Tenable Vulnerability Management 2024 Release Notes

Tenable is pleased to announce key features and content that enhance how you work with compliance findings in Tenable FedRAMP Moderate. This release includes hundreds of new compliance-focused report templates, dashboards, and widgets as well as new findings filters.

• Report template categories — In a previous release, Tenable introduced report template categories. On the Reports page, new categories now contain new templates. Review the categories in Create a Report.

• Dashboard templates — On the Dashboards page, click New Dashboard > Template Library to choose from new dashboards in categories under Host Audits. Review the categories in Create a Dashboard.

• Dashboard widgets — On the Dashboards page, click Widget Library to add new widgets from categories under Host Audits.

• Findings filters — On the Findings workbench in the Host Audits tab, new benchmarking and compliance filters now appear, as described in Findings Filters.

You can now edit scheduled exports from the Tenable Vulnerability Management settings and assign them to different users.

This release includes the following:

• Edit scheduled exports — In Settings > Exports, click and then click Edit to open a pane of export options.

• Reassign scheduled exports — When deleting a user, the system assigns their scheduled exports to the new object owner.

To learn more, see Edit a Scheduled Export and Delete a User Account.

Note: This Sensor Proxy version is available to a limited pilot group and will be rolled out to a wider audience in the future.

The Tenable Sensor Proxy 1.0.10 release includes the following updates:

• Added support for the Tenable Nessus Agent fallback feature. For more information, see Configure Tenable Nessus Agent Fallback.

• Fixed an nginx cache issue.

• Updated OpenResty to version 1.25.3.1.

• Updated OpenSSL to version 3.0.14.

For more information about Sensor Proxy, see the Sensor Proxy User Guide.

Note: This feature is available to a limited pilot group and will be rolled out to a wider audience in the future.

Tenable has added the Configure Plugin Update Plan setting to the Agent Profiles menu. The setting allows you to determine what plugins Tenable Vulnerability Management installs on the selected profile's agents during the daily plugin update and has three possible configurations:

• Auto update to latest — Update agents with the latest plugin set. This is the default selection.

• Delay plugin updates by days — Update agents with a delayed plugin set. The plugin set can be delayed by a minimum of one day and a maximum of 30 days. If multiple plugin sets were published on the configured day, Tenable Vulnerability Management installs the latest set of that day.

• Select plugin set from the last 30 days — Update agents with a specific plugin set from the last 30 days. Tenable Vulnerability Management uses this plugin set until you choose another plugin set or update plan setting.

You can now designate different plugin sets to different agent profiles according to your business needs. For example, you could keep one profile on the latest plugin set for testing and a second profile on a delayed update plan of fourteen days.

For more information, see Agent Profiles in the Tenable Vulnerability Management Early Access User Guide.

Tenable now supports API access security where users can define the IPv4 and IPv6 addresses from which Tenable Vulnerability Management public APIs can be accessed. Users can add discrete, range, or CIDR IPv4 or IPv6 addresses to add an extra layer of security to their container. Administrators can manage this setting in the Access Control section of the user interface.

Tenable is pleased to announce Vulnerability Intelligence, a new main section in Tenable Vulnerability Management. Use this section to compare vulnerabilities known by Tenable to your own exposure. Review vulnerabilities across Tenable's entire database, a subset of that data, or in curated categories that surface crucial vulnerability types.

Where the Findings and Assets workbenches simply show scan results, Vulnerability Intelligence provides context. For example, you can view vulnerabilities being leveraged by threat actors in ransomware—and then check which of your own assets are affected.

In the Vulnerability Intelligence section, you can:

• Search Tenable’s database — Search for any vulnerability known to Tenable and view its complete details.

• Curated categories — Review seven key vulnerability categories built on known risk indicators and Tenable research insights.

• Custom query builder — Drill down to specific vulnerabilities, findings, or assets with a new custom query builder.

• Export findings and assets — Export your findings or affected assets to CSV or JSON.

To learn more, see Vulnerability Intelligence in the Tenable Vulnerability Management User Guide or contact your Tenable representative.

Known Issues

• In the Query Builder, the less than or equal to, exists, and does not exist filter operators may return incorrect results when used with AES and ACR.

