Tenable removed the documentation for several of the v3 beta endpoints on February 22nd, 2023. The v3 beta endpoints were sometimes referred to collectively as the explore workbench API. Tenable recommends that customers discontinue their use of the beta endpoints for production and integration purposes. Refer to the Alternative Endpoints section for alternatives.

The user permissions requirement for v2 exports has been reduced from ADMINISTRATOR [64] to BASIC [16]. For more information about permissions and roles, see Permissions.

A new endpoint has been added to the Tenable PCI ASV API to allow customers to list PCI attestations. The endpoint accepts a query parameter called status_type to filter the results by status. For more information about PCI ASV, see Get Started with PCI ASV Scanning in the Tenable Vulnerability Management User Guide.

New documentation has been published to provide developers with a high-level overview of key considerations and recommendations when integrating third-party products with Tenable's enterprise platforms. Tenable only engages in go-to-market activities with partners and only provides technical support for customer issues if your integration has been validated. The following integration kickstart guides provide recommendations to ensure that your integration can be validated.

🛑

Caution

The information contained in this changelog has been superseded. Refer to Concurrent Active Scan and Scan Processing Limit for the most recent information about concurrent active scan limits.

Documentation for the Tenable PCI ASV API is now available in the developer portal. A new endpoint has been added to allow customers to list PCI ASV scans. For more information about PCI ASV, see Get Started with PCI ASV Scanning in the Tenable Vulnerability Management User Guide.

A new endpoint has been added to the Tenable.io API to allow customers to retrieve a count of the total number of active and inactive scans in their container. The endpoint accepts a boolean query parameter called active to return only the number of active scans.

The Web Application Scanning v1 API is now deprecated and marked for end of life. Tenable recommends that you update any existing integrations that still use the WAS v1 API to the WAS v2 API. All features and functionality of the WAS v1 API are included in the WAS v2 API, and the WAS v2 API is already enabled across all customer Tenable.io environments.

A new filter has been added to the assets export endpoint to allow customers to filter assets that were last scanned by a specified scan configuration UUID. The new filter is last_scan_id.

The user permissions requirement for editing and deleting assets has been reduced from ADMINISTRATOR [64] to SCAN OPERATOR [24]. For more information about permissions and roles, see Permissions.