Tenable.sc 5.12.0 Release Notes (2019-10-03)

Tip: Tenable rebranded SecurityCenter as Tenable.sc. For more information, see the announcement.

If you are running version 5.6.2.1 or later, you can upgrade directly to version 5.12.0 If you are running a version earlier than 5.6.2.1, upgrade to version 5.6.2.1 before upgrading to version 5.12.0.

Note: If your upgrade path skips versions of Tenable.sc (e.g., upgrading from 5.6.2.1 to 5.12.0), Tenable recommends reviewing the release notes for all skipped versions. You may need to update your configurations because of features and functionality added in skipped versions.

You can download the update files from the Tenable.sc Downloads page.

New Features

Privileged Account Auditing

Tenable.sc now logs additional events for auditing administrator accounts:

  • User lock / user unlock
  • User create / user edit / user delete
  • Enable password complexity / disable password complexity
  • Changing maximum number of login attempts
  • Changing the login banner
  • Changing session management settings
  • Changing login notification settings
  • Changing any field within data expiration
  • Changing header text

Admin License Component

You can now view an Overview Dashboard graph of your license usage over time in relation to your current license maximum.

For more information, see Overview Dashboard in the Tenable.sc User Guide.

Nessus Log Retrieval

You can now download Nessus logs directly from Tenable.sc.

For more information, see Download Nessus Scanner Logs in the Tenable.sc User Guide.

Nessus Health Status

Tenable.sc now displays Nessus health information to assist in troubleshooting.

For more information, see View Nessus Scanner Details in the Tenable.sc User Guide.

Tenable.sc Health Status Fields

Tenable.sc now displays additional health checks on the existing Tenable.sc Diagnostics page.

For more information, see Diagnostics in the Tenable.sc User Guide.

Solutions View

This new view allows you to better assess your Cyber Exposure and focus on the most important actions first.

For more information, see View Solutions in the Tenable.sc User Guide.

Disable PHP Serialization

You can now disable export functionality in Tenable.sc (e.g., dashboard export, report export, etc.).

For more information, see Security Settings in the Tenable.sc User Guide.

PHP Version

Upgraded to PHP 7.3.9.

Bug Fixes

Bug Fix Defect ID
Resolved an issue viewing asset intersections on a repository. 00821563
Improved the error messaging around uploading zipped Nessus files. 00832235
Resolved an issue where previously mitigated vulnerabilities were being duplicated upon rediscovery. 00821464
Resolved an issue with editing usernames as an admin. 00810100
Updated Apache configs to prevent running in HTTP mode. 00781702
Resolved an issue with malformed characters in the Recast Risk database. 00778720
Resolved an issue with reports when no display columns were selected. 00640428
Resolved an issue where Apple devices would show up as a device on reports. 00557162

API Changelog

For more information about the API changes for this release, see the Tenable.sc API Changelog.

Filenames and MD5 Checksums

Filenames and MD5 checksums are located on the Tenable.sc Downloads page.

Tenable Integrated Product Compatibility

The following table lists the Tenable product versions tested with Tenable.sc 5.12.0:

Product Tested Version
Nessus

8.5.1 and later

Log Correlation Engine 5.1.1 and later
Nessus Network Monitor 5.9.0 and later
Industrial Security 1.4.0 and later