Web Application Scanning: New Model for Input Errors
The Web Application Scanning v2 API now returns more specific error messages when validating user input. The new error model helps users to quickly identify and correct input errors.
Tenable.io: New Filters Available for Asset Export Endpoints
Two new asset filters were added to the Tenable.io API to help filter deleted and terminated assets. The new filters are is_deleted
and is_terminated
. If these filters are set to true, the Tenable.io API will return all assets that have been deleted or terminated.
WAS: Deprecation Notice for settings.target and application_uri Parameters
The Web Application Scanning v2 API has been updated to make targets a primary entity. You can now define target
in the main body of your request instead of within the settings
object. This change allows users to create a scan configuration with no settings block if they wish to use the default settings. Tenable recommends that you use the target
parameter in the main body instead. This change affects the POST /was/v2/configs and PUT /was/v2/configs/{config_id} endpoints.
Tenable.io Scan Routing
With scan routing, you can automatically dispatch scanning across multiple scanner groups according to the areas of your network that each group is configured to access. Scan routing reduces scan configuration and management overhead by eliminating the need to configure specific scanners for each individual scan. This feature can represent a significant benefit in large deployments. In addition, you can improve operational efficiency by tasking higher-privilege team members with managing scanner pools, which lower-privilege team members can then use in scan configuration.
List Plugins
Documentation is now available for the GET /plugins/plugin endpoint. This endpoint returns a paginated list of Tenable plugins with detailed plugin information. The response list is sorted by plugin ID.
Lumin ACR and AES Returned in Export API
The Tenable.io export API now returns the Asset Criticality Rating (ACR) and Asset Exposure Score (AES) if you have a Lumin license. The GET /assets/export/{export_uuid}/chunks/{chunk_id} endpoint returns the following attributes:
Tenable.io: New Filter for Vulnerability Exports
You can now filter Tenable.io vulnerability exports by plugin_id
. The plugin_id
body parameter accepts a list of plugin IDs for which you want to filter the vulnerabilities returned in the vulnerability export.
Tenable.io: Convert Credentials
You can now use the Tenable.io API to convert scan-specific credentials to managed credentials.
Tenable.io: Session API Deprecation
The Tenable.io Session API is deprecated. On August 1, 2020, documentation related to the session endpoints will be removed from the Tenable developer portal. If your organization's integrations with the Tenable.io API previously used session tokens, Tenable recommends that you use the PUT /users/{user_id}/keys endpoint to generate API keys instead. This deprecation also affects the POST /user/{user_id}/impersonate endpoint as well, as it is dependent on session tokens.
Web Application Scanning: Create Scan Configuration
You can now use the Tenable.io Web Application Scanning v2 API to easily create a WAS scan configuration.