Tenable Vulnerability Management Platform Release Notes - March 2022

These release notes are listed in reverse chronological order. To jump to a place in the release notes, use the following list:

• March 15, 2022

• March 24, 2022

• March 29, 2022

• March 30, 2022

• API

March 30, 2022

Self-Service SAML

• Self-service SAML configuration is now available in Tenable Vulnerability Management. Previously, if customers wanted to enable single sign-on (SSO) on their Tenable Vulnerability Management instance, they had to open a Support ticket and request that Tenable create a SAML configuration. With self-service SAML, customers with administrator privileges can create their own SAML configurations to enable single sign-on without contacting Support.

• Multi-factor authentication: Self-service security settings are now available to Administrators in Tenable Vulnerability Management. With these security settings, users with Administrator privileges can:

  • Allow users on their organization’s instance to generate API keys.

  • Require users on the instance to set up multi-factor authentication.

  • Allow users on the instance to log in to their accounts using a SAML single sign-on (SSO).

  • Allow users to log in to their accounts using a password.

March 29, 2022

Scanning UI Updates

• Renamed the Scanner and Agent Vulnerability Management scan template categories to Nessus Scanner and Nessus Agent, respectively.

• Updated the scan User Permission role names for more clarity.

• Added a Scanner dropdown to the Nessus Scanner > Basic Settings page that allows you to choose between cloud or internal/local scanners.

• You can now edit scanner sensor names.

• Added two Nessus Agent settings: offline_agent_scan_trigger_execution_threshold_days and maximum_scans_per_day.

• Added tooltips to pages and fields related to Tags, Networks, and scanner selection.

Advanced Query Updates

• When you make an advanced query while creating a tag rule or filtering assets, you can now use the tag name in addition to the UUID.

• When you make a typo in an advanced query, an error will appear with a description of the issue.

March 24, 2022

New Collect Inventory Agent Scan Template

The new Collect Inventory scan template leverages Frictionless Assessment to give you a more lightweight scanning option for hosts in varied environments. Inventory agents provide the smallest agent footprint available with an operational installation of less than 200MB, and they cover most OS-level checks for Linux and Windows operating systems. This is an ideal solution for scanning hosts that have limited resources, restricted VMs, systems that require only OS-level checks, or cloud assets that have not yet been natively integrated with Tenable Vulnerability Management Frictionless Assessment.

March 15, 2022

Tagging Improvements

• You can now add up to 10 tags in Basic mode, and choose whether Tenable Vulnerability Management uses AND or OR logic for certain tag rules when applying tags.

• In Basic mode, instead of tag UUID values, Tenable Vulnerability Management displays tag category and value names when a tag rule uses an existing tag as part of the rule.

API

For more information about recent changes to the API, see the Changelog on the Tenable Developer Portal.