Tenable.ad 3.17 Release Notes (2022-03-23)

Note: These Release Notes apply to SaaS, except when specified as an on-premises version.

New Features

  • New Indicators of Attack: The DPAPI Domain Backup Key Extraction Indicator of Attack can detect a wide variety of attack tools that use LSA RPC calls to access backup keys.

    For more information, see For more information, see DPIAPI Domain Backup Key Extraction in the Tenable.ad Administrator Guide.

  • Maintenance page during upgrade (General access): During an upgrade of Tenable.ad, the system displays a dedicated page to inform you that maintenance is in progress.

  • Retirement of InfluxDB & Equuleus: Removed the current dedicated database that manages dashboard data to use SQLServer directly as for the rest of the platform.

Bug Fixes

Tenable.ad version 3.17 contains the following bug fixes:

Bug Fix Defect ID
Tenable.ad now counts users with an unknown userAccountControl attribute as active AD users. This can happen when the account provided in Tenable.ad does not have the right to read this attribute or a corresponding attribute set. This can lead to an increase in the total number of users in the dashboard or the license. For more information, see User Accounts in the Technical Prerequisites document. N/A
Tenable.ad propagates changes — such as a move or rename — on an LDAP container to the container children. N/A
Connection to the SYSVOL share succeeds even if you change the credentials. N/A