Tenable.cs 2.5.3 Release Notes (2022-10-14)

Agentless Assessment

Tenable.cs now supports SaaS agentless scanning for workloads on AWS EC2 instances running on Linux operating systems. Agentless Assessment scans AWS workloads for security risks, compliance violations, and configuration drift without installing any agents into your run-time infrastructure. It securely scans your instance resources inside your own environment.

You can configure vulnerability scans using Agentless Assessment in Tenable.cs. When you trigger a cloud scan in Tenable.cs, along with detecting your cloud resources and misconfigurations, Tenable.cs also detects vulnerabilities in your AWS EC2 workload instances.

Agentless Assessment includes the following features:

  • Live Results — Use Live Results to view scan results for new plugins based on the most recently collected snapshot data, without running a new scan.

  • End to End WorkflowTenable.cs provides the end-to-end workflow for running vulnerability scans with Agentless Assessment.

    • Scan Profile and Scan State Information — You can now create scan profiles to group the scan operations of different cloud resources and schedule scans according to your needs. You can also view the scan status and scan history for Misconfiguration and Vulnerability Scans.

    • Manual and scheduled scans — You can now configure and run manual or scheduled cloud scans.

    • Vulnerability Dashboard — The Tenable.cs Vulnerabilities dashboard displays several widgets that provide key insights about the vulnerabilities detected during a Vulnerability Scan.
    • Vulnerability Findings — The Vulnerabilities tab of the Findings page displays the vulnerabilities detected from a Vulnerability Scan.

  • Scan Coverage Parity with Frictionless Assessment Agent — Scan results from Agentless Assessment maintain parity with Frictionless Assessment in Tenable.io.

  • Findings in Tenable.io — You can now view Vulnerability Scan results and assets on the Findings page of Tenable.io.

  • Global Scanning — Agentless Assessment is supported in 12 AWS regions.

For more information, see Agentless Assessment.

Export Vulnerabilities Report to CSV

You can now export the list of vulnerabilities as a CSV. For more information, see View Vulnerabilities.

Bug Fixes

Bug Fix
Fixed an issue with creating a webhook for repositories with CloudFormation templates.