New features summary
These are cumulative release notes. If a release does not appear in this section, then there were no associated new features and enhancements.
Integrations
New Network Precedence for Tenable SC v2 - This release replaces the default network precedence order for Tenable Security Center v2 assets. The new precedence order aims to more closely reproduce how assets appear in Tenable. The new network precedence rules only affect new networks. This change will not impact existing Tenable SC v2 connector setups.
If users feel that duplicate asset have appeared in new networks, they can do a Group By over the Tenable UUID to consolidate and locate duplicate assets.
WIZ Connector GA - All clients can now enable the WIZ connector. For instructions on how to configure the connector, see the WIZ connector guide.
Miscellaneous Changes
- An “info” icon will now appear next to the Last Discovered On value in the Finding Details. This icon informs users that the platform does not update the value for a closed finding.
- If a user tries to query the Vulnerability KB using the vulnerabilityDetail projection, the platform will now return matching CPEs.
Integrations
- More Host Identifiers Available for Host Generic Scanners - The Generic Upload feature now supports the properties EC2 Identifier and MAC Address.
- Simplified File Attachment Management for Jira Tickets - For clients that opt into this new beta feature, the Jira ticketing connector only supports 1 file attachment on each ticket. The ticketing connector deletes the old attachment and adds a new one with the latest updates. To accomplish this, the ticketing connector must be configured with credentials empowered to delete attachments on tickets. If you have an interest in trying out this feature, please contact support.
List View Enhancements
- New Optional Columns for Findings View - Users can now add Severity Group, VRR Group, and Scanner Plugin as columns within the Host Findings and Application Findings list views.
Miscellaneous Changes
- Users can now save a start date and end date for the “Ivanti RS3 Timeline” widget on a custom dashboard.
- Users can now add a deep link path for Jira ticket attachments. Users who connect to an on-prem installation of Jira through ROSA can use this field to adjust links to tickets within the platform.
Integrations
- When using the Rapid7 InsightVM connector a new field has been added to allow users to add a Proxy URL to the connector.
Dashboarding and Reporting Enhancements
Users will now be able to see a percentage for the following Group Metrics:
- Metric Comparison across Groups
- Current Group Performance
Integrations
- Orca beta connector - Users can now ask to test the beta version of the new Orca connector. This connector uses the Orca API to retrieve security vulnerabilities and threats on cloud endpoints. Depending on the asset type, Orca asset will populate as either network or application assets.
- SonarQube Credentials Update - Users can now enter a username and password instead of just a UserToken in the configuration form.
Automation Enhancements
- Custom Attribute Job Updates - On pages where you can add or update custom attributes, you can track the progress of those updates as well as downstream updates to impacted assets and findings.
- Auto-ticketing now available to most user roles - Users now only need Finding Collection Control to create auto-ticketing configurations. Most foundational roles come with Finding Collection Control by default.
Miscellaneous Changes
- Names and logos have been updated for a few connectors:
- “Synopsys” will now be referred to as “Black Duck”.
- "Black Duck Software Composition Analysis" has been shortened to "Black Duck SCA".
- “Coverity” will now be shown as "Coverity® Static Analysis".
- "WhiteHat Dynamic" will now be shown as "WhiteHat™ Continuous Dynamic Analysis".
- “New user” emails will now have updated contact information for Ivanti support. The emails also use Ivanti colors and branding. Note that the emails refer to ASOC (Application Security Orchestration and Correlation) by its new name, ASPM (Application Security Posture Management).
- The platform now supports UTF-8 characters in client names.
Integrations
- New Capabilities in ServiceNow Incident and Request: These ticketing connectors now have the following configurations:
- Select the type for the associated tag in Ivanti Neurons.
- Lock fields within the ticket.
- Map a ticket field to the Ivanti Neurons SLA date.
- Map the ticket priority to vulnerability risk.
- Configure which fields to include in the ticket attachment by selecting an export template.
Miscellaneous Changes
- Users can now set default address type for network assets without an IP address in Client Settings.
- All clients now have the ability to enable the MetricStream GRC connector. This connector allows users to create a ticket in MetricStream for every Risk Acceptance workflow. Rather than approving the workflow within Ivanti Neurons, the organization approves the workflow within MetricStream.
- All clients can now enable the Rapid7 InsightVM connector. Findings and assets will appear within the Host Findings and Host pages respectively. For more information on this connector, view the Rapid7 InsightVM connector guide.
