Version 13.00.00 Release Notes

Summary: A high-level overview of the changes/updates included in Ivanti Neurons Version 13.00.00, released on October 14, 2022.

The Ivanti Neurons platform version 13.00.00 update includes the following features and enhancements:

• New Features

  • New UI for Assets and Findings

• Integrations

  • Sonatype Nexus Lifecycle Connector

  • Test Credentials Debugging

• List View Enhancements

  • Sonatype Nexus Scanner-Specific Fields

  • New System Filters

• Fixed Issues

• Notes on this Release

• Known Issues

For assistance with using our new features, obtaining feature documentation, and/or scheduling training, please contact your Customer Success account manager directly.

New Features

New UI for Assets and Findings

The Hosts, Applications, Host Findings, and Application Findings pages now use the same list view format as the Vulnerability Knowledge Base. Some UX improvements to this new list view include the following:

• Focus on key metrics more quickly by applying Quick Filters or clicking KPIs at the top of the page.

• Configure KPIs and switch between them.

• Manage column settings directly within the list view. Open the 3-dot menu for each column to change visible columns or change the sort order. Also, drag and drop columns to reorder. Sort the list view by up to 3 of any sortable columns.

• Collapse menus to give more room to list view results and reduce visual distractions.

• Use OR filters within list views, playbooks, and user widgets.

For more information, visit the article List View v2 Changes.

Integrations

Sonatype Nexus Lifecycle Connector

Users can now set up a connector for the OSS Sonatype Nexus Lifecycle scanner. Assets and findings will show up on the Applications and Application Findings pages. Currently, the connector only ingests “security” type issues. For more information on how to set up the connector, visit the Nexus Lifecycle Connector Guide article.

Test Credentials Debugging

When testing credentials, users can now choose to view additional details about connection failures by checking the “Run in debug mode” checkbox.

List View Enhancements

Sonatype Nexus Scanner-Specific Fields

The following scanner-specific fields have been added to the Application Findings page as columns, filters, and exportable fields:

• Nexus Lifecycle CVSS V3 Score

• Nexus Lifecycle CVSS V2 Score

• Nexus Lifecycle Score

• Nexus Lifecycle Effective Licenses

• Nexus Lifecycle Deep Link

• Nexus Lifecycle Stage (also on Applications)

• Nexus Lifecycle Organization (also on Applications)

• Nexus Lifecycle Application Name (also on Applications)

Except for Nexus Lifecycle Effective Licenses, all fields will also be available as Group By.

New System Filters

The System filters ”Patch Tuesday 10-11-2022” and “Ransomware CVEs” have been added. “CISA Known Exploited” has been updated. Additionally, “NSA-Chinese State Actors” been updated and renamed to “CSA-PRC State Actors”. These filters appear on the pages Host Findings, Application Findings, Hosts, and Applications as well as Vulnerability KB’s Vulnerabilities page.

Fixed Issues

• Locked fields should be grayed out/disabled in the Cherwell Create Ticket form.

• Improved retry logic has been added to the Crowdstrike connector.

• The Crowdstrike connector can now obtain data from the full set of deployed agents.

• The Checkmarx SAST short description field now populates within the Application Findings detail pane.

• Improved retry logic has been added for the Checkmarx SAST connector.

• When findings or assessments are deleted, the RS³ scores for impacted assets and groups should now be recalculated.

• Clearer error messages will be provided for API requests with unsupported filters. The API should also return a status code of 400 instead of 500.

• The tenable.io connector now has improved logic to handle large downloads.

• An issue with connector jobs becoming stuck in the queue has been resolved.

Notes on this Release

1. All users will have the platform default system column settings on the new list views. In other words, default settings for the old list views will not transfer over to the new pages.

2. For this release, we have modified some existing widgets based on the Hosts, Host Findings, Applications, and Application Findings pages. A small number of user widgets may have column settings for which the new list views lack support. Users may see the following adjustments to user widgets:

• If a user widget contains a hidden sort column, that hidden column will now be visible in the widget. In the new list views, the act of hiding a column also removes the sort direction on that column.

• User widgets based on the new list views will no longer have 4th or 5th-level sort columns. The new list views only support up to 3 sort columns.

3. If you have questions on how Quick Filters, Group By, and KPIs interact with OR filtering, visit the article Filter Interactions between List View v2 Components.

Known Issues

• On the Host Findings page, the Threats column takes a substantial time to load if the user tries to sort on the column in descending order.

• Users may have difficulty adding multiple filters to the third OR branch if they fill up each row of the OR with filters.

• If a user opens up the Detail pane by clicking the “+More” for a scanner-specific field, the user’s view of the Detail Pane may abruptly shift to the list of finding observations. The list of observations loads more slowly than the sections showing scanner-specific fields.

• The “Filters” popup for a playbook rule may incorrectly show user-added filters within the “Rule Enforced” filter section.

• The column Nexus Lifecycle Deep Link on the Application Findings page shows “null” where no data is present.