Tenable Vulnerability Management Platform Release Notes - October 2020

Important Highlights from this Release

Tenable Vulnerability Management

  • The Resource Center is now available in Tenable Vulnerability Management. It consolidates help documentation, notifications, new releases, and other helpful content in one easy to access location.

  • New user interface enhancements. These changes are designed to allow users to access more information quickly and allow them to more easily assess and manage their vulnerabilities. A few key highlights include:

    • A new custom dashboard experience where you can create new dashboards from scratch or customize dashboards from a template. You can also easily set your preferred default dashboard.

    • Summary snapshot widgets with click-to-apply quick filters were added to key landing pages, including Assets and Vulnerability pages.

    • Redesigned Vulnerability Details page with key information and output details prominently displayed.

    • Ability to easily add a recast rule directly from the vulnerability details page within a specific asset view. You can also edit existing rules from the same page.

    • Quick Action button added to global menu bar, simplifying workflows and giving you quick and easy access to key actions.

  • The release of an Event History feature for the AWS and Azure Cloud Connectors. Event History will give cloud connector users an up to date history of the events going on with their cloud connectors. This will help inform users about their connector status during setup as well as debugging and general health status of their connectors. 

  • To improve performance, the Search feature for Hostnames and IPs, on the Asset Affected tab of Vulnerability Details page in the new Interface, was changed to use the "begins with" filtering operator instead of "contains". The "contains" operator continues to be available in the filters on the page.

  • Vulnerability Export public API endpoint will return 30 days worth of data, if no filters or no date based filters are applied. For more information, see the /vulns/export endpoint in the Tenable Developer Portal.

  • New and improved Dashboard Management. With the new dashboard management experience, you can create, edit, duplicate, or delete dashboards from a single place, as well as search dashboards or dashboard templates and also change your default dashboard.

  • Exporting Assets and VM landing pages.

Tenable Web App Scanning

  • Tenable Web App Scanning Scan Notification Support

    • Customers can now be notified as soon as a Tenable Web App Scanning scan launched from the new UI completes by setting up a list of email addresses in their scan configuration.

  • Improved Scan Configuration Validation

    • The Tenable Web App Scanning v2 API now returns more specific error messages when validating user input. Tenable Web App Scanning no gives the user the exact errors identified on each field specified by the user.

    • Tenable Web App Scanning scan configuration pages take benefit of the improved API response payload to provide to customers the exact validation error identified in the scan configuration or template.

  • New version of Tenable Web App Scanning Chrome Extension 1.1.0 has been released.

    • Users are now able to specify the type of scan, the scanner and the description to associate to the scans to be created from the extension.

    • The link included in the new scan creation success message, now directly opens scan configuration page in Tenable Web App Scanning new UI instead of the scans page.

  • Tenable Web App Scanning API changes:
    • Tenable Web App Scanning scan configuration endpoints have been updated to support new notifications property.
    • Tenable Web App Scanning scan configuration endpoints error payloads have been updated to now include invalid field and associated error message.

Bug Fixes

Bug Fix Defect ID
Fixed vulnerabilities are still visible in Tenable Web App Scanning dashboard 00986197
Managed Credentials cannot be configured for Tenable Web App Scanning scan templates in Classic UI 01039460
Old Tenable Web App Scanning scans still marked as pending 01045941, 01077595, 01084005
Scan results cannot be accessed in new UI 01074204
Unable to launch scan migrated from classic UI 01070881
Email configuration is missing in new UI 01077241
Error when updating Tenable Web App Scanning user defined template 01081345
Plugin details cannot be accessed from scan results 01083195
Tenable Web App Scanning Statistics Widget provides incorrect scan statistics 01084359
Disabled schedule scans still launch on classic UI 01091776, 01090684
Drill-down from Tenable Web App Scanning executive dashboard widgets leads to an error 01092501
Tenable Web App Scanning asset still appears in Classic UI 01094815
Recast rules do not reject Tenable Web App Scanning plugins with IDs 112xxx 01093693
Fixed issues where the has_agent attribute was not properly applied to the assets. 01051804