Tenable has updated the permissions required for a number of Tenable.io Container Security API endpoints (both v1 and v2). The affected endpoints are listed in the tables below.
If configured to use Nessus Plugin ID 45590, Tenable.io scans identify software applications installed on an asset, and log that information to a new attribute in the asset record. This attribute, installed_software, contains a list of Common Platform Enumeration (CPE) values in the CPE 2.2 format. For more information, see the "Component Syntax" section of the CPE Specification, Version 2.2.
Tenable.io Container Security API v2 is now available. It replaces the deprecated Tenable.io Container Security API v1.
Tenable.io Container Security API v1 is deprecated. Use Tenable.io Container Security v2 API instead.
In larger enterprises, you can reduce the time and cost of setting up and maintaining locations by deploying network templates that use identical asset configurations, including internal IP addresses. Tenable.io allows you to create a custom network object for each network template you want to deploy. You can then manage scans for all locations centrally, while analyzing the related assets and vulnerabilities both collectively and by individual location.
With the latest enhancement to the Vulnerability Priority Rating (VPR), Tenable.io automatically imports new and updated VPR values daily.
You can now use Tenable.io Vulnerability Management API to apply dynamic tags to assets. For more information, see Apply Dynamic Tags.
The exports API for Tenable.io allows you to asynchronously export asset and vulnerability data from Tenable.io.
With Centralized Credentials Management, Tenable.io allows you to store your scan credentials centrally and reuse managed credentials in multiple scans. For more information, see the Tenable.io Vulnerability Management User Guide.
With the release of Vulnerability Priority Rating (VPR) for Tenable.io, response messages for Exports and Workbenches endpoints now include the following attributes:
