Tenable.io Web Application Scanning

  • WAS Scan Notification Support
    • Customers can now be notified as soon as a WAS scan launched from the new UI completes by setting up a list of email addresses in their scan configuration.
  • Improved Scan Configuration Validation
    • The Web Application Scanning v2 API now returns more specific error messages when validating user input. WAS no gives the user the exact errors identified on each field specified by the user.
    • WAS scan configuration pages take benefit of the improved API response payload to provide to customers the exact validation error identified in the scan configuration or template.
  • New version of Tenable.io WAS Chrome Extension 1.1.0 has been released.
    • Users are now able to specify the type of scan, the scanner and the description to associate to the scans to be created from the extension.
    • The link included in the new scan creation success message, now directly opens scan configuration page in Tenable.io Web Application Scanning new UI instead of the scans page.
  • WAS API changes:
    • WAS scan configuration endpoints have been updated to support new notifications property.
    • WAS scan configuration endpoints error payloads have been updated to now include invalid field and associated error message.

Bug Fixes

Bug Fix Defect ID
Fixed vulnerabilities are still visible in WAS dashboard 00986197
Managed Credentials cannot be configured for WAS scan templates in Classic UI 01039460
Old WAS scans still marked as pending 01045941, 01077595, 01084005
Scan results cannot be accessed in new UI 01074204
Unable to launch scan migrated from classic UI 01070881
Email configuration is missing in new UI 01077241
Error when updating WAS user defined template 01081345
Plugin details cannot be accessed from scan results 01083195
WAS Statistics Widget provides incorrect scan statistics 01084359
Disabled schedule scans still launch on classic UI 01091776, 01090684
Drill-down from WAS executive dashboard widgets leads to an error 01092501
WAS asset still appears in Classic UI 01094815
Recast rules do not reject WAS plugins with IDs 112xxx 01093693
Fixed issues where the has_agent attribute was not properly applied to the assets. 01051804