What Changed
Added Azure Government Cloud support to the Tenable App data connector, including a dedicated deployment button in the UI and updated authentication mechanisms across all Function App components. Modified Python code to use ClientSecretCredential instead of DefaultAzureCredential for explicit credential management.
Security Impact (Visibility & Fidelity)
This update extends Tenable vulnerability data ingestion to Azure Government Cloud environments, addressing compliance requirements for government and regulated organizations. The authentication changes from DefaultAzureCredential to ClientSecretCredential provide more explicit control over service principal credentials in Government Cloud deployments.
Government Cloud organizations previously could not deploy the Tenable connector due to missing deployment templates and authentication compatibility issues. This fix enables vulnerability management visibility for assets, compliance, and web application security scanning results in Azure Government environments.
Affected Files
Solutions/Tenable App/Data Connectors/TenableVM/TenableAssetDownloadAndProcessChunks/init.py
Solutions/Tenable App/Data Connectors/TenableVM/TenableComplianceDownloadAndProcessChunks/init.py
Solutions/Tenable App/Data Connectors/TenableVM/TenableVulnDownloadAndProcessChunks/init.py
Solutions/Tenable App/Data Connectors/TenableVM/TenableWASAssetDownloadAndProcessChunks/init.py
Solutions/Tenable App/Data Connectors/TenableVM/TenableWASVulnDownloadAndProcessChunks/init.py
Solutions/Tenable App/Data Connectors/TenableVM/TenableVM.json
(packaging artefacts: TenableVMAzureSentinelConnector310Updated.zip, mainTemplate.json, Solution_TenableApp.json, ReleaseNotes.md, 3.1.1.zip)