Version 11.07.00 Release Notes

Summary: A high-level overview of the changes/updates included in RiskSense Version 11.07.00, released on December 3, 2021.

The RiskSense platform version 11.07.00 update includes the following features and enhancements:

• List View Enhancements

  • Applications Asset Owner

  • New System Filters

• Dashboards

  • New Configurable Widget “RiskSense Security Score (RS³)”

  • New Configurable Widget “Top 50 High-Impact Unique Findings”

  • Chart Descriptions on New Dashboards

• Miscellaneous Changes

• Fixed Issues

• Known Issues

• End-of-Life Notice

For assistance with using our new features, receiving feature documentation, and/or scheduling training, please contact your Customer Success account manager directly or send a message to [email protected].

List View Enhancements

Applications Asset Owner

The field Asset Owner (which previously existed as a filter) has been added to the Applications page as a column and in the Detail Pane. It has also been added to the Applications export and to the Application Findings export under the Asset Options.

New System Filters

A new system filter called “Microsoft LPE 11-29-2021” has been added to the list views, as well as six Patch Tuesday filters dating back to June of 2021.

Dashboards

New Configurable Widget “RiskSense Security Score (RS³)”

A new version of the widget “Overall RiskSense Security Score (RS³)” has been released. Depending on its Asset Type configuration, it can show either the current overall RS³, the average RS³ for host assets, or the average RS³ for application assets.

New Configurable Widget “Top 50 High-Impact Unique Findings”

A new version of the “Top 50 High-Impact Unique Findings” widget has been released. This widget can show the top 50 unique host findings (plugins), unique application findings, or the top 50 among both. The top 50 unique findings can be determined by VRR, Severity, or finding footprint.

Chart Descriptions on New Dashboards

Users can now enable chart descriptions on the Prioritization and SLA dashboards.

Miscellaneous Changes

• If one user tries to create a rule to automatically assign findings to another user, they will see a warning message about how the playbook system handles finding assignments. Playbooks cannot assign findings to a user unless the user can see the asset.

• A user must now be assigned to a group to see it within the Executive Vulnerability and Executive Risk reports' top 10 groups sections. This change prevents users from seeing the discrepancies in the Group RS³ within the reports and within the platform.

• Checkmarx SAST descriptions are now ingested and have been added to the Application Findings page.

Fixed Issues

• The CVE Group By on the Host Findings page no longer fails.

• A manual upload no longer fails if it consists of one or more very large scan files compressed into a single zip file.

• The API endpoint for creating a host now accepts values for First Discovered On and Last Discovered On. (Note that the swagger has yet to be updated. See the Known Issues section.)

• Group By column links no longer apply duplicate filters to the page when clicked.

• Users can no longer disable a running playbook via the API.

• When a user is setting up a playbook rule to add or remove assets from a group, the Target Group form no longer suggests the groups that the user has already selected.

• Passed Qualys Policy Compliance findings, which are ingested as closed findings, now receive a VRR score.

• If an application has been reported by the Checkmarx CxOSA connector, the Scanner Specific Information section of the Application Detail is now always populated.

Known Issues

• The swagger for the /client/{clientId}/host endpoint has yet to be updated with the fields First Discovered On and Last Discovered On. The example below shows the field names and the expected format for input values:

"scannerFirstDiscoveredOn": "1970-06-18T00:00:00",
"scannerLastDiscoveredOn": "2017-07-18T00:00:00"

• While the preview of the new “Top 50 High-Impact Unique Findings” widget states that the results have two levels of sorting, the results are only currently sorted once. The sort used is the one that the user selects in the configuration menu.

End-of-Life Notice

Some of the widgets in older formats will be removed from the platform with the last release of the year. For more information on which widgets are End of Life (EOL), visit the article here.

The following widgets now have the Q4 2021 EOL category:

• Host Findings Discovered vs. Resolved (2 widgets)

• Host Findings by IP Type (2 widgets)

• Findings by Priority

• Host Findings by VRRHandle <br>, /n , /r characters in JIRA and snow description - PN : <BR> tag has not been handled yet.

• Host Findings by Severity

• Open Host Findings Funnel

• Closed Host Findings Funnel

• Recent Host Findings by Status (2 widgets)

• Host Findings over Time

• Open Findings over Time

• RiskSense Security Score (RS³) Timeline

• Recent Weaponized Host Findings (<30D)

• Recently Resolved Host Findings with Threat (<30d)

• Newly Discovered Host Findings with Threat (<30d)

• Open Host Findings with RCE/PE Exploits

• Open Host Findings with RCE or PE (Assigned)

• Open Host Findings with RCE or PE (Unassigned)

• Open Host Findings with Threat

• Closed Host Findings with Threat

• Weaponized Host Findings