Web Application Scanning: Deprecated List Endpoints
The advanced search and filtering feature as described in Web Application Scanning: Advanced Search and Filtering has introduced new POST method endpoints that are intended to replace the older GET method endpoints.
Web Application Scanning: Advanced Search and Filtering
The Tenable.io Web Application Scanning v2 API now supports advanced search and filtering to help users refine query results. The new filtering capability allows users to pull only the data that most interests them; for example, hosts affected by a specific OWASP category, specific CVE, or even CWE.
Web Application Scanning: DOM Element Exclusion
Tenable.io Web Application Scanning has added a new assessment setting to allow users to exclude DOM elements and their children. DOM element exclusions allow you to prevent scans from interacting with specific page elements like logout buttons or forms. You can configure DOM element exclusions when you create a scan configuration.
Web Application Scanning: Scan Folders
Tenable.io Web Application Scanning now supports folders for scan jobs. This feature allows you to create custom folders for organizing your scans. Additionally, there are three Tenable-provided default folders: All Scans, My Scans, and Trash.
Tenable.io Scan Results Archived at 35 Days
Tenable.io previously categorized as "archived" any scan results that were older than 60 days. Tenable.io now archives scan results older than 35 days.
Bulk Network Operations for Agents
Two new endpoints have been added to the Tenable.io API for agent bulk operations. These endpoints allow you to create a bulk operation task to add agents to a network or remove agents from a network.
New Behavior for the Since Filter in Vulnerability Exports
The behavior for the since
filter, used in the Tenable.io vulnerability export API, will change on January 25, 2021.
New POST Method Available for Filters Endpoints
There are two existing endpoints available for retrieving the filtering, sorting, and pagination capabilities available for assets and vulnerabilities. These two endpoints are GET /filters/workbenches/assets and GET /filters/workbenches/vulnerabilities.
WAS: Pagination Update
The Tenable.io Web Application Scanning v2 API page request and response format has been updated to match the Tenable.io Vulnerability Management format. This change brings consistent pagination across the various Tenable.io APIs. The old page request and response format has been deprecated in favor of the new page request and response format.
WAS: Scan Report Format Update
The scan report format for the Web Application Scanning v2 API endpoint GET /was/v2/scans/{scan_id}/report has been updated from version 1.0 to version 1.1. Previously, in scan report report format version 1.0, all cross-references were returned within the xrefs
object. In scan report format version 1.1, all cross-references are returned as structured references to make parsing easier for the user.