Tenable Vulnerability Management Platform Release Notes - June 2018

Important Highlights from this Release

On-prem

  • Tenable Web App Scanning - Tenable Vulnerability Management on-prem now supports the Tenable Web App Scanning app. New and existing customers can utilize this to understand their Web vulnerabilities
  • Proxy Support - Support for installation and updates via proxies is now supported

Licensing Update

The Tenable Vulnerability Management licensing calculation model has been refined to make it more forgiving of spurious asset data and dynamic cloud workloads. In no case, will the change ever result in a higher licensed asset count, however you may see a reduction.

What has changed:

  • An asset will be considered a licensed asset, if it has been seen with one or more non-discovery plugins in the last 90-days (see below for a list of free discovery plugins). Previously, only assets seen exclusively by the “Host Discovery” scan policy were excluded from the licensed asset count.

    • Below is a list of discovery scan plugin id’s:

      10180, 10287, 10335, 11219, 11933, 11936, 12053, 14272, 14274, 19506, 22964, 33812, 33813, 34220, 34277, 45590, 54615

  • AWS Connector: Licenses for assets discovered through the AWS Connector will be reclaimed the day after they are decommissioned.

Note: If you have any questions, please reach out to your customer success manager.

Tenable Web App Scanning

  • Added support for NTLM Authentication
  • Added support for various new Selenium commands including asserts that elements are present on page
  • New Plugins for vulnerabilities for Wordpress V4.9-V4.9.5
  • New Plugins for backup files and backup directories added

API Enhancements