added

Web Application Scanning: Limit Parameter Maximum

In the Tenable.io Web Application Scanning v2 API, the limit query parameter is used to specify the number of records to retrieve. The maximum value you can specify for the limit parameter is now 200. If you need to retrieve more than 200 records, use the offset parameter to iterate through page responses.

added

Web Application Scanning: New Scan Status

A new scan status has been added in Tenable.io Web Application Scanning. This new status is called Processing. Processing indicates that the scan has completed but the results are still being processed. For example, the scanner is processing vulnerability findings, attachments, notes, and other metadata.

added

Tag Value Character Limit

Tag values cannot exceed 50 characters in length.

added

Vulnerabilities Workbench Filter Limitation

The filter limit for the GET /workbenches/vulnerabilities endpoint has changed. You cannot specify more than 10 filters or 50 filter values per filter. A 400 Bad Request error is returned if you exceed this limit.

deprecated

Plugin Output Endpoint Deprecation and Limitation

The GET /scans/{scan_uuid}/hosts/{host_id}/plugins/{plugin_id} endpoint is deprecated. Tenable recommends that you use the Exports API endpoints instead. Please update any existing integrations that your organization has since this endpoint will be removed.

added

Vulnerability Management Remediation Scans

Vulnerability management remediation scans allow you to validate whether your vulnerability remediation actions on scan targets have succeeded. If a remediation scan cannot identify a vulnerability on targets where the vulnerability was previously identified, the system changes the status of the vulnerability to Fixed.

added

Web Application Scanning: Tracking Resource for Asynchronous Operations

A new endpoint has been added to the Web Application Scanning v2 API to help users track the status of asynchronous scan configuration operations like creating a scan configuration or updating a scan configuration.

deprecated

Web Application Scanning: Deprecated List Endpoints

The advanced search and filtering feature as described in Web Application Scanning: Advanced Search and Filtering has introduced new POST method endpoints that are intended to replace the older GET method endpoints.

added

Web Application Scanning: Advanced Search and Filtering

The Tenable.io Web Application Scanning v2 API now supports advanced search and filtering to help users refine query results. The new filtering capability allows users to pull only the data that most interests them; for example, hosts affected by a specific OWASP category, specific CVE, or even CWE.

added

Web Application Scanning: DOM Element Exclusion

Tenable.io Web Application Scanning has added a new assessment setting to allow users to exclude DOM elements and their children. DOM element exclusions allow you to prevent scans from interacting with specific page elements like logout buttons or forms. You can configure DOM element exclusions when you create a scan configuration.