This document describes many of the changes that are included in SecurityCenter 5.5.0, as well as significant enhancements and notes for upgrading. A PDF file of these release notes is also available here.
New Features and Enhancements
Based on customer feedback and Tenable’s own rigorous internal testing process, the latest release of SecurityCenter 5.5.0 includes the following capability improvements:
- Thycotic Secret Server Support - Customers can now utilize Thycotic to manage credentials used for scanning
- Improved password control - Customers can now control password expiration and complexity in SecurityCenter
- Support for translated plug-ins - Customers can now select plug-in languages in SecurityCenter, including plug-ins translated into Japanese, Chinese (Simplified), and Chinese (Traditional)
Before You Upgrade
If you are planning an upgrade from SecurityCenter 4.x, due to the many enhancements and changes made in the SecurityCenter 5 solution, Tenable strongly encourages you to install and test the latest version of SecurityCenter in a pre-production environment prior to upgrading in your production environment to ensure the new workflows and enhancements are compatible with your current workflows. To receive an evaluation key that will allow you to install SecurityCenter in a pre-production environment for evaluation, log in to the Tenable Support Portal and click "Activation Codes". Under SecurityCenter, you will see a link to download a demo key for the SecurityCenter 5 solution.
SecurityCenter 5.5.0 supports the following direct upgrade paths:
- 4.8.2 > 5.5.0
- 5.[0-4] > 5.5.0
Installations running previous versions of SecurityCenter 4.x must upgrade to at least 4.8.2 prior to upgrading to SecurityCenter 5.5.0. For more information about upgrading to SecurityCenter 5.5.0, refer to the SecurityCenter 5.5 User Guide.
If you are using Nessus agents, SecurityCenter 5.5.0 requires Nessus Cloud or Nessus Manager 6.8 or later. If you are not using Nessus agents, SecurityCenter requires Nessus Scanner 6.3 or later. SecurityCenter requires the Passive Vulnerability Scanner 5.1 or later. If SecurityCenter Continuous View uses the Log Correlation Engine (LCE) for log processing, SecurityCenter requires LCE 4.8 or later for complete feature compatibility.
NOTE: Due to changes in API architecture, all APIs created using SecurityCenter 4.x have been deprecated. For more information about SecurityCenter REST API, refer to the SecurityCenter REST API Documentation.
The command syntax for an RPM upgrade is as follows:
# rpm -Uvh [RPM Package File Name]
File Names & MD5 Checksums
|SQL Error stopping SecurityCenter service||367862|
|Get trending working with data||374651|
|Directory traversal possible (DashboardLib.php)||377839|
|LCEStatus.php imports vulns every 15m regardless of "PassiveScannerResultsInterval"||375515|
|Endpoint /analysis::POST fails to sort on field DNS name for tool "sumip"||374932|
|Flush log writes sooner than currently in Jobd.php||367862|
|Migration to 5.5+ incorrectly displays "failed to restore" message||377905|
|Clean up group permissions on user add/edit||341459|
|Double calls made when editing a dashboard component||304412|
|Scan Copied Deletion and Edit - Does not delete Schedule||264241|
|Incorrect column list is displayed for CSV export of VDL||262690|