Version 8.17.03 Release Notes

Summary: High-level overview of changes/updates included in RiskSense Version 8.17.03, released on May 29, 2020.

The RiskSense platform Version 8.17.03 update includes the following features and enhancements:

• List View Enhancements

  • CIDR Ranges Now Supported for Host Findings

  • Added Fixes Column for Groups List View

  • Request/Response Enhanced for DAST Findings

  • New Default Layout for Tags Page

• Miscellaneous Changes

  • Configurable Exports Enabled for Tags

  • Applications Manage Fingerprint Modification

  • Other Fixed Issues

List View Enhancements

CIDR Ranges Now Supported for Host Findings

Users can now filter by multiple IP Address CIDR ranges in the Host Findings list view. The operator is provided in the filter pane; separate multiple ranges by using commas.

Added Fixes Column for Groups List View

A new Fixes column has been introduced in the Groups list view that displays the number of fixes (patches) applicable to findings on assets in the corresponding group. Clicking this value opens the Patches page, and this value is also exportable. A corresponding filter has also been added.

Request/Response Enhanced for DAST Findings

In the Application Findings detail pane, DAST-type findings now feature an enhanced Request/Response pop up in the Detailed Information section. The information shown is more detailed and can be quickly copied or exported.

New Default Layout for Tags Page

The Tags list view has been reorganized to offer a simplified default view, showing only tag identifiers and summary statistics. All previously shown columns are still available in the Settings pop-up window.

Miscellaneous Changes

Configurable Exports Enabled for Tags

The new configurable exporter has been enabled on the Tags page, allowing users to specify which properties of the selected tags are to be exported.

Applications Manage Fingerprint Modification

The URI identifier has been replaced with the term Address on the Applications page when managing fingerprints. Fields not applicable to Applications have been removed.

Other Fixed Issues

• Resolved a known discrepancy in recording Last Found On dates for findings in the Qualys Vulnerability file parser.

• Corrected the color bar for RS³ on the Hosts page to show gray, signifying an RS³ score is N/A.

• Corrected the display of CVSS v2 vector information in the Host Findings detail pane.

• Restricted the Total Vulnerabilities section of the Ransomware Funnel widget to metrics based on open findings with CVEs. If users click CVE Count, Findings, or Threats, they will filter the Host Findings page for open findings with related CVEs. Similarly, they will filter the Hosts page to show only hosts with open CVEs if they click Assets Impacted.