- update vulnerability open property to account for open states #251 (@RonaldEAM)
- Ronald Arias (@RonaldEAM)
- Tenable enhancement dev #249 (@poornima-metron @gastonyelmini)
- Gaston Yelmini (@gastonyelmini)
- poornima-metron (@poornima-metron)
- INT-11148: extract macaddress regardless if is public or not #248 (@gastonyelmini)
- Gaston Yelmini (@gastonyelmini)
- Michael Knoedel (@mknoedel)
- Michael Knoedel (@mknoedel)
- APP-15128 - Use ipAddress filtering when determining which macAddress to use for assets and agents #243 (@mknoedel)
- Michael Knoedel (@mknoedel)
- Apply remove-codeql with multi-gitter [ci skip] (@electricgull)
- Cameron Griffin (@electricgull)
- Michael Knoedel (@mknoedel)
- add unsupportedByVendor property #241 (@zemberdotnet)
- Populate CODEOWENRS, baseline package.json and baseline cortex.yaml (@jablonnc)
- Matthew Zember (@zemberdotnet)
- Noah Jablonski (@jablonnc)
- Int 8674 add protocol to key #240 (gonzaloavalosribas@Gonzalos-MacBook-Pro.local)
- Gonzalo Avalos Ribas (@Gonzalo-Avalos-Ribas)
- Log duplicated key report #239 (gonzaloavalosribas@Gonzalos-MacBook-Pro.local)
- Gonzalo Avalos Ribas (@Gonzalo-Avalos-Ribas)
- Add port number to the vulnerability key #238 (gonzaloavalosribas@Gonzalos-MacBook-Pro.local)
- Gonzalo Avalos Ribas (@Gonzalo-Avalos-Ribas)
- Add postversion script #237 (gonzaloavalosribas@Gonzalos-MacBook-Pro.local)
- Gonzalo Avalos Ribas (@Gonzalo-Avalos-Ribas)
- Upgrade SDK - Upgrade to NODE 18 #236 (gonzaloavalosribas@Gonzalos-MacBook-Pro.local)
- Update integration-deployment.yml #235 (@Nick-NCSU)
- Gonzalo Avalos Ribas (@Gonzalo-Avalos-Ribas)
- Nick Thompson (@Nick-NCSU)
- Jean R. Robles G. (@jroblesx)
- INT-7813 Fix Adding auto versioning #232 (@jroblesx)
- INT-7813 Adding auto versioning #231 (@jroblesx)
- Jean R. Robles G. (@jroblesx)
- Added
auto
package to help with builds, versioning and npm packaging.
- New target added to create a relationship between
tenable_vulnerability_finding
andvsphere_host
.
- Duplicate keys errors.
- Disable steps that need permissions.
- Undeclared types error for mapped relationships.
- Request retry logic.
- Updated error handling and retry logic.
- Add additional logging to
handleError
- rerelease of 9.3.0
- Ingest
tenable_agent
entity and add relationship totenable_account
.
- Skip duplicate relationships.
-
Fixed
undeclared types encountered during execution
. Specific mapped relationships types forazure_vm
,google_compute_instance
andaws_instance
have been made. -
The updated types are no longer being index metadata.
- Added vulnerability filtering (by severity and state) using instance configuration
- no longer indexing metadata for relationships.
- removed the
output
property from therawData
oftenable_vulnerability_finding
Added the following properties to tenable_vulnerability_finding
: -
cvss3BaseScore - cvss3TemporalScore - cvssBaseScore - cvssTemporalScore -
cvss3Vector - cvssVector - hasPatch
tenable_vulnerability_finding
now properly reflects the correctseverity
.
- add
last_fixed
property totenable_vulnerability_finding
entities. - add the following properties to the
tenable_vulnerability_finding
:cve
,cpe
,description
,recommendation
,impact
. - refactor Container Security to v2 as v1 has been deprecated.
- the following new entities have been added:
Resources | Entity _type |
Entity _class |
---|---|---|
Container Image | tenable_container_image |
Image |
Container Repository | tenable_container_repository |
Repository |
Service | tenable_scanner |
Service |
- the following new relationships have been added:
Source Entity _type |
Relationship _class |
Target Entity _type |
---|---|---|
tenable_account |
PROVIDES | tenable_scanner |
tenable_account |
HAS | tenable_container_image |
tenable_account |
HAS | tenable_container_repository |
tenable_scanner |
SCANS | tenable_container_image |
tenable_container_image |
HAS | tenable_container_report |
tenable_container_image |
HAS | tenable_container_finding |
tenable_container_image |
HAS | tenable_container_malware |
tenable_container_image |
HAS | tenable_container_unwanted_program |
tenable_container_repository |
HAS | tenable_container_image |
- fix tenable_asset
firstSeen
andcomplianceLastSeen
properties to be human-readable
- move @jupiterone/tenable-client-nodejs to this repo
- add assetMacAddress and agentId to vulnerability entity
- add the following properties
- on asset entity
- tags
- on vulnerability entity
- assetHostname
- assetIpv4
- assetDeviceType
- stigSeverity
- vprScore
- riskFactor
- on asset entity
- add tests using vulnerability data form tenable vulnerability export api
- bump sdk to pull in more rawData trimming improvements
- bump sdk to pull in new rawData trimming logic
- add rawData back to vulns and assets
- remove
output
from the properties oftenable_vulnerability_finding
entities
- log large entities size characteristics to identify possible poison pill(s) from tenable api
codeql-analysis
workflowquestions
workflowjupiterone/questions/questions.yaml
- Limit raw data for vuln and assets
- Updated
@jupiterone/integration-sdk-*
tov8.13.1
- fix breakage in test due to jest timers
- Fixed a bug where datetime properties for
tenable_asset
s were strings instead of a parsed number.
