

Vulnerability Management: List Plugins in Family (by Name)

A new endpoint has been added to the Tenable Vulnerability Management API to allow customers to retrieve a list of plugins for a specified plugin family name. You can specify the name of the plugin family you want to retrieve the plugin list for via the name body parameter.