Vulnerability management remediation scans allow you to validate whether your vulnerability remediation actions on scan targets have succeeded. If a remediation scan cannot identify a vulnerability on targets where the vulnerability was previously identified, the system changes the status of the vulnerability to Fixed.

A new endpoint has been added to the Web Application Scanning v2 API to help users track the status of asynchronous scan configuration operations like creating a scan configuration or updating a scan configuration.

The advanced search and filtering feature as described in Web Application Scanning: Advanced Search and Filtering has introduced new POST method endpoints that are intended to replace the older GET method endpoints.

The Tenable.io Web Application Scanning v2 API now supports advanced search and filtering to help users refine query results. The new filtering capability allows users to pull only the data that most interests them; for example, hosts affected by a specific OWASP category, specific CVE, or even CWE.

Tenable.io Web Application Scanning has added a new assessment setting to allow users to exclude DOM elements and their children. DOM element exclusions allow you to prevent scans from interacting with specific page elements like logout buttons or forms. You can configure DOM element exclusions when you create a scan configuration.

Tenable.io Web Application Scanning now supports folders for scan jobs. This feature allows you to create custom folders for organizing your scans. Additionally, there are three Tenable-provided default folders: All Scans, My Scans, and Trash.

Tenable.io previously categorized as "archived" any scan results that were older than 60 days. Tenable.io now archives scan results older than 35 days.

Two new endpoints have been added to the Tenable.io API for agent bulk operations. These endpoints allow you to create a bulk operation task to add agents to a network or remove agents from a network.

The behavior for the since filter, used in the Tenable.io vulnerability export API, will change on January 25, 2021.

🛑

Caution

The information in this changelog is outdated. The referenced endpoints have been deprecated. This changelog remains publicly available for historical reference only. For the official deprecation announcement, see Vulnerability Management: Deprecated Filter Endpoints.