Tenable.cs 2.5.10 Release Notes (2023-02-06)
User Interface Changes
-
You can now customize a table by adding or removing columns using the
icon in all tabs of the Project and Connections page. -
In the repository onboarding flow, Tenable.cs no longer supports Application as the IaC engine type.
-
You can now filter by Cloud provider in the Findings > Vulnerabilities tab.
Policy Updates
This release provides the following updates to policies:
-
Tenable.cs now supports CIS 1.5 Level 1 and Level 2 benchmark compliance.
-
Improvements in policy descriptions for clarity.
-
Tenable.cs now supports the following policies for AWS Lambda:
Policy ID Policy Severity Terraform resource Remediation Benchmark AC_AWS_0613 Ensure AWS Lambda function is configured with a Dead Letter Queue LOW aws_lambda_function Yes GDPR:32.1.b HIPAA:164.306(a)(1)&164.312(b) NIST-800-171:3.3.1&3.3.2&3.3.3 NIST-800-53:AU-2 NIST-CSF:PR.PT-1
AC_AWS_0614 Ensure AWS Lambda Functions have associated tags LOW aws_lambda_function Yes GDPR:32.1.b NIST-800-171:3.4.2 NIST-800-53:CM-6 NIST-CSF:PR.IP-1 HIPAA:164.306(a)(1)
AC_AWS_0615 Ensure AWS Lambda functions are configured to use provisioned concurrency LOW aws_lambda_function Yes GDPR:32.1.b NIST-800-53:SC-6 HIPAA:164.306(a)(1)
AC_AWS_0616 Ensure Code Signing is enabled for AWS Lambda functions HIGH aws_lambda_function Yes GDPR:32.1.b NIST-800-171:3.4.6&3.4.7 NIST-800-53:CM-7(8) NIST-CSF:PR.DS-6 HIPAA:164.306(a)(1) AC_AWS_0618 Ensure AuthType is set to 'AWS_IAM' for AWS Lambda function URLs MEDIUM aws_lambda_permission Yes GDPR:32.1.b HIPAA:164.306(a)(1)&164.312(a)(1) ISO-27001:A.9.4.1&A.9.4.5 NIST-800-171:3.1.1 NIST-800-53:AC-3 NIST-CSF:PR.AC-4&PR.PT-3 AC_AWS_0619 Ensure AWS Lambda function permissions have a source ARN specified MEDIUM aws_lambda_permission Yes GDPR:32.1.b HIPAA:164.306(a)(1)&164.312(a)(1) ISO-27001:A.9.4.1&A.9.4.5 NIST-800-171:3.1.1 NIST-800-53:AC-3 N
Bug Fixes
| Bug Fix |
|---|
| Resolved an issue with Tenable.cs user interface timing out in some cases. |