Tenable.cs 2.4 Release Notes (2022-08-29)

Enhancements

  • AWS CloudTrail integration

    Tenable.cs now includes a new workflow for configuring CloudTrail for a single AWS account and an AWS organization. For more information, see Integrate with AWS CloudTrail Account.

  • Ignore resources for one or more failing policies

    You can now ignore resources for one or more failing policies by modifying the resource configuration file. For more information, see Ignore an Issue.

  • Download logs for on-premises scanner

    You can now download weekly logs for the on-premises code scanner. For more information, see Deploy an On-Premises Code Scanner.

  • Enhanced logging when onboarding multiple repositories

    Tenable.cs now shows more informational messages in the logs for onboarding multiple repositories.

  • Improved static analysis scan for CloudFormation templates

    Static analysis (accurics scan) of CloudFormation templates using Tenable.cs CLI now supports the following additional AWS resources:

    • aws_backup_vault_policy

    • aws_xray_encryption_config

    • aws_ebs_encryption_by_default

    • aws_iam_policy_attachment

    • aws_iam_user_policy_attachment

    • aws_autoscaling_attachment

    • aws_db_snapshot

    • aws_route53_query_log

    • aws_s3_bucket_ownership_controls

    • aws_ami_launch_permission

    The static analysis scan continues even if there are errors and these errors are logged in the scan results.

User Interface Improvements

  • Improved user interface design to match Tenable.io.

Bug Fixes

Bug Fix
Fixed an issue with the code-to-cloud relationship that persists after a pipeline scan even after deleting the cloud resources.
Added a useful tip in user interface and updated documentation for finding the ReadOnlyAccess role when creating a role ARN manually.