🛑

Caution

Tenable recommends that you update any existing Legacy Cloud Security integrations that your organization has before September 30, 2024.

🛑

Caution

Tenable recommends that you update any existing Legacy Container Security integrations that your organization has before September 30, 2024.

Tenable has updated the default permission logic for the bulk vulnerability and asset export endpoints. Previously, these endpoints required the Can View access control permission for the asset objects to be exported even if the user was an administrator. Now users with ADMINISTRATOR [64] user permissions can create an export even without the explicit Can View access control permission. By default, administrator users now have permission to export all assets.

Tenable has made several enhancements to the compliance export API. These enhancements improve performance and provide additional functionality for the compliance export API.

A new endpoint has been added to the Tenable Web App Scanning API that enables users to export a WAS scan configuration file for use with the new CI/CD (continuous integration / continuous delivery) scanning integration. You can integrate Tenable WAS Docker images with GitHub, GitLab, Jenkins, CircleCI, or Bamboo to scan builds and prevent vulnerabilities before your code and applications are deployed. For more information, see CI/CD Application Scan Overview in the Tenable Web App Scanning User Guide.

On February 20, 2024, the Relocate Open Port Findings setting will be enabled for all customers that have not yet opted in. This change streamlines how Tenable Vulnerability Management handles open ports. Enabling this setting moves open port findings to the asset level and adds new filters and tags.

Tenable has made several improvements to the View activity log endpoint that enables users to have more granular control when searching activity logs.

A new boolean body parameter is now available for the Tenable Vulnerability Management Export assets endpoint that enables customers to include or exclude open port findings from info-level plugins. The new parameter is include_open_ports. If the new parameter is omitted, Tenable Vulnerability Management uses a default value of false to exclude open port findings from the asset export.

The user permissions requirement for the Import assets endpoint has been reduced from ADMINISTRATOR [64] to SCAN MANAGER [40]. For more information about permissions and roles, see Permissions.

On January 4, 2024, Tenable Vulnerability Management will change how it processes fully qualified domain names (FQDNs) for assets. All FQDNs will be normalized to lowercase and then the duplicates will be merged.