- All clients can now enable Microsoft Defender for Endpoint. Findings and assets will appear within the Host Findings and Host pages respectively. For more information, view the Microsoft Defender for Endpoint connector guide.
- The field “Nessus Check Type” will now be available on the Host Findings page.
Integrations
- SNOW Priority Synchronization - Service Now Incident tickets can now be configured to set the ticket priority based on the criticality of the findings associated. Users can map the Critical, High, Medium, Low, and Informational VRR score or Severity for the findings to the desired SNOW ticket priority. Adopting ticket prioritization can help organizations ensure the most critical findings are worked first.
Miscellaneous Changes
- The Wiz finding filter options UI on the configuration form has been updated.
- Quick Filters will now load after the list view. When the Quick Filters load, they will expand to show available options. This change in load order will improve the initial responsiveness of our list views.
List View Enhancements
- Links to Collections detail view added to Collections view cards - The Collections detail view can now be accessed from the Collections view card. This addition allows users to delete a finding collection without an auto-ticketing configuration and to view auto-ticketing configuration details (if available) without having to navigate to the Collections section of the findings detail pane.
Integrations
- Wiz Connectors Enhancements - This release contains several updates to the Wiz connector:
- Users can now configure the Wiz connector to only ingest certain types of assets.
- The Wiz connector now supports scheduled synchronization for existing assets and findings in addition to data ingestion. Synchronization will occur every 15 days and bring in the latest “Last Discovered On” dates.
Dashboards and Reporting Enhancements
- Timeline for Finding Discovery - The widget “Findings First Discovered vs. Resolved” shows vulnerability detection based on the First Discovered On date rather than First Ingested On date. This widget allows the user to compare discovery vs. remediation over time. Like the similar widget “Findings First Ingested vs. Resolved”, the user can configure this widget to filter its results on one or more specific groups.
- Custom Widget Edit Title Override - Changes that a user makes to the content of a custom widget have always overridden existing instances of that widget. With this release, updating a widget changes both the content and the metadata (title, description, and max row count) across all instances.
Miscellaneous Changes
- New users will be auto-enrolled in in-platform notifications for API token expiration.
- The logos for Checkmarx connectors have been updated in most locations.
- The family of notifcations that alerts users of newly ingested findings and score changes (e.g. “New Open Critical VRR Findings”) will now will contain more verbose information about deep links to the platform. The changes to the “Click here to view” link will only appear within emails and Slack notifications this release.
- Other than filters with the “is one of” operator, advanced filters will again show the filter values instead of a count of values within the filter pill. Filters with the “is one of” operator will show the first value in the filter list and a count.
List View Enhancements
- Changes to Remediation Time filter - The Remediation Time filter shows the number of days between First Ingested On and Resolved On for closed findings. This release introduces the new filter “Remediation Time based on Discovery”, which shows the time difference between First Discovered On and Resolved On. The older filter has been renamed to Remediation Time based on Ingestion.
- New Case Sensitive Search Option - For the operators “exactly”, “wildcard”, “like”, and “is one of”, users can check a box to make a filter case sensitive. They can save this new setting as part of a view, widget, or finding collection. The platform will automatically turn on case sensitive search if a user applies filters by clicking a column in a Group By or if a filter value contains more than 1000 characters.
- Filters enhanced with counts and read-only search - The filter pill now shows a count of values in the filter rather than actual value. Users can open up a read-only view of all values by clicking the “info” icon that appears on interaction with an advanced filter. The read-only view of the filter lets users search on individual values. Note that the “info” view of a filter is not available for Quick Filters.
Dashboards and Reporting Enhancements
- Widget Group Selection - The “Findings First Ingested vs Resolved” and “Findings Summary” widgets can now filter on specific groups. This feature allows users to place multiple instances of the same widget side by side to compare results for individual groups or sets of related groups.
- First Discovered On added for Remediation Metrics - This release includes new versions of a bar widget and two KPIs that show the metric mean time to remediate. These include the KPI and bar chart “Mean Time to Remediate Since Discovery” and the KPI “MTTR since discovery for findings under SLA”. Unlike the versions based on ingestion, these widgets only include findings with a First Discovered On date, a value that only some scanners supply. Like the Remediation Time filter, the existing widgets based on First Ingested On have been renamed to reflect the source data.
Miscellaneous Changes
- Users uploading data from EdgeScan will now be presented with Mixed networks only.
- The configuration card for the legacy Palo Alto Expander connector will be removed.