Version 9.03.01 Release Notes

Summary: High-level overview of the changes/updates included in RiskSense Version 9.03.01, released on January 22, 2021.

The RiskSense platform version 9.03.01 update includes the following features and enhancements: 

• Integrations

  • Saint Metadata Additions

  • Generic Uploader Enhancements

• Miscellaneous Changes

  • Updated System Filters Since the Last Release

• Fixed Issues

To seek help with using our new features, receive feature documentation, and/or schedule training, please contact your Customer Success account manager directly or send a message to [email protected]. 

Integrations

Saint Metadata Additions

Users of the Saint scanner will now be able to view Netbios data for assets added via this scanner.

Generic Uploader Enhancements

Several updates have been made to improve flexibility and user experience with our Generic Uploader feature.

• Field Renaming: To further support SAST and OSS scanners, the Generic Uploader fields “Base URL” and “Application URL” have been renamed to the more general “Address” and “Location” fields, respectively.

• Multi-field Mapping: Individual fields in CSV files may now be mapped to multiple fields in the RiskSense platform.

• Required Fields: The “Description” and “Solution” field mappings for Findings ingested using the Generic Uploader are no longer required, though we highly recommend populating these fields.

• Finding Type for Application Findings: For Application Scanners, users can now specify whether the Findings in the file are of type SAST, DAST, OSS, Container, or Other.

• Configurable Tag and Output Mapping: For Host scanners, the “Tags” field may now be mapped from multiple fields in an uploaded CSV file. For Application scanners, the same applies, and the “Output” field may also be mapped from multiple fields.

Miscellaneous Changes

Updated System Filters Since the Last Release

RiskSense System Filters are updated frequently to keep pace with the latest threats. A reminder that System Filters do not require platform downtime and are updated in real-time throughout the week. Below are the changes made since the last update to the platform.

• CVE-2018-13379 has been added to the Attack Vectors RS and Attack Surface RS filters.

• Multiple Default Credential-type weaknesses have been added to the Attack Surface RS filter.

Fixed Issues

• Adjusted job prioritization to prevent URbA Workflow tasks from being held up by concurrent uploads.

• Added checks to the Patches view prevent closed or deleted findings from being associated with patches.

• Resolved an issue around viewing attachments to Severity Change workflows; after creation, attachments can now be viewed as expected.

• (ServiceNow connector users) The ServiceNow Incident, Request, and Generic ticketing systems will now correctly add manual sync actions to the connector history window.

• Jobs of type “Finding Create” have been modified to correctly display the corresponding Job Subject and Workflow Type.

• Increased performance of the Group Metric widgets will allow faster loading of configurable dashboards.

• Workflows will now reject unsupported attachment file types on sending the files.

• (SRS users only) Locked SRS networks cannot be deleted in the platform UI; the RiskSense API has been updated to reflect this same behavior.

• (SRS users only) The Uploads view will now correctly reflect the corresponding SRS Network for a given uploaded scan.

• (SRS users only) Added missing tooltip indicators to show IAM privileges required to view the SRS Settings interface.