Version 8.19.00 Release Notes

Summary: High-level overview of the changes/updates included in RiskSense Version 8.19.00, released on September 4, 2020.

The RiskSense platform version 8.19.00 update includes the following features and enhancements:

New Features

Workflow Enhancements

The new Workflows page now allows users to create and manage workflows from a central location. Users can place a single finding in more than one workflow, track the changes to each workflow over time, and query for workflow expiration dates. Each workflow will have its own unique ID.

For more information, access the knowledge base article Workflows Page: Overview.

Navigation Menu Changes

The navigation menu was rearranged based on feedback and usage statistics. There are two new top-level menu items: Organize and Manage. Organize has common items such as Groups and Users brought from the Configuration menu and Manage is now where the Network and Application menu items reside along with our new Remediation section. This section is where Patches, Tags, and the new Workflows page can be found.

For more information, access the knowledge base article Navigation Menu: Overview.


New API Connector for Qualys WAS

An API connector for the Qualys Web Application Security (WAS) API has been added to the platform:

  • A configuration option has been added that allows users to pull WAS_WEBAPP_REPORT files from Qualys WAS.

  • The API connector will ingest "Information Gathered" findings by default. Users should contact Customer Success if they want to change this setting.

  • Mapping of scanner-reported severity to RiskSense Severity has been been added for “Information Gathered” findings.

For instructions on how to generate a Qualys WAS report, view the data export guide. For instructions on how to use the connector, view the connector guide.

New Options for Scheduling Connectors

Users will have the ability to schedule connectors to run multiple days per week or multiple days per month. For example, a connector could run every Tuesday and Thursday.

ServiceNow CMDB Allows Querying Specific Tables for Asset sys_id

The ServiceNow CMDB Connector will now allow users to supply names of CMDB tables to query for an asset sys_id. The connector will query the tables in order and return the first valid result.

List View Enhancements

Single-Column Sort Retention

Single-column sort selections for list views will be retained if a user navigates away from the page and comes back. The user will also see the same sort selections after logging out and logging back into the platform.

New Column Added to Findings Pages

Both the Application Findings and Host Findings pages now have a new default Status column.

Miscellaneous Changes

Trending Date Range Increase to 30 Days: RiskSense tracks the dates that vulnerabilities and threats are trending. Trending vulnerabilities and threats will now highlight trending findings for 30 days after the most recent date on record. A new True/False filter “Has Trending Vulnerabilities” has been added on the Findings pages. Filters that provide dates for trending vulnerabilities and threats have been renamed (such as the “Has Open Trending Vulnerability Date”) to indicate the type of data returned.

Changes to Configurable Host Export POST API: “displayText” has been removed from the Host export POST API swagger.

VRR Group added to Some Widgets: “Host Findings by VRR”, “Recent Host Findings by Status”, and “Open Host Findings by VRR” will now apply the VRR Group filter to the Host Findings page instead of Risk Rating. VRR Group identifies the priority (Critical, High, Medium, Low, Info) based on the finding's Vulnerability Risk Rating.

Terminology Updated on SRS Dashboards (SRS only): Widgets referring to Risk Rating will now refer instead to Vulnerability Risk Rating or VRR.

Detailed Vulnerability Report Updated for Workflow: The Detailed Vulnerability Report’s “Vulnerabilities by Status” will now show findings in open Requested and Reworked workflows and closed findings in Approved workflows. An infographic pertaining to workflows has also been updated.

Host/Application Findings API/UI/Export changes: In order to accommodate the workflow enhancements, some small changes were made to the findings API endpoints.

Other Fixed Issues

  • Configurable export files can now show more than 250 selected rows.

  • Users will see the trend line on the “Overall RiskSense Security Score (RS³) Timeline” if they filter the Executive Dashboard by a recently renamed Group.

  • The snack bar that appears after an export job is submitted will now display a link to the Download Center instead of referring them to the Jobs page.

  • The Generic Uploader now supports files with UTF-8 characters.

  • The “Export” button in the configurable export template dialogue will remain disabled until the user selects at least one column. Previously the user only had to supply a file name.

  • If the user filters the Tags page by Assigned User or Owner, the Tags page will load the Assigned Users and tag Owner columns immediately. Users no longer need to refresh the tag list.

  • Links for the OWASP 2017 Top 10 in the “Findings Section” of “Application Detail” will now work.

  • The ServiceNow CMDB connector will now allow the user to remove associated Networks.

  • The Tags page will now remember the user’s enabled columns after a user logs out. These settings will be saved on a per-client basis.

  • Users who do not have access to any clients will see the DISABLED USER ROLE page when they log in instead of the REQUESTING IP DENIED error page.

  • The filter option “is between” will no longer allow the first number or date to come after the second number or date in the range.

  • In the Vulnerabilities section of “Application Finding Detail”, the Date Added field for each WASCS will no longer be blank.

Known Issues

  • The Qualys WAS fingerprint icon missing on the Uploads page.