Tenable Attack Surface Management 2024 Release Notes

Tip: You can subscribe to receive alerts for Tenable documentation updates.

These release notes are listed in reverse chronological order.

December 18, 2024

Last Metadata Change

Tenable Attack Surface Management now supports the following filter types for the Last Metadata Change column:

  • before <date>

  • more than <x> days ago

Integration with Azure Cloud Connector

Tenable Attack Surface Management now supports integrations with Azure to add assets from your Azure accounts. For more information, see Integrate with Microsoft Azure.

December 12, 2024

Extended Filtering for Domain Column

Tenable Attack Surface Management now extends the filtering options for the Domain column to make it consistent with other text-based columns.

Tenable Attack Surface Management now includes the following improvements to the Ingestion Filters option in the Inventory Settings section.

  • When you click the x button in the Ingestion Filters box, Tenable Attack Surface Management does the following:

    • Clears overrides and sets the filters to the default global filter settings.

    • Displays a Match all assets link. When you click on the link, Tenable Attack Surface Management updates the Ingestion Filters option to Matching all assets.

December 03, 2024

The Asset Details page now includes an Origin that provides chronological information of attribution events. This feature offers key insights and clarify asset relevance within the source and inventory context. For more information, see View Asset Attribution.

Integration with Tenable Vulnerability Management

You can now integrate Tenable Attack Surface Management with Tenable Vulnerability Management to provide continuous external attack surface monitoring and deliver real-time data for ingestion into the platform. The ingested data enhances Tenable Vulnerability Management host data with External Attack Surface Context, and allows you to perform deep vulnerability scans against them. In return, you are empowered to know the security risk present in exposed vulnerabilities and provides you with a workflow for managing vulnerability findings. For more information, see Integrate with Tenable Vulnerability Management.

November 26, 2024

Improvement
Tenable Attack Surface Management now links all CVEs to https://www.tenable.com/cve instead of National Vulnerability Database (NVD).
Bug Fix
Tenable Attack Surface Management now ensures improved detection of CPE strings and vulnerability correlation for nginx software.

November 19, 2024

Bug Fix
Moving assets between inventories now functions correctly.
Tenable Attack Surface Management now ensures that the column settings remain the same between login sessions.
CNAME assets now age out when they are outdated.

November 12, 2024

Role-Based Access Control (RBAC) in Tenable Attack Surface Management

You can assign Tenable-provided roles to Tenable Attack Surface Management users at the time of their creation in Tenable Vulnerability Management. For more information, see Tenable Attack Surface Management Roles.

Extended Support for AWS Sources

Tenable Attack Surface Management pulls data from the following sources from AWS to your inventories.

  • Amazon EC2

  • Amazon Relational Database Service (RDS)

  • Amazon S3

  • Amazon Elastic Kubernetes Service (EKS)

  • Amazon ElastiCache

  • AWS Elastic Beanstalk

  • Amazon Route 53

  • Amazon OpenSearch / ElasticSearch

For more information, see Integrate with AWS

November 04, 2024

You can now add missing TXT records manually and extend discovery capabilities in specific cases where the record type is not found.

Improvement
The public list API endpoint sources now include extensive documentation to provide a more comprehensive set of instructions.

October 29, 2024

Earlier, Tenable Attack Surface Management allowed the deletion of the last remaining inventory in an account, but creating new inventories in that account required you to contact Tenable Support to associate at least one new inventory with the account.

To reduce the negative ramification of this action, Tenable Attack Surface Management now no longer allows the deletion of an inventory if it is the only remaining inventory.

Improvement
Logging out from Tenable Attack Surface Management now logs you out from Tenable Vulnerability Management as well, through a browser redirect.
Tenable Attack Surface Management now includes minor UX improvements to the Activity Logs page.

October 14, 2024

The Automation Rules page now includes created at and updated at timestamps. Tenable Attack Surface Management now allows soft deletion of rules for better attribution capabilities.

Improvement
The create source API endpoint now includes the target_inventory_id parameter, which makes it easier to copy sources to other inventories.

September 30, 2024

Includes several improvements to the ASM API documentation to improve the clarity of instructions and reflect the most recent API updates.

Bug Fix
Navigation from the Tenable Attack Surface Management workspace to Tenable Identity Exposure now works correctly.
Exporting assets using default parameters when using the Tenable Attack Surface Management API now works correctly.

