Version 11.05.00 Release Notes

Summary: A high-level overview of the changes/updates included in RiskSense Version 11.05.00, released on October 29, 2021.

The RiskSense platform version 11.05.00 update includes the following features and enhancements:

• List View Enhancements

  • Saved Filter Icons Updated

  • Headers Update on Patches Page

• Integrations

  • Mixed Network Option for ServiceNow CMBD Connectors

  • ServiceNow CMDB Connector Enhancements

  • Jira Ticketing Connector Enhancements

  • Renamed Dashboard Menus

  • Qualys WAS Tag Ingestion

  • Mixed Network Nexpose Identifiers

• Reporting

  • Executive Risk Report Enhancements

• Miscellaneous Changes

• Fixed Issues

• Known Issues

For assistance with using our new features, receiving feature documentation, and/or scheduling training, please contact your Customer Success account manager directly or send a message to [email protected].

List View Enhancements

Saved Filter Icons Updated

The Saved Filters menu icon now has a human figure in the upper right instead of a star. This icon has been updated on all pages that support saving and sharing filters within RiskSense and the Vulnerability Knowledge Base.

Headers Update on Patches Page

The column names that show up in mouse-overs, page settings, sort settings, and detail pane have been updated.

Integrations

Mixed Network Option for ServiceNow CMBD Connectors

There is now an option for a “Mixed Network” where a user can enter a host name/IP address or any asset identifiers when selecting a network type. For more information, see the ServiceNow CMDB Connector Guide.

ServiceNow CMDB Connector Enhancements

• CMDB fields mappings can now be configured for each network. The user can create a configuration for each network type or one or more individual networks.

• Users can now select more RiskSense fields to map to ServiceNow. The RiskSense drop-down contains all the possible standard asset identifiers such as Host Name, IP Address, DNS, NetBIOS, Mac Address. Users can choose to query corresponding ServiceNow fields, including name, ip_address, fqdn, and mac_address. If the user wishes to select another field, they should choose the “Other“ option. A text box will be displayed that accepts the ServiceNow table field name.

• The Asset Matching Field section has been removed. The RiskSense Field menu of asset identifiers includes the RiskSense Asset Matching Fields.

Jira Ticketing Connector Enhancements

The Jira Ticketing connector now allows the user to map the field SLA date (located under RiskSense Defaults) to a Jira ticket field. The user can override the SLA date in the Create Ticket dialogue as well. If a ticket has more than one finding associated with it, then the earliest SLA date of the findings will be set. SLA date will be synced to the configured field every 6 hours or synced on demand.

Renamed Dashboard Menus

The dashboard selection menus have been renamed from “Provided Dashboards” to “System Dashboards” and from “Custom Dashboards” to “User Dashboards”. These names provide users with more clarity on which dashboard is a RiskSense dashboard or a user-defined dashboard.

Qualys WAS Tag Ingestion

Qualys WAS tags will now be ingested and reflected in the platform as Asset Tags.

Mixed Network Nexpose Identifiers

The Device ID will be ingested from Nexpose scanners and will be displayed as the Nexpose Device ID within the Host Detail pane. Users can also search for specific assets with the new Nexpose Device ID filter. If assets discovered by a Nexpose scanner are placed into a Mixed network, the Nexpose Device ID will be used as one of the asset identifiers. By default, the Nexpose Device ID takes the higher precedence. Users can override this precedence with any of the existing asset identifiers.

Reporting

Executive Risk Report Enhancements

Two new tables were added to show both the total and unique vulnerability distribution for each asset type. Additionally, the text in the Top 10 Riskiest Groups section has been updated.

Miscellaneous Changes

• Any updates to finding descriptions and other supplementary fields are now reflected in the platform during subsequent uploads.

• In Qualys VM/VMDR connector, RiskSense will start ingesting Host Name and FQDN fields from Qualys files. This change is applicable to all networks.

• In the Nexpose scanners, “site-name” is captured and ingested as part of the Host Detail pane under Scanner Specific Information as Site Name.

Fixed Issues

• The Last Discovered On field for a Nexpose asset now displays the Last Discovered On date specific to the asset when it is more recent than the Last Discovered Date of any finding on that asset.

• The number of open findings for a tag on the Tags page will match the number of findings listed when filtering on either Findings page.

• When a finding is closed by a workflow that precedes the date that was manually set, it will no longer show it is overdue.

• Playbooks will no longer assign the user account to findings when a user account expires or is disabled on a client. Previously configured rules will still be active and “pass,” but the updated findings count will be zero.

• The Create Group Description text box now correctly handles newline characters.

• An “Asset Membership Changed” event is now shown in the Default Group’s history when assets are automatically transferred after a user-created group is deleted.

• The click-through filters on the Overdue Findings SLA widget supply the correct date ranges for each row.

• The configured SLA will only be triggered when the respective VRR or Severity is updated.

• The Networks and Host pages properly reflect the changes when deleting a large number of hosts.

Known Issues

• The top numbers in the Patches page KPIs are off-center.