Tenable.io Web Application Scanning
- WAS Scan Notification Support
- Customers can now be notified as soon as a WAS scan launched from the new UI completes by setting up a list of email addresses in their scan configuration.
- Improved Scan Configuration Validation
- The Web Application Scanning v2 API now returns more specific error messages when validating user input. WAS no gives the user the exact errors identified on each field specified by the user.
- WAS scan configuration pages take benefit of the improved API response payload to provide to customers the exact validation error identified in the scan configuration or template.
- New version of Tenable.io WAS Chrome Extension 1.1.0 has been released.
- Users are now able to specify the type of scan, the scanner and the description to associate to the scans to be created from the extension.
- The link included in the new scan creation success message, now directly opens scan configuration page in Tenable.io Web Application Scanning new UI instead of the scans page.
- WAS API changes:
- WAS scan configuration endpoints have been updated to support new notifications property.
- WAS scan configuration endpoints error payloads have been updated to now include invalid field and associated error message.
Bug Fixes
Bug Fix | Defect ID |
---|---|
Fixed vulnerabilities are still visible in WAS dashboard | 00986197 |
Managed Credentials cannot be configured for WAS scan templates in Classic UI | 01039460 |
Old WAS scans still marked as pending | 01045941, 01077595, 01084005 |
Scan results cannot be accessed in new UI | 01074204 |
Unable to launch scan migrated from classic UI | 01070881 |
Email configuration is missing in new UI | 01077241 |
Error when updating WAS user defined template | 01081345 |
Plugin details cannot be accessed from scan results | 01083195 |
WAS Statistics Widget provides incorrect scan statistics | 01084359 |
Disabled schedule scans still launch on classic UI | 01091776, 01090684 |
Drill-down from WAS executive dashboard widgets leads to an error | 01092501 |
WAS asset still appears in Classic UI | 01094815 |
Recast rules do not reject WAS plugins with IDs 112xxx | 01093693 |
Fixed issues where the has_agent attribute was not properly applied to the assets. | 01051804 |