• In CSV exports of your findings or affected assets, the Asset ID, ACR, and AES columns do not appear.

Tenable has made the following updates to the Explore workbenches:

• Port filter — On the Assets workbench, the Open Ports and Port filters have been combined. Use the new Port filter to search host or domain inventory assets by specific ports or port ranges. To learn more, see Asset Filters.

• Port Last Detected Open filter — On the Assets workbench, search for all assets with detected open ports as of a date or a date range, as described in Asset Filters.

• Enhanced Findings workbench search — On the Findings workbench, search by asset name, IPv4 address or range, or Classless Inter-Domain Routing (CIDR) block, as described in View the Findings Workbench.

You can now configure scanners to identify the existence of a Tenable Nessus Agent on a target host via the Open Agent Port setting in Tenable Vulnerability Management. This ensures that the host is recorded as a single asset in Tenable Vulnerability Management, regardless of whether they are the target of a scanner's network scan or are generating agent scans.

For more information about automatic asset merging and the Open Agent Port setting, see Configure Agent Profiles to Avoid Asset Duplication in Tenable Vulnerability Management in the Tenable Nessus Agent User Guide.

For information on how to configure the Open Agent Port for an agent profile, see Agent Profiles in the Tenable Vulnerability Management User Guide.

The following is not supported in Tenable FedRAMP Moderate environments. For more information, see the Tenable FedRAMP Moderate Product Offering.

Tenable is pleased to announce key features and content that enhance how you work with compliance findings in Tenable Vulnerability Management. This release includes hundreds of new compliance-focused report templates, dashboards, and widgets as well as new findings filters.

• Report template categories — In a previous release, Tenable introduced report template categories. On the Reports page, new categories now contain new templates. Review the categories in Create a Report.

• Dashboard templates — On the Dashboards page, click New Dashboard > Template Library to choose from new dashboards in categories under Host Audits. Review the categories in Create a Dashboard.

• Dashboard widgets — On the Dashboards page, click Widget Library to add new widgets from categories under Host Audits.

• Custom widgets — When adding a custom widget, you can now include host audit data, as described in Create a Custom Widget.

• Findings filters — On the Findings workbench in the Host Audits tab, new benchmarking and compliance filters now appear, as described in Findings Filters.

Tenable has added the new Info-level Reporting scan setting to Nessus Agent vulnerability scan templates. Configuring this setting can help minimize your scan processing times by decreasing the number of unchanged Info-severity findings that Tenable Vulnerability Management processes after every agent scan.

For more information, see Info-level Reporting and Basic Settings in the Tenable Vulnerability Management User Guide.

Tenable has updated the Findings workbench and Findings Details page with two new fields that enable you to run more accurate findings reports and measure SLA compliance for scanned vulnerabilities.

The new fields are:

• Time Taken to Fix — How long it took to fix a vulnerability found on a scan, in hours or days. Only applicable to Fixed vulnerabilities. Now appears as a Findings Details field, a Findings workbench filter, and a Findings workbench column.

• Last Fixed — The last time a previously detected vulnerability was scanned and noted as no longer present on an asset. Now appears as a Findings workbench column and a Findings Details field. Tenable added the filter in a previous release.

To learn more, see Vulnerability Details and Findings Filters.

Tenable has updated Findings workbench reports and templates in the Act > Reports section as follows:

• Password protection for Findings reports — When you generate a report on the Findings workbench, add a password that uses AES 128-bit encryption. To learn more, see Generate a Findings Report.

• Report categories in the Reports section — When you create a report in the Act > Reports section, choose a template from new categories that better organize Tenable Vulnerability Management's many templates. Tenable will add new categories in the coming days. To learn more, see Create a Report.

In Tenable Vulnerability Management's Remediation section, use a new Asset Tags filter and Asset Tags column to identify which tags are associated with your remediation projects and goals.

For more information, see Remediation.

On the License Information page, the Cloud Security section now shows your licensed Tenable cloud assets instead of your billable cloud resources so you can easily see how much of your license you are using.

Tip: In the new version of Tenable Cloud Security, your licensed asset count may be calculated by multiplying your Compute, Serverless, and Container Repository assets against a ratio and then adding your Container Images (if you use Tenable Container Security). If a ratio is applied, it now appears in the Cloud Security section, in the new License Ratio field. To learn more, contact your Tenable representative.

