Version 11.00.00 Release Notes

A high-level overview of the changes/updates included in RiskSense Version 11.00.00, released on August 6, 2021.

The RiskSense platform version 11.00.00 update includes the following features and enhancements:

To seek help using our new features, receive feature documentation, and/or schedule training, please contact your Customer Success account manager directly or send a message to support@risksense.com.

New Features

MIXED Network Type and Asset Identification

Support for a new network type called “MIXED” is available now. In this mode, there is a default set of asset identifiers. However, users can work with RiskSense Support to configure a different set of asset identifiers for their MIXED network. Unlike IP and HOSTNAME-based networks, a MIXED network allows custom asset identification and avoids duplication. Please contact RiskSense Support for further details.

Integrations

CrowdStrike Falcon Spotlight Connector

Support for the Crowdstrike Falcon Spotlight scanner has been added to the RiskSense platform as an API connector. It can be found under the Integrations view as a separate card and configured to run on the desired schedule. For more information, visit our CrowdStrike Falcon Spotlight Connector Guide.

Dashboards

Adjustments to Save As Feature

The Save As feature now allows users to create copies of their own custom dashboards. Users can create a copy of a custom dashboard that they are viewing or currently editing. If the user copies a dashboard while editing, changes to the original dashboard will not be saved. Widgets in the new dashboard will have the same settings as widgets on the original dashboard.

Simpler Widget Configuration Workflow

If a user is editing a custom dashboard, that user will no longer see the configuration options menu on configurable widgets. The user must save the dashboard before configuring widgets on it. Previously, users went through different workflows to configure widgets depending on whether they were simultaneously editing the dashboard layout or viewing the dashboard normally.

Uniform Enforcement of Read-Only Role

Users with the Read-Only role can no longer create new dashboards nor edit dashboards. Creating new dashboards is exclusive to the Dashboard Modify privilege included with many foundational IAM roles.

List View Enhancements

Recent Scans Section Renamed

On both Hosts and Applications pages, the Recent Scans section has been renamed to “Scanner Specific Information.” Along with the Recent Scans data, this section has details about Asset Identification (unique identifiers) and Scanner specific fields.

System Filter Updates

The Applications page was enhanced to include all the system filters on the Host page, and CVE-2021-35211 was added to the “SolarWinds Attack Surface” system filter. In addition, CVE-2021-32589 was added to the Fortinet system filter, which has been renamed to “Fortinet Attack Surface” on the Host, Applications, Host Findings, Application Findings, and Vulnerabilities pages.

Miscellaneous Changes

Group Name Update

In the Create Group window, Group Name will now support a maximum of 100 characters.

Group Metric Enhancements

When the Group Metrics widgets Metric Comparison across Groups, Group Performance over Time, and Current Group Performance are added to a dashboard, they will show a single metric by default instead of the configuration menu.

Fixed Issues

Vulnerability KB

  • The Fixes section will no longer show duplicate data.
  • The Search API will no longer throw an error response for a CVE with no CVSS score.
  • The Fixes section will show pagination if there are more than 25 records per page.

Other Issues

  • The Application Findings export will now display the full content of the Scanner Output column.
  • Manually uploaded SRS data will display tags associated with the tag type “Scanner.”

Known Issues

The following features will not be supported for MIXED networks in this release:

  • Users cannot move hosts from a MIXED network to another network. Users can move applications from a MIXED network to another network but are strongly advised to avoid this.
  • Users cannot merge hosts or applications in MIXED networks.
  • CMDB support for MIXED mode assets is not working as expected.