Vulnerability Management: Agent Profiles
Documentation is now available for new endpoints added to the Tenable Vulnerability Management API. The new endpoints enable customers to create and manage agent profiles. For more information about agent profiles, see Agent Profiles in the Tenable Vulnerability Management User Guide.
Vulnerability Management: Compliance Export Enhancements Phase 2
Note
The first set of compliance export enhancements was available on March 19, 2024. See the changelog for more information.
Subscribe to Tenable API Changelog Updates
Tenable has created a mailing list for Tenable Developer Portal changelog updates. Click here to subscribe to the mailing list.
pyTenable 1.5.0 Released
Tenable has released pyTenable version 1.5.0.
Security Center Integration Kickstart Guide Updated
The Tenable Security Center Integration Kickstart Guide has been updated.
Attack Path Analysis API Available
Documentation for the Tenable Attack Path Analysis API is now available in the Tenable Developer Portal. A new endpoint has been added that enables users to retrieve details about Attack Path Analysis findings. For more information about findings, see Findings in the Tenable Attack Path Analysis User Guide.
Change User Role
Documentation has been added to the Tenable Developer Portal for the Change role endpoint that enables customers to change the role assigned to a specific user. For more information about user roles within Tenable Vulnerability Management, see Roles in the Tenable Vulnerability Management User Guide.
API Access Security
A new feature has been added to Tenable's cloud platform that enables users to restrict access to the API by specifying an allowlist of IPv4 or IPv6 addresses. The list of allowed addresses can include discrete IP addresses, IP address ranges, and IP subnets. For example, for IPv4 you could specify "192.0.2.0, 198.51.100.4-198.51.100.10, 203.0.113.0/24"
and for IPv6 you could specify "2001:db8:2e92:75f2:d40a:e290:10b3:c0f, 2001:db8:1e1f:46a1:e3cb:2110:22c6:0000-2001:db8:1e1f:46a1:e3cb:2110:22c6:ffff, 2001:0DB8::/32"
. If an empty string is provided then the API can be accessed from all IP addresses.
Web App Scanning: OpenAPI Specification by URL
A new setting has been added to the Tenable-provided API Scan template that enables users to provide a URL for the OpenAPI specification for the RESTful API they want to scan. This new functionality adds a layer of convenience over the file upload option, and the URL is checked before every scan to ensure that the API specification is up to date.
Vulnerability Management: Open Port Findings in .nessus Scan Exports
On May 16, 2024, Tenable will update the .nessus
scan export format to include individual open port findings. This will ensure that you can still view open port findings in Tenable Security Center if your organization integrates Tenable Vulnerability Management with Tenable Security Center.