Version 8.17.01 Release Notes

High-level overview of changes/updates included in RiskSense Version 8.17.01, released on May 8, 2020.

The RiskSense platform Version 8.17.01 update includes the following features and enhancements:

Integrations

New Qualys Vulnerability Scanner Fields

The following metadata items have been added as new Qualys Vulnerability Scanner fields. Provided in the table below are the fields these items map to in RiskSense.

New Fields Introduced RiskSense Field

DNS

Host Findings → Detailed pane → Asset Information

NETBIOS

Host Findings → Detailed pane → Asset Information

BugTraqs

References → BugTraqs (Introduces new section: References)

Vendor References

References → Vendor References (Introduces new section: References)

Impact

Host Findings → Detailed pane → Description (Impact appends to the existing finding’s description)

Black Duck Connector Configuration Enhancements

  • Support for API key-based authentication.
  • Configuration option to enter specific Versions for Projects, which RiskSense can ingest.
  • Connector-specific options to fetch older scan files with custom configurations. Input options include 30 days, 60 days, 90 days, 6 months, and 1 year to pull the oldest scan files.

Fortify SSC Connector Updates

The Fortify SSC connector has been updated to include connector-specific options to fetch older scan files with custom configurations. In addition to pulling the most recent 30 days of data, users can now customize the configuration to pull scan files from the past 60 days, 90 days, 6 months, and 1 year.

List View Enhancements

Hosts Page

In the Hosts list view, the default column layout has been updated for a cleaner, simplified user experience. The RS³, Asset Criticality, and IP Address columns are now collected first, followed by the Host Name, Total Finding Count, and Last Found On date. Note that all existing columns can be enabled in the list view’s Settings menu.

In the Host Detail pane, the Findings Distribution section has been renamed to Findings Count Distribution. To align with the principle of a simpler experience, the Unique counts have been removed in favor of a single Severity-based finding distribution with a new layout.

Host Findings Page

A new Scanner Name column has been introduced in the Host Findings list view that displays the name of the scanner that discovered the finding. This column can be enabled in the list view’s Settings menu.

A new VRR Group filter has been introduced to the Host Findings list view, making it easier to identify collections of findings in a particular category, such as Critical or Informational. Filter options include “Critical”, “High”, “Medium”, “Low”, and “Info”. For a finer granularity in searching, users can utilize the Risk Rating filter, now renamed as Vulnerability Risk Rating, to specify exact values or value sets of Finding VRRs.

Sorting options that referred to Risk have also been updated with the VRR label.

Applications Page

Like the Hosts page, the default layout of the Applications view has been simplified. The Address, Name, Total finding count, and Last Found On columns are now shown as the default set. All existing columns may be re-enabled in the list view’s Settings menu, if desired.

In the detail pane, the updated Findings Count Distribution has also been introduced, removing the Unique counts and bringing in the new layout for Severity-based finding distributions.

Application Findings Page

A new Scanner Name column has been introduced in the Application Findings list view that displays the name of the scanner that discovered the finding. This column can be enabled in the list view’s Settings menu.

Groups Page

The default layout of the Groups page has also been simplified, showing the RS³ and Name of each group first, followed by the Asset and Finding count information, and number of Users with access to each group. All existing columns may be re-enabled in the list view’s Settings popup if desired.

In the Detail Pane, the Host Finding Detail section and the Application Finding Detail section have been merged into a single unified section called Findings Count Distribution, following the updated layout of the Host and Application detail panes. The user will find the total CHMLI counts by severity for Application Findings and Host Findings respectively. These counts continue to be clickable to the corresponding Host Finding or Application Finding views, with appropriate filters applied.

In the Groups list view, a color bar has been added to reflect the Group RS³.

Miscellaneous Changes

Rename URL to Location

Users may have noticed that the URL identifier has been replaced with the term Location on the Application Findings page and Executive Vulnerability report. In this release, URL will be fully transitioned to Location in more places in the platform, including Application Findings filter categories, exports, and detail pane items.

Finding Views Link to Assets Views

On the Findings Detail Pane for both Applications and Hosts, users can now click the Asset Name or Asset Address to navigate to the corresponding Asset View filtered by the selected field. For example, if a user clicks on the host name in the Host Findings Detail pane, it takes them to the Hosts page with all host findings that correspond to the selected host name.

Other Fixed Issues

  • Resolved a known issue that prevented adding notes to an application finding that already had a note attached.
  • Resolved a known issue with naming a new group, network, or assessment. Name assignments cannot start or end with a space. Allowable characters in name assignments include letters, numbers, and one of the following special characters: . ? ! ( ) & ' " * # : — _ -.
  • Corrected the number of hosts scanned and corresponding ingested Host Discover dates using the Qualys File Pickup Connector.
  • Included User and Date Created information in the Notes section in the Host and Application detail panes.
  • Added pagination functionality to the Integrations page to support a large number of saved connectors.