Tenable.ad 3.11 Release Notes (On-prem & SaaS) (2021-12-01)

New Features (SaaS)

Tenable.ad version 3.11 includes the following new features:

  • A new indicator of exposure lists dangerous permissions and misconfigured parameters related to the Windows Public Key Infrastructure (PKI).

New Features (dedicated for on-premises)

  • Secure communications between components via TLS using Tenable.ad's self-signed auto-generated certificate or a custom certificate.

  • A dedicated MSI for the security probe installation.

New Features (on-premises, previously available for SaaS)

  • A lockout policy to mitigate brute force attacks against authentication mechanisms. It aims to lock out user accounts after too many failed login attempts.

  • A product licensing feature to allow you to update your Tenable.ad license.

  • Ability to disable certain indicators of exposure without restarting the security engine node.

  • Support for the localization process.

  • Single domain recrawling to force the refreshing of data for a domain.

  • Use of native Server Message Block (SMB) mapping.

  • Upgrade of Node.js to v16.

Bug Fixes

Tenable.ad version 3.11 contains the following bug fixes:

Bug Fix Defect ID
Tenable.ad purges the previous version's events from internal queues after each upgrade. N/A
The analytics service successfully reconnects to the RabbitMQ server after failures. N/A
The indicator of exposure C-PASSWORD-POLICY is more resilient against a specific corner case. N/A
Tenable.ad ignores InheritOnly ACEs when it checks ACLs to avoid false positives. N/A
The trail flow no longer freezes. N/A
The indicators of attack requiring Sysmon tolerate better versions of Windows event, which strengthens detection. N/A