Vulnerability Management: Scanner Profiles
Tenable is pleased to announce the release of scanner profiles. Scanner profiles provide the same functionality as agent profiles, but for scanners. The existing agent profile endpoints have been updated to support both profile types. These endpoints use a {sensor_type} path parameter to specify agent or scanner.
This release introduces three key capabilities for scanner profiles:
- Declarative plugin scheduling configuration options
- Option to pin the scanner software version
- Option to disable automatic scanner software version updates
Note
Scanner profiles are supported by Nessus scanners version 10.10.0 and later.
The updated profile endpoints are described in the following table:
| Endpoint | Name | Description |
|---|---|---|
| POST /sensors/profiles/{sensor_type} | Create profile | Creates an agent or scanner profile. |
| GET /sensors/profiles/{sensor_type} | List profiles | Returns a list of agent or scanner profiles. |
| GET /sensors/profiles/{sensor_type}/{profile_uuid} | Get profile details | Returns details for the specified agent or scanner profile. |
| PUT /sensors/profiles/{sensor_type}/{profile_uuid} | Update profile | Updates the specified agent or scanner profile. |
| DELETE /sensors/profiles/{sensor_type}/{profile_uuid} | Delete profile | Deletes the specified agent or scanner profile. |
| POST /sensors/profiles/{sensor_type}/{profile_uuid}/clone | Clone profile | Clones the specified agent or scanner profile. |
Tenable has also added three new endpoints to support scanner profiles: one to assign scanners to a profile, one to remove scanners from a profile, and one to check the status of scanner profile tasks.
| Endpoint | Name | Description |
|---|---|---|
| POST /scanners/scanners/bulkAssignToProfile | Assign to scanner profile | Assigns scanners to a profile by creating an asynchronous bulk operation task. |
| DELETE /scanners/scanners/bulkAssignToProfile | Remove from scanner profile | Removes scanners from a profile by creating an asynchronous bulk operation task. |
| GET /scanners/request-status/{request_status_id} | Get scanner task status | Allows you to check the status of your scanner profile operations. |
In addition, Tenable has added the profile_uuid and profile_name properties to the following endpoint responses to support scanner profiles:
| Endpoint | Name | Change |
|---|---|---|
| GET /scanners | List scanners | Added profile_uuid and profile_name to the response. |
| GET /scanners/{scanner_id} | Get scanner details | Added profile_uuid and profile_name to the response. |
| PUT /scanners/{scanner_id} | Update scanner | Added profile_uuid and profile_name to the request. |
| GET /scanner-groups/{group_id}/scanners | List scanners in group | Added profile_uuid and profile_name to the response. |
For more information about scanner profiles, see Scanner Profiles in the Tenable Vulnerability Management User Guide.