A new scan setting called Info-level Reporting is now available for Nessus Agent vulnerability scan templates. The setting specifies how often an agent scan should report unchanged info-level vulnerability findings. There are several new parameters that can be used when creating or updating a scan to support this new feature.

A new endpoint has been added to the Tenable Web App Scanning API that enables users to generate a scan configuration for a remediation scan. Remediation scans can be used to validate whether remediation actions for a vulnerability has been successful. Note that this endpoint only returns a configuration that can be used to create a remediation scan. You must use the response from this endpoint as the request body for the Create scan config endpoint to create the remediation scan. For more information about remediation scans, see Launch a Remediation Scan in the Tenable Web App user guide.

🛑

Caution

Tenable recommends that you update any existing Legacy Cloud Security integrations that your organization has before September 30, 2024.

🛑

Caution

Tenable recommends that you update any existing Legacy Container Security integrations that your organization has before September 30, 2024.

Tenable has updated the default permission logic for the bulk vulnerability and asset export endpoints. Previously, these endpoints required the Can View access control permission for the asset objects to be exported even if the user was an administrator. Now users with ADMINISTRATOR [64] user permissions can create an export even without the explicit Can View access control permission. By default, administrator users now have permission to export all assets.

Tenable has made several enhancements to the compliance export API. These enhancements improve performance and provide additional functionality for the compliance export API.

A new endpoint has been added to the Tenable Web App Scanning API that enables users to export a WAS scan configuration file for use with the new CI/CD (continuous integration / continuous delivery) scanning integration. You can integrate Tenable WAS Docker images with GitHub, GitLab, Jenkins, CircleCI, or Bamboo to scan builds and prevent vulnerabilities before your code and applications are deployed. For more information, see CI/CD Application Scan Overview in the Tenable Web App Scanning User Guide.

On February 20, 2024, the Relocate Open Port Findings setting will be enabled for all customers that have not yet opted in. This change streamlines how Tenable Vulnerability Management handles open ports. Enabling this setting moves open port findings to the asset level and adds new filters and tags.

Tenable has made several improvements to the View activity log endpoint that enables users to have more granular control when searching activity logs.

A new boolean body parameter is now available for the Tenable Vulnerability Management Export assets endpoint that enables customers to include or exclude open port findings from info-level plugins. The new parameter is include_open_ports. If the new parameter is omitted, Tenable Vulnerability Management uses a default value of false to exclude open port findings from the asset export.