- Updated
@jupiterone/integration-sdk-*
tov8.9.0
- Updated vulnerable packages
- ran prettier on project
- enforce prettier style in ci
- Introduce exploit-related properties to the
Vulnerability
entity.
- Introduce the following integration config properties for configuring API
timeouts
assetApiTimeoutInMinutes
vulnerabilityApiTimeoutInMinutes
- Import
@jupiterone/integration-sdk-core
frompeerDependencies
- Updated
@jupiterone/integration-sdk-*
tov7.0.0
- Changed the project / package name from
@jupiterone/graph-tenable-cloud
to@jupiterone/graph-tenable-io
. As a result, all versions fromv8.1.0
and below can be imported using@jupiterone/graph-tenable-cloud
, and all versions abovev8.1.0
should be imported using@jupiterone/graph-tenable-io
- Set
skipTargetCreation: true
on mapped relationships to tenable hosts
- Added
name
property totenable_vulnerability_finding
entities
- Enabled
buildAssetVulnerabilityRelationships
step, which was accidentally disabled
- Prevent duplicate keys for
tenable_vulnerability_finding_is_cve
mapped relationships
- Prevent duplicate keys for
tenable_asset
entities - Prevent duplicate keys for
tenable_vulnerability_finding
entities - Prevent
Cannot read property 'map' of undefined
when iterating CVEs fortenable_vulnerability_finding
-
Added support for ingesting the following new entities:
Resources Entity _type
Entity _class
Asset tenable_asset
HostAgent
-
Added support for ingesting the following new relationships:
Source _class Target tenable_account
HAS tenable_asset
tenable_asset
HAS tenable_vulnerability_finding
-
Added support for ingesting the following new mapped relationships:
Source _class Target tenable_asset
IS <host>
<host>
HAS tenable_vulnerability_finding
tenable_vulnerability_finding
IS <cve>
- Upgraded
@jupiterone/integration-sdk-*@6.18.0
-
Removed support for ingesting the following entities:
Resources Entity _type
Entity _class
Scan tenable_scan
Assessment
,Service
Vulnerability tenable_vulnerability
Vulnerability
-
Removed support for ingesting the following relationships:
Source _class Target tenable_scan
IDENTIFIED tenable_vulnerability_finding
tenable_scan
IDENTIFIED tenable_vulnerability
tenable_scan
SCANS <host>
tenable_user
OWNS tenable_scan
tenable_vulnerability_finding
IS vulnerability
-
Removed support for ingesting the following mapped relationships:
Source _class Target tenable_scan
SCANS <host>
-
Added support for ingesting the following new mapped relationships:
Source _class Target tenable_scan
SCANS <host>
-
Added
TenableClient.iterateAssets()
method. Made other asset export endpoints private.
- Publish contents of
src
- Removed
prepack
script - Run
yarn build
in github workflow - Fixed structure of
/dist
for published package
- Added
displayName
property to entities - Imported client from
@jupiterone/tenable-client-nodejs
. - Added
User-Agent
header to Tenable API calls.
- Adopted open-source
@jupiterone/integration-sdk-*
framework for execution environment.
- Increase timeout for asset/vuln export
- Wait between status calls to asset/vuln export
- Handle Tenable 404 errors on the
scans/scan_uuid/hosts/host_id
endpoint.
- The integration no longer uses the
/workbenches/assets
endpoint to get vulnerability information and now uses the asset export endpoint to get extra asset metadata information.
- Bulk export endpoints for vulnerabilities and assets
- Only retry 500 status code errors from tenable up to a maximum of 3 times
irrespective of
retryMaxAttempts
- Added additional logging the amount of scans and hosts in the scan details.
- Tenable client now correctly resets the retryDelay so that other status codes don't end up using the calculated retry delay from a 429 status code.
- fetchAssetVulnerabilityInfo no longer throws error for status code 500, instead it's logged as a warning message
- synchronizeHosts no longer attempts to fetch host details if the scan is archived. Previously when it did the api would returns a 404.
- Change client log levels from
trace
->info
and request log level fromtrace
->debug
.
- Upgrade
@jupiterone/jupiter-managed-integration-sdk@^35.0.12
, which will enable ECS steps to be executed with a timeout longer than 150 minutes.
- Retry
504
responses
- Retry
500
responses