Tenable has released pyTenable version 1.5.0.

The Tenable Security Center Integration Kickstart Guide has been updated.

Documentation for the Tenable Attack Path Analysis API is now available in the Tenable Developer Portal. A new endpoint has been added that enables users to retrieve details about Attack Path Analysis findings. For more information about findings, see Findings in the Tenable Attack Path Analysis User Guide.

Documentation has been added to the Tenable Developer Portal for the Change role endpoint that enables customers to change the role assigned to a specific user. For more information about user roles within Tenable Vulnerability Management, see Roles in the Tenable Vulnerability Management User Guide.

A new feature has been added to Tenable's cloud platform that enables users to restrict access to the API by specifying an allowlist of IPv4 or IPv6 addresses. The list of allowed addresses can include discrete IP addresses, IP address ranges, and IP subnets. For example, for IPv4 you could specify "192.0.2.0, 198.51.100.4-198.51.100.10, 203.0.113.0/24" and for IPv6 you could specify "2001:db8:2e92:75f2:d40a:e290:10b3:c0f, 2001:db8:1e1f:46a1:e3cb:2110:22c6:0000-2001:db8:1e1f:46a1:e3cb:2110:22c6:ffff, 2001:0DB8::/32". If an empty string is provided then the API can be accessed from all IP addresses.

A new setting has been added to the Tenable-provided API Scan template that enables users to provide a URL for the OpenAPI specification for the RESTful API they want to scan. This new functionality adds a layer of convenience over the file upload option, and the URL is checked before every scan to ensure that the API specification is up to date.

On May 16, 2024, Tenable will update the .nessus scan export format to include individual open port findings. This will ensure that you can still view open port findings in Tenable Security Center if your organization integrates Tenable Vulnerability Management with Tenable Security Center.

Tenable has deprecated the following List vulnerabilities query parameters:

A new scan setting called Info-level Reporting is now available for Nessus Agent vulnerability scan templates. The setting specifies how often an agent scan should report unchanged info-level vulnerability findings. There are several new parameters that can be used when creating or updating a scan to support this new feature.

A new endpoint has been added to the Tenable Web App Scanning API that enables users to generate a scan configuration for a remediation scan. Remediation scans can be used to validate whether remediation actions for a vulnerability has been successful. Note that this endpoint only returns a configuration that can be used to create a remediation scan. You must use the response from this endpoint as the request body for the Create scan config endpoint to create the remediation scan. For more information about remediation scans, see Launch a Remediation Scan in the Tenable Web App user guide.