Tenable Cloud Security 2.3.4 Release Notes (2022-04-18)

Important: Tenable has announced the End of Life for Legacy Tenable Cloud Security. You can continue to access the application and receive support through September 30, 2024. Tenable recommends that you move to the current version of Cloud Security immediately. For more details, see the End of Life bulletin.

Enhancements

Terraform Run Task Integration

The integration of Terraform with Tenable Cloud Security using Sentinel is now deprecated. Terraform now uses the Run Task method for integration with Tenable Cloud Security. When you execute Run Task in the Terraform Cloud user interface, the Tenable Cloud Security Console displays the scan results and summary. You can click the Details link in the Tenable Cloud Security Console to view and filter the results.

User Interface Changes

  • The Custom Policy Groups now has an updated filter with Industry Benchmarks instead of the pre-compiled list of Policy Groups.

  • In the Reports page, the Generate as PDF option for Compliance Reports is removed.

Bug Fixes

Bug Fix

Fixed issues with the remediation code in AWS S3 buckets with the following policies:

  • Ensure at-rest server-side encryption (SSE) is enabled using default encryption keys for AWS S3 buckets.

  • Ensure bucket policy is enforced with least privileges for all AWS S3 buckets.

  • Ensure versioning is enabled for AWS S3 buckets.

Fixed an issue with an AWS S3 bucket where the SSE policy did not clear from failing policies even after being remediated.
Resolved an issue when scanning CloudFormation Template with the Tenable Cloud Security CLI.
Resolved an issue with missing GitLab repositories during onboarding.
Resolved an issue with IaC scanning of a GitHub repository.
Fixed an issue with incorrect First Seen Date for cloud resources in Tenable Vulnerability Management.
Fixed an issue with incorrect Cloud Region shown for a cloud resource in Tenable Vulnerability Management.
Removed an incorrect policy from policy benchmarks.
Improved the error messages when running a scan for Kubernetes using the Tenable Cloud Security CLI.
Fixed an issue with selecting branches for some repositories. Tenable Cloud Security now supports selecting the branches for all types of IaC repositories during onboarding.
Fixed an issue with Cloud ID URLs in the Resource Details page.
Fixed an issue where the Jira tickets generated from the Jira integration had a broken link to the cloud resource.
Tenable Cloud Security documentation now includes steps for connecting to an AWS CloudTrail account manually —
Connect the AWS CloudTrail account manually
Fixed an issue with creating pull requests in the GitLab scan work flow.