Tenable Cloud Security 2.3.5 Release Notes (2022-07-11)


  • Different Projects for Each SCM Type

    Tenable Cloud Security now creates a separate project for each source code management (SCM) type instead of a single project when you onboard all repositories with multiple SCM providers.

    For example, if you automatically onboard all repositories that have both GitHub and GitLab repositories, Tenable Cloud Security creates the following two projects:

    • Default Gitlab Repositories

    • Default Github Repositories

    For more information, see Connect Repositories.

  • Improved Jira Integration Workflow

    Jira integration user interface now has a simplified workflow and uses API token for authentication. In the Jira Integration workflow, you can do a one-time setup for Jira tickets by specifying the Jira project, issue type, priority, assignee, and reporter. When you create a Jira ticket for an issue, Tenable Cloud Security automatically populates the Jira ticket details based on your Jira configuration and policy violations. For more information, see Configure Atlassian Jira Integration.

User Interface Improvements

Changes to the Alerts Page

  • The Alerts and Alert Rules tabs now have new filter options.

  • The Alerts tab now shows only policy-based and security-based events. All audit log alerts are now removed from the Alerts tab.

Documentation Updates

The following Quick Reference Guides are now available for Tenable Cloud Security:

Bug Fixes

Bug Fix
Fixed an issue where removed policy groups appear in a project.
Fixed an issue where high severity violations do not show up when a project contains policy groups in both the Monitor and Enforce modes.

Fixed an issue with incorrect reporting of violation for the following policy:

Ensure that Microsoft Defender for Key Vault is set to 'On'.

The URL displayed after a pipeline scan now shows only the summary of the pipeline run.
Fixed an issue with Tenable Cloud Security cloud resources not appearing in Tenable Vulnerability Management.
Fixed an issue with mapping new cloud objects using the accurics plan command after destroying all the objects managed by a Terraform configuration (terraform destroy).
GitHub Action now uses the Tenable Cloud Security API endpoint.
Terraform private module parameters, TFC_HOST_NAME and TFC_USER_TOKEN, can be used even when the plan-based setup is disabled.
Fixed an issue with selecting a subfolder of a repository branch when onboarding a repository.
Fixed an issue with navigating folders and subfolders of a repository branch when onboarding a repository.
Fixed issues with policies in the Azure Security Best Practices v2 Policy Group.
Updated installation procedure for Docker engine in the Deploy an On-Premise Code Scanner section of the Tenable Cloud Security documentation.

Fixed an issue where some GitLab repositories were duplicated after onboarding.

Fixed an issue where some GitLab repositories were missing after onboarding.
Fixed an issue with onboarding multiple GitLab repositories.
Fixed an issue with notifications not being triggered for Splunk Cloud.
Fixed an issue with selecting branches when onboarding some repositories. Tenable Cloud Security now supports selecting branches for all types of repositories.
Fixed an issue with some GitHub repositories not being scanned during bulk onboarding.
Fixed an issue with the remediation code for the Ensure 'allow all actions from all principals' is disabled for AWS S3 Buckets policy.

Known Issues

  • During onboarding some GitLab repositories, a few issues occur:

    • Tenable Cloud Security fails to discover some repositories.

    • Repositories require re-authentication even after successfully connecting GitLab with Tenable Cloud Security.

  • The built-in Windows zip utility cannot unzip the config.zip file. Instead, use the 7-zip utility to unzip the file on Windows.