Version 10.05.00 Release Notes

Summary: A high-level overview of the changes/updates included in RiskSense Version 10.05.00, released on June 25, 2021.

The RiskSense platform version 10.05.00 update includes the following features and enhancements:

To seek help using our new features, receive feature documentation, and/or schedule training, please contact your Customer Success account manager directly or send a message to [email protected].

New Features

Playbooks UI Redesign

The Automation Playbooks system has been visually redesigned and updated, bringing a fresh new look and feel to the platform. Rules are now housed in a separate list view, and Playbook creation has been streamlined to make crafting automation easier than ever. All your organization’s existing Playbooks and Rules will be brought into this new UI system. For more information on this refresh, visit the Playbooks: Overview page.

List View Enhancements

Finding History based on Ingestion Dates

Two events in the Finding History popup will now be based on the First Ingested On and Last Ingested On dates. The date that the finding is first ingested will be shown as the First Added event. Later ingestions of findings will also be reported as “Existing Finding Detected” events. This change only affects findings ingested after this release.

Integrations

SonarCloud Integration

The platform now has an API connector for the application scanner SonarCloud. By default, this connector ingests vulnerabilities that SonarCloud identifies in application source code. Documentation on how to set up the connector is available here.

Miscellaneous Changes

Easier Configured Integrations Navigation

The navigation controls for currently configured integrations on the Integrations page have moved to the same row as the connector cards. The configured integration cards now reside within a carousel.

Character Limits in Generic Uploader Mapping Fields

The Generic Uploader “Create New Mapping” dialogue now describes the character limits for the Name field (16 characters) and the Mapping Version field (5 characters).

Clarifications on Ticket Sync Status Behavior

Users of ticketing connectors will see more clarifying text in the Ticket Sync Status section about how they can configure updates for specific states.

Trending Threat Redesign

If a Threat section of the finding or asset detail contains a trending threat, the trending icon now appears to the right of the threat category label. The Threat Last Trending On date at the very top of the Threats section has been removed, and the Threat Last Trending on date below each category when collapsed.

Fixed Issues

  • If a user is only associated with a disabled client, that user will no longer show in exports of the Users page.

  • The Groups page now shows the correct information about application findings after a user approves a Severity Change workflow or a Manual Remediation workflow.

  • If a user adds or removes assets from a group, the Groups page updates to show the correct group RS3.

  • The Last Login filter on the Users page now functions correctly with all filter operators. Additionally, the Users page will now show the correct last login date within user cards and in the User Detail pane. (Note that this date reflects the last time users logged into the platform than a specific client.)

  • The Netbios filter on the Hosts page now returns correct results for a query value ending in a comma.

  • If a user checks the “Remember this Computer and IP” box at login, that platform should remember that user for the time that matches the Two Factor "Remember Me Duration" client setting. (Note that a static platform-wide setting determines the “Remember Me Duration” for multi-client users.) The informational mouseover now also highlights that the “Remember Me Duration” depends on specific client settings.

  • CVEs in the Host Findings Detail that lacked full-text toggles now have them.

  • Qualys Asset Inventory uploads will no longer remain stuck in the filtering state.

  • Users of the Generic Uploader will now see the correct error message if they try to map duplicate field names or supply a field name that exceeds the 16 character limit.

  • Attachments generated by the Jira ticketing connector will now show the correct number of findings.

  • Active filter breadcrumbs now show a descriptive tooltip for the operators “Is Present” and “Is Not Present.”

Known Issues

  • Users can view the Automation SLA Owner role on the Roles page and assign this role to other users. The Automation SLA Owner role grants users privileges related to the unreleased SLA feature. Until a RiskSense representative enables SLA on a client, the role will not augment a user's current privileges. Please contact Customer Success if you have any questions.