Version 11.04.00 Release Notes

Summary: A high-level overview of the changes/updates included in RiskSense Version 11.04.00, released on October 8, 2021.

The RiskSense platform version 11.04.00 update includes the following features and enhancements:

• List View Enhancements

  • Groups Page Enhancements

  • New Threat and VRR Filters

  • System Filter Updates

  • New Workflow Filters

• Integrations

  • More Plugin Information in Jira Tickets

  • Additional Jira Connector Configuration Fields

• Miscellaneous Changes

• Fixed Issues

• Known Issues

For assistance with using our new features, receiving feature documentation, and/or scheduling training, please contact your Customer Success account manager directly or send a message to [email protected].

List View Enhancements

Groups Page Enhancements

Several new features have been added to the Groups page:

• Group Descriptions: Users with the privilege Group Control can now provide descriptions for Groups.

• Custom Group Properties: Groups can now have up to 5 custom properties. Users can filter Groups by these properties and view property values under the new “Custom Group Properties” section of the Group Detail pane. Users with the Client Settings Control privilege can change the names of each property within the Client Settings; these names only appear in the Group Detail pane.

• Group History: Users can now access a Group History timeline for the Group through the Group Detail pane. This pop-up displays both user actions and system activities that have impacted the Group.

• Group Status Information: The Group Detail section now has a “Group Status” section that shows who created the Group, the date it was created, who last updated the Group, and the date that the Group was last updated. The Group Status fields correspond to the new filters “Created By”, “Created On”, “Last Updated By”, and “Last Updated On”. “Created On” and “Last Updated On” are also optional columns. (Note that the fields Created By and Created On will only be populated for new Groups.)

New Threat and VRR Filters

The Application and Host Findings pages now have two new filters, “Threat Updated On” and “VRR Updated On”, that highlight when the system changes the VRR for the finding or the threats associated with that finding. These filters also appear on the Vulnerabilities page of the Vulnerability KB.

System Filter Updates

The following system filters have been updated:

• The “Active Ransomware - RS” system filter has been added to the Applications page.

• The “Attack Surface - RS” and “Attack Vectors - RS” system filters have been updated to reflect the addition of new vulnerabilities.

• New system filters, “CISA-ACSC-NCSC-FBI Top Exploited CVEs” and “Recorded Future 2020 Top 10”, have been added to the Hosts, Applications, Host Findings, Applications Findings, and Vulnerabilities pages.

New Workflow Filters

Filters for Risk Acceptance workflow compensating controls have been introduced on the Host Findings, Application Findings, and Workflow pages. The first filter, “Workflow Compensating Control”, filters page results by compensating control. The other, “Workflow Compensating Control - State with Type”, filters findings both by compensating control and workflow state. This second filter only appears on the Host Findings and Application Findings pages.

Integrations

More Plugin Information in Jira Tickets

A Jira ticket on one or more findings now contains information about each scanner plugin. These fields include the scanner, plugin ID, title, description, VRR, and vulnerabilities associated with the plugin. If the ticket is associated with a single finding, the ticket also includes asset information. Users can choose to provide a custom Title and Summary for the ticket or to populate these fields with plugin information automatically.

Additional Jira Connector Configuration Fields

The Jira Ticketing Connector now includes configurations for Tag Type and SLA Date. If the ticket is associated with more than one finding, the earliest due date applied among those findings would be listed as the SLA Date on the ticket.

Miscellaneous Changes

• Users can no longer create playbooks with duplicate names.

• On the SLA page, the Last Run Summary section no longer supports links to the findings or asset pages.

• The Detail panes of the Hosts, Applications, Application Findings, and Host Findings pages now show “Not Available” if no data is available for the fields “First Discovered On”, “Last Discovered On”, “First Ingested On”, or “Last Ingested On”.

Fixed Issues

• The widget “Weaponized findings not under SLA” now shows the correct number of findings.

• The “Open Findings over Time” and “Host Findings over Time” widgets now show the message “Unable to Load Data” if the API returns an error response.

• The term “NetBIOS” now has the same spelling in the Asset Identified By column on the Hosts page and Host Detail and Host Finding Detail panes.

• The Groups filter on the Host Findings page should consistently return the correct number of findings.

• The system can now successfully generate large exports based on Host Findings export templates.

• Users of the SonarCube Connector can now successfully filter the Host Findings page by “Risk Type”.

• When the CVSS v2 base score or v3 base score of a CVE is updated, the Severity of any impacted finding is now also updated automatically.

• The widgets Group SLAs by Due Dates and Group SLAs by Prioritization no longer refresh while the user is trying to edit the settings.

• In the Aging Metrics report, the Average Response Time metric and Top 10 Longest Response Time table now more accurately reflect user actions on application findings. User actions considered “first responses” include assigning a finding to a user or applying a workflow to the finding.

• The Assessment page has been optimized to load more quickly for large clients.

• The Qualys VM/VMDR Connector now knows to pull assets with fixed findings and close any findings associated with those assets in RiskSense.

• Findings in authenticated Nessus scans should no longer be closed when unauthenticated scans are ingested.

• The Description character limit in SLA configurable widgets now shows only if the inputted text does not meet character limit requirements.

Known Issues

• When a new user is added to a client, user assignments to Groups do not show up in the Group History.