Documentation is now available for the GET /plugins/plugin endpoint. This endpoint returns a paginated list of Tenable plugins with detailed plugin information. The response list is sorted by plugin ID.

The Tenable.io export API now returns the Asset Criticality Rating (ACR) and Asset Exposure Score (AES) if you have a Lumin license. The GET /assets/export/{export_uuid}/chunks/{chunk_id} endpoint returns the following attributes:

You can now filter Tenable.io vulnerability exports by plugin_id. The plugin_id body parameter accepts a list of plugin IDs for which you want to filter the vulnerabilities returned in the vulnerability export.

You can now use the Tenable.io API to convert scan-specific credentials to managed credentials.

The Tenable.io Session API is deprecated. On August 1, 2020, documentation related to the session endpoints will be removed from the Tenable developer portal. If your organization's integrations with the Tenable.io API previously used session tokens, Tenable recommends that you use the PUT /users/{user_id}/keys endpoint to generate API keys instead. This deprecation also affects the POST /user/{user_id}/impersonate endpoint as well, as it is dependent on session tokens.

You can now use the Tenable.io Web Application Scanning v2 API to easily create a WAS scan configuration.

You can now use the Tenable.io Web Application Scanning v2 API to return a report of scan results. The scan results can be returned in JSON, CSV, or XML format.

You can now use the Tenable.io API to change which user in your organization owns a scan. You can change ownership for only those scans where you have OWNER [128] permissions for the scan.

You can now use the Tenable Managed Security Service Provider (MSSP) API to manage the logos of your customer's instances. By default, the Tenable logo appears in the header of your customer's instances. The logo endpoints enable you to replace the Tenable logo with a logo appropriate to a customer's business context. You can use the new logo endpoints to add, assign, and delete logos. For more information about logos in the Tenable MSSP Portal, see Logos in Tenable Managed Security Service Provider (MSSP) User Guide.

You can now use the Tenable.io API to determine the date on which you enabled two-factor authentication for your user account.