Tenable Vulnerability Management Platform Release Notes - March 2018
Important Highlights from this Release
Dashboard
- Ability to export PDF for Dashboard templates
- Ability to schedule an email with PDF attachment on set frequency
- Option to schedule email for existing Report templates
Asset Deletion
- Assets and their vulnerabilities can now be deleted from the asset workbench. Deleting assets is a mechanism to remove the data, however it will not remove the asset from the license
Automatic Scanning of AWS Assets
- The AWS pre-authorized scanner can now be configured to scan all available assets
Tagging Enhancements
- The flow for adding a tag to an asset has been improved by auto-advancing the cursor after pressing "Enter"
- Add/Remove tag events are now displayed in the asset activity log
CyberArk Integration
- Ability to authenticate to CyberArk using certificates.
BeyondTrust Integration
- Ability to use BeyondTrust PasswordSafe as a credential source for Windows credentials
- Ability to use BeyondTrust PasswordSafe as a credential source for Linux (ssh) credentials
Tenable Web App Scanning
- Ability to see Scan Progress including metadata, statistics and scan results while a scan is running
- Include a screenshot of the web application home page (plugin 98138)
- Notify users when HTTP server authentication has been detected on the web application during scans (plugin 98024)
- Notify users when HTTP server authentication credential led to successful or failed authentication (plugins 98025, 98026)
- Extend CMS support by fingerprinting Wordpress and Drupal, and detect Wordpress admin panel (plugin 98144)
Bug Fixes
| Bug | Defect ID |
|---|---|
| Advanced Filtering Not Working for Pre-September Scans | 00526216 |
| Blank notification email for scan results | 518339 |
| Resolved Inconsistencies with "Name" Field Values Between Assets and Vulnerabilities Workbench | 00562979 |
| Scan targeting issues for AWS scans | 00572696 |
| Scan exports hanging | 00535973 |