Tenable has added a new boolean query parameter, compress, to the Tenable One Inventory Export assets and Export findings endpoints. This parameter enables GZIP compression for exported files.

Tenable has released the Recast Rules API, which enables users to create, view, update, and delete recast and accept rules that modify the severity of vulnerabilities and host audit results. This functionality allows organizations to adjust vulnerability risk ratings and audit severity to align with their internal policies and risk management practices.

Tenable has added the immediate_plugin_updates parameter to the Tenable Vulnerability Management agent profile API calls.

Tenable has published new documentation that provides a high-level overview of key considerations and recommendations for integrating third-party products with Tenable Cloud Security. This guide covers essential topics to ensure successful and scalable integrations, including:

Tenable Web App Scanning now supports SOAP API scanning, extending existing REST and GraphQL API support. With this update, you can assess all major types of API applications, ensuring broader coverage of the API attack surface. For more information, see Launch an API Scan in the Tenable Web App Scanning User Guide.

Tenable is deprecating the legacy acr_score and exposure_score properties returned by the Download assets chunk endpoint. These properties have been superseded by the enhanced v3 ACR and AES scores introduced in New ACR and AES Scores in Assets Exports on April 9, 2025.

Tenable has enhanced the Vulnerability Management vulnerabilities export and Web App Scanning findings export APIs with new filters and additional response data. These updates provide greater flexibility for querying and analyzing vulnerabilities, adding new filters and returning expanded scoring metrics in export responses.

The following v2 filter endpoints are deprecated and are tentatively scheduled for removal on November 5. Tenable recommends transitioning to the replacement endpoints listed below. While the replacements are versioned as v1, they are the current and actively supported endpoints moving forward.

Tenable is pleased to announce the release of the Inventory Export API for Tenable One. This API enables users to asynchronously export asset and findings data in either JSON or CSV format. The workflow includes endpoints to initiate an export, check export status, and download export chunks.

Tenable Web App Scanning now supports GraphQL API scanning, expanding on the existing support for REST APIs. APIs are the foundation of modern web applications and a high-value target for attackers. An increasing number of applications use GraphQL, a modern and flexible API query language.