Version 11.10.00 Release Notes

Summary: A high-level overview of the changes/updates included in RiskSense Version 11.10.00, released on January 21, 2022.

The RiskSense platform version 11.10.00 update includes the following features and enhancements:

For assistance with using our new features, receiving feature documentation, and/or scheduling training, please contact your Customer Success account manager directly or send a message to [email protected].

List View Enhancements

Columns for First and Latest Asset Identifiers

The new fields Last Asset Identified By and Last Asset Identifier have been added as optional columns and exportable fields on the Hosts, Host Findings, Applications, and Application Findings pages. These fields provide the most recent asset identifier field and asset identifier value for the asset. The system will fill out these fields after an asset has been ingested more than once. In contrast, the fields Asset Identifier and Asset Identified By retain this information from the first scan. Accordingly, the fields Asset Identifier and Asset Identified By have been renamed to “First Asset Identifier” and “First Asset Identified By”.

Additional Asset Identifier Filters

Asset Identifier filters Qualys Host ID, FalconSpotlight Agent ID, First Asset Identifier, and First Asset Identified By have been added to the Host Findings page. First Asset Identifier and First Asset Identified By have also been added to the Hosts, Applications, and Application Findings pages.

Additional Asset Identifiers and Scanner Specific Fields in Exports

The fields EC2 Identifier, NetBios, FQDN, DNS, MAC address, Qualys Host ID, Tenable UUID, Nexpose Device ID, Expanse Asset Identifier, Falcon Spotlight Agent ID, First Asset Identifier, and First Asset Identified By can now be exported from the Hosts and Host Findings pages. First Asset Identifier and First Asset Identified By can also be exported from the Applications and Application Findings pages.

Updated System Filters

The System Filters CISA Known Exploited and Apache Log4j have been updated with new CVEs. Both filters reside on the pages within the platform that show asset or finding data as well as on the Vulnerabilities page of the Vulnerability Knowledge Base. The System Filter CISA Known Exploited was previously called “DHS-CISA Top Exploited 2021”.

Integrations

New Fortify on Demand Connector

An integration for the Fortify on Demand connector has been added that supports the ingestion of both DAST and SAST scans. For more information, view the guide on this connector here: Micro Focus Fortify on Demand Connector Guide.

New Burp Suite Enterprise Connector

An integration for the DAST application scanner Burp Suite Enterprise has been added. For more information, view the guide on this connector here: Burp Suite Enterprise Connector Guide.

Possible Solution Character Formatting

If a ticket is created for a finding, new line characters and <br> tags in the Possible Solution field will now be added to the ticket as well.

Miscellaneous Changes

  • The optional column “Trending Threats”, the count of trending threats associated with the patch, has been added to the Patches page and the export. This column corresponds to the “Trending” sort order in some multi-column sorts.

  • The headings in the Description field of any ServiceNow tickets will now be bolded.

Fixed Issues

  • The platform now shows the correct Severity for findings with a Severity overridden by a workflow.

  • The SRS pixel perfect report (enabled only when the RiskSense SRS feature is enabled) now successfully generates.

  • Within the Vulnerability Knowledge Base, tooltips for long items like the vulnerability description no longer show the entire text.

  • Users must now fill out the “findingTypeTobePulled” field within an API request to create a Checkmarx OSA connector.

  • When a custom dashboard is shared or unshared through the dashboard gallery (through the dashboard card 3-dot menu), its name is longer displayed within the breadcrumb bar instead of the name of the currently displayed dashboard.

  • The “Tag Aggregate” job is no longer listed twice in the Jobs page Type dropdown.

  • The Group By option “RS³” on the Hosts and Applications is now disabled in the Group By dropdown when it is applied.

  • When a new Qualys VMDR scan data is ingested, the Output section will be updated to show the new scan data.

  • When a new Qualys VMDR scan data is ingested, any findings marked as closed by Qualys VMDR should also be marked as closed within RiskSense.

  • Parsing succeeds for an NYL App Enterprise scan that lacks the “testTechnicalDescription” element.

  • If a finding has been closed by previously Manual Remediation workflow, the system now also shows if a subsequent System Remediation workflow has also closed it.