Tenable Vulnerability Management Platform Release Notes - May 2021

Important Highlights from this Release

Tenable Vulnerability Management

  • Tenable App for Splunk and Tenable add-on for Splunk v5.

  • Tenable for Jira Plugin (on-prem) version 10.1.1 with support for data center.

Tenable Web App Scanning

  • A new Created At column is now available in the Tenable Web App Scanning scan history table, providing the date when the scan launch action has been requested by the user, allowing users to differentiate this value with the actual time when the scan has been actually dispatched to a scanner and provided in the Start Time column.

    For more information, see View Scan Details.

  • Accept default header has been updated for all new Tenable Web App Scanning scan configurations, to prevent the scanner browser from processing target responses depending on their type. The previous value text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8 has therefore been replaced with */*.

  • New version 1.2.3 of the Tenable Web App Scanning Extension has been released to support the Tenable Vulnerability Management FedRamp platform.

Tenable Lumin

  • The Recommended Actions page now includes CVE-level summary data.

  • The tag switcher is now available on the Recommended Actions page, enabling quick switching between business contexts.

  • Made various bug fixes and user interface text improvements.

PCI

  • New scan status import progress in Tenable PCI ASV workbench – You can now track the import status progress for large scans being imported in the Tenable PCI ASV workbench thanks to a new indicator available in the Scans tab for each scan being currently imported.

  • New Clone Dispute Process – When a dispute is cloned, the entire communication history of the dispute as well as the attachments are now carried over instead of only the most recent message. This allows customers and PCI analysts to get the right context directly in the new dispute and facilitate the processing of the cloned dispute.

  • Attestations Dispute Message History – The history of messages exchanged between the customer and the PCI analyst regarding disputes is now available for attestations in a In Remediation or Completed state.

  • New Plugin Details for Tenable Web App Scanning vulnerabilities – The Plugin Details page has been updated to provide additional information regarding Tenable Web App Scanning vulnerabilities: CWE ID, WASC, OWASP Top 10, and OWASP API Top 10.

API

For more information about recent changes to the API, see the Changelog on the Tenable Developer Portal.