Version 10.07.00 Release Notes

Summary: A high-level overview of the changes/updates included in RiskSense Version 10.07.00, released on July 23, 2021.

The RiskSense platform version 10.07.00 update includes the following features and enhancements:

• New Features

  • Service Level Agreements

• List View Enhancements

  • New Group By Options added to List Views

  • System Filter Updates

• Dashboards

  • New Current Group Metrics Added

  • New Group Patterns Added

  • Changes to Group Performance over Time

  • Max Number of Groups Increased

• Miscellaneous Changes

  • Application CMDB Fields Hidden

  • Client Access Dialogue Changed (MCDB users only)

• Fixed Issues

• Known Issues

To seek help using our new features, receive feature documentation, and/or schedule training, please contact your Customer Success account manager directly or send a message to [email protected].

New Features

Service Level Agreements

Assigning due dates to findings is now easier than ever with the launch of our new Service Level Agreement (SLA) automation feature. Users can configure this automation tool to assign due dates to findings upon their discovery or ingestion, based on the risk score of the findings, the criticality of the associated asset, and more. This feature also includes a new SLA Overview dashboard for a quick summary of your remediation performance according to their SLAs (i.e., due dates). For more information, visit our Knowledge Base.

List View Enhancements

New Group By Options added to List Views

Users now can group Host Findings and Application Findings by Severity Group or Ticket ID. Additionally, users can now also group Application Findings by CVE. The columns Open CVEs, Threats, and Weaponized Findings have been added as default columns to the Application Findings CVE Group By view and as optional columns to all other Application Findings Group By views.

System Filter Updates

New vulnerabilities have been added to the Attack Vectors - RS, Attack Surface - RS, and SolarWinds Attack Surface system filters. In addition, a new system filter was created and called REvil Ransomware.

Dashboards

New Current Group Metrics Added

New group metrics have been added to the widgets Current Group Performance and Metric Comparison across Groups. Users can now add the counts of open host or application findings associated with threats, ransomware, remote code execution or privilege escalation exploits, or trending vulnerabilities and threats.

New Group Patterns Added

Users can now configure all group metrics widgets to auto-select groups with the most open findings associated with threats, overdue findings, open rending findings, open findings associated with ransomware.

Changes to Group Performance over Time

The widget Group Performance over Time matches the new SLA dashboard's look and feel.

Max Number of Groups Increased

Group metrics widgets now show up to 10 groups.

Miscellaneous Changes

Application CMDB Fields Hidden

Currently, the platform does not support CMDB integration for Applications; these extraneous fields have been removed from the Application view detail pane.

Client Access Dialogue Changed (MCDB users only)

For users of the Multiclient Dashboard, any client access restrictions on the user are displayed in a popup dialogue rather than a snackbar notification.

Fixed Issues

• For users of the Fortify scanner, file parsing will now operate correctly in empty files.

• For users of the Qualys Vulnerability scanner, the expected files with the “QualysNetworkAsset” fingerprint will be pulled and uploaded.

• For users of the Nexpose scanner, asset tag association on upload will execute as expected.

• Fixed a discrepancy in measuring Resolved On dates for Findings remediated via a system workflow.

• Attachments to the in-platform “Report a bug” feature will be correctly included with the report.

• Sorting the Tags view by Owners now returns the expected results, sorted by the number of owners.

• When deleting the only observation associated with a finding, that finding will now correctly be deleted as well. The platform will show a corresponding confirmation dialogue.

• When editing an Application Findings file upload, the search box has been fixed so that an Application association can now be changed.

• Error handling has been improved for downloading files that are still being generated.

• Resolved the following data export issues:

  • Finding types will receive the correct label according to Policy Compliance, Cloud, and Authenticated/Unauthenticated.

  • Users associated with multiple IAM roles will each only be shown once in the resultant export.

  • Overridden Severity for Findings will have the expected boolean indicator to reflect their override status.

• Deleting a connector tag or its associated connector will remove that tag from any Playbook filters utilizing it.

• Filtering on the Users page will handle errors in invalid values consistent with the rest of the platform.

• Changes to the Edit Upload dialogue affect the default settings only for future uploads; text in this dialogue has been corrected to reflect this.

• Optimization improvements have been made to reindex requests in RS³ calculation jobs.

Known Issues

• Groups to which the user does not have access may display incorrect SLA Performance metrics for users with the Group Control privilege until they are added to that group.

• The preview description of the Group SLA Performance over Time chart on the SLA Overview dashboard contains text inconsistent with the available KPIs.

• For users of the RiskSense API, the Create and Update endpoints for SLA currently display incorrect example text; users should change the “type” key from "SYSTEM" to "System" in order for the swagger example code to work properly.

• Editing a Group-Specific SLA may cause values displayed in the SLA list view to misbehave temporarily; the next execution of an SLA job will correct these values.