September 17, 2024

Improvement
Tenable Attack Surface Management now handles subscription notification failures more gracefully.
Bug Fix
Tenable Attack Surface Management services now return CPEs in a valid format.
The CSV exports on the Render as Dashboard page now works correctly.
Tenable Attack Surface Management now ensures that the Activity Logs role settings correctly recognize and respect permission sets.
Tenable Attack Surface Management now ensures that export works correctly without any duplicate columns.
All non-scrollable pop-ups are now scrollable to communicate their full context.
The shared subscriptions now load correctly.

September 02, 2024

You can now filter assets using the bd.last_metadata_change API. This new property unlocks several API use cases, such as cheaper lookups against assets by respecting only metadata updated in a pre-defined time window.

Improvement
Tenable Attack Surface Management has now increased the maximum row count to 20 when rendering assets as dashboard. This change also applies to the custom dashboards page.
Tenable Attack Surface Management no longer clears out asset data if force-refresh calls triggered from the user interface time out.
Bug Fix
Tenable Attack Surface Management now adds a bd.record_value property to assets to deprecate the misleading bd.hostname property. Tenable Attack Surface Management uses this property under the Record Value column.
Tenable Attack Surface Management now shows only relevant filter suggestions from the robust filter input.
The confirmation dialog box now shows up correctly the custom dashboards page.
The asset cell pop-up now renders array data correctly.
The custom dashboards page now shows only relevant column options.
You can now add asset count charts as group elements on the custom dashboards page.
You can now apply legacy filters on certain Chrome versions.
The Manage Columns page now no longer shows duplicate columns.
The suggestion filters now shows is-one-of and is-not-one-of suggestion filters.

August 26, 2024

You can use the Suggestion Blocklist option to exclude domain names, email addresses, hostname, or CIDR (Classless Inter-Domain Routing) from the suggested domains list. For more information, see Suggestion Blocklist.

August 14, 2024

Tenable Attack Surface Management now logs all system events for your account and groups them based on timestamp and actor. You can view these logs from the Activity Logs page. For more information, see Activity Logs.

Custom Dashboards

You can now create custom dashboards, add new widgets, or customize the default Dashboard. For more information, see Manage Dashboards.

August 13, 2024

Improvement
Tenable Attack Surface Management JWT tokens issued to the application may now have a configurable expiration time.
Optimized product performance by removing legacy codebase including references to JQuery.
The User Action Logs page is now renamed as Activity Logs.
User limit messages no longer appear on the Tenable Attack Surface Management administrator user interface in cases where they are already ignored.
Bug Fix
All subscription alert links now redirect to the correct inventory.
Tenable Attack Surface Management now ensures that the Your inventory is full message appears on a daily refresh cadence and not appear on the interface for a prolonged period of time.
Improved HTTP error code clarity and remove case where a 404 error was masked as a 500 server error.
The Tenable Attack Surface Management user interface now appears correctly without any errors.
The Action namespace is filter is now removed from the Activity Logs page.
The preview of the severity breakdown chart in custom dashboards now appears correctly.
The Activity Logs page now shows updated descriptions.
Tenable Attack Surface Management now correctly shows all CVE details in a subset of CVEs.

July 29, 2024

Automation Rules in Activity Logs

Changes to the automation rules now appear on the User Activity Logs page, where state changes to inventories are listed as system tasks.

Effective TLDs

You can now add effective top-level domains (TLD) as sources to further increase the breadth and depth of Tenable Attack Surface Management asset discovery capabilities and help bridge the blind spots in identifying external attack surface.

April 2, 2024

Tenable Attack Surface Management now includes the Robust Filtering option to filter your assets using multiple queries with AND/OR operators. Robust filtering also allows two levels of nesting. You can convert your Legacy filtering query to the Robust filtering query. For more information, see Robust Filtering.

Asset Prioritization

Tenable Attack Surface Management ranks your assets and assigns a severity level to the assets based on their security risk. You can use the severity ranking to prioritize the assets that require immediate attention. For more information, see Asset Prioritization.

Integrations

You can use the Integrations page to integrate Tenable Attack Surface Management with other applications and add assets from these sources. Tenable Attack Surface Management allows you to integrate with CloudFlare and AWS. For more information, see Integrations.

Integration with AWS

Tenable Attack Surface Management now supports integrations with AWS to add assets from your AWS accounts. For more information, see Integrate with AWS.