Tenable has made the following updates to the License Information page:

• Cloud Security section — A new tooltip explains how your licensed cloud assets are calculated. Your ratio, if any, appears in the new License Ratio field. If you have no ratio, 1 appears.

• Compute — Now shows your licensed cloud computing assets. Hover on the number to view your billable resources (the number of resources before any ratio is applied).

• Serverless — Now shows your licensed serverless assets. Hover on the number to view your billable resources.

• Container Repositories — Now shows your licensed container repositories. Hover on the number to view your billable resources.

• Container Images (Legacy Container Security) — This field’s new name clarifies that Tenable Container Security is a legacy application.

To learn more, see License Information.

The Findings and Assets workbenches now support multiple browser tabs.

The following enhancements support this change:

• Findings workbench tabs — Right-click a tab (for example, Cloud Misconfigurations) to open it in a new browser tab, active filters included.

• Details panes — On the findings or assets details panes, in the upper right corner, right-click See All Details to open the corresponding details page in a new browser tab.

• Workbench context menus — On the Findings or Assets workbenches, right-click a row and then click View All Details or View all Details in New Tab to open the corresponding details page in the current tab or a new one.

• Grouped findings — On the Findings workbench, right-click a finding grouped by Plugin and then click View Plugin Details or View Plugin Details in New Tab to review the plugin on Tenable's website.

• Workbench action menus — On the Findings or Assets workbenches, in the () menu, click View All Details or View all Details in New Tab to open the corresponding details page in the current tab or a new one.

To learn more, see Use the Context Menu in the Explore section of the Tenable Vulnerability Management User Guide.

This update enables custom role users to access Tenable Vulnerability Management Scan Management. It also enables administrators to leverage custom roles to manage access to Tenable Vulnerability Management Scan Management tasks, such as viewing and managing scans, exclusions, scan templates, managed credentials, and target groups.

The Sensor Proxy 1.0.9 release includes the following updates:

• Added minor features to support the Tenable Core + Sensor Proxy early access release.

• Updated OpenSSL to version 3.0.12.

• Updated openresty to version 1.41.4.2.

For more information about Sensor Proxy, see the Sensor Proxy User Guide.

Tenable is pleased to announce the redesigned License Information page, which streamlines how you view cloud license details on the Tenable platform.

On the License Information page, you can:

• In Tenable One only, use visual overviews by product or time period to spot trends.

• View license information for all Tenable products in your cloud container.

• View license usage snapshots, such as total assets or available assets.

• View license resource counts for all your cloud products.

The License Information page is available to all users. To learn more, see License Information.

Tenable's redesigned License Information page now supports the new version of Tenable Cloud Security.

If your organization has upgraded to this version, the following new fields appear under Cloud Security:

• Compute — Non function-like cloud resources, such as virtual machines or cloud storage.

• Serverless — Function-like cloud resources such as AWS Lambda or Azure Functions.

In these fields, view your organization's scanned cloud resources. To learn more, see License Information.

The Tenable Vulnerability Management header has been restyled to better align with Tenable’s latest branding and visual design guidelines. It also makes it much easier for users to access their personal profile and product and platform settings from any page in Tenable Vulnerability Management.

For more information, see Navigate Tenable Vulnerability Management.

Tenable Vulnerability Management now supports a single-line command installation and linking method for Tenable Nessus scanners and Tenable Nessus Agents. You can specify the sensor name and group assignment within the single-line command.

For more information, see Link a Sensor in the Tenable Vulnerability Management User Guide.

Tenable Vulnerability Management changed how it processes fully qualified domain names (FQDNs) for assets. All FQDNs will be normalized to lowercase and then the duplicates will be merged.

For example, where asset1 would previously have three FQDNs: ["VeryImportantAsset.local", "veryimportantasset.local", "externalimportantasset.local"], after the change asset1 will have two FQDNs: ["veryimportantasset.local", "externalimportantasset.local"].

This change streamlines the Host Assets view in the Assets Workbench in the user interface, prevents assets from registering as duplicates, and enables users to better focus on the assets that need their attention.