Version 12.02.00 Release Notes
Summary: A high-level overview of the changes/updates included in Ivanti Neurons RBVM/ASPM/VULN KB Version 12.02.00, released on July 15, 2022.
The Ivanti Neurons RBVM/ASPM/VULN KB platform version 12.02.00 update includes the following features and enhancements:
For assistance with using our new features, obtaining feature documentation, and/or scheduling training, please contact your Customer Success account manager directly.
List View Enhancements
Vulnerability Knowledge Base Enhancements
The Vulnerability Knowledge Base list views have been upgraded with several requested features:
-
Modernized display with new standard colors and fonts
-
Intuitive column shifting with drag and drop functionality
-
Sorting by up to three columns
-
Easier access to columns in the display
-
Filter search terms formatted as pills for easier review
-
Ivanti source icon (patch data) added to detail pane and list view
-
Improved quick filtering options
-
Configurable KPI cards
-
Improved snack bar design
Group By Enhancements
Users can now add Severity Group columns to all Host Findings and Application Findings Group By views. Additionally, the following Group By have been added:
-
Asset Identifiers:
-
Hosts and Host Findings:
-
DNS
-
FQDN
-
IP Address
-
Host Name
-
MAC Address
-
EC2 Identifier
-
NetBIOS
-
-
Applications and Application Findings:
-
Web Application Address
-
Web Application Name (new to Applications only)
-
-
-
Ingestion:
-
Hosts, Host Findings, Applications, and Application Findings:
-
First Ingested On
-
First Discovered On
-
-
-
Workflows:
-
Hosts, Host Findings, Applications, and Application Findings:
-
Workflow State with Type
-
-
Due Date Updated On Field Added
The date field “Due Date Updated On” has been added to the Host and Application Findings pages. This field can now be added as a column, viewed within the Finding Detail pane, applied as a filter, and exported.
Integrations
New Ivanti ITSM Ticketing Connector
The new Ivanti ITSM ticketing connector allows users to create three different tickets from Neurons for RBVM and ASPM. Users will be able to create an Incident, Problem, or Change request. For all ticket types with one or more findings, the ticket will now contain information about each scanner plugin. These fields include the scanner, plugin ID, title, description, VRR, and vulnerabilities associated with the plugin. If the ticket is associated with a single finding, the ticket also includes asset information. Users can choose to provide a custom Summary and Description for the ticket or to populate these fields with plugin information automatically.
New Tenable.io Connector
This new connector ingests Tenable.io assets into the Hosts and Host Findings pages and allows users to configure synchronization for historical data. This connector stays in sync with the Tenable.io assets and findings through API queries. It does not have an option for URbA (Update Remediation by Assessment) since it always remains in sync and does not require the processing of scan files. For more information, see the knowledge base article on the configuration of the Tenable.io connector.
Some other key features of this release include the ability to:
-
Configure the connector to configure all imports by Tenable.io tag or network
-
Configure the connector to consume or ignore specific information plugins
-
Generate tags in the platform from Tenable.io tags
-
View, filter by, and export new scanner-specific fields within platform list views. These fields include:
-
Nessus Asset Status - Active, Deleted, Terminated, Not Found
-
Nessus CVSS v2.0 Base Score
-
Nessus CVSS v3.0 Base Score
-
Nessus CVSS v2.0 Temporal Score
-
Nessus CVSS v3.0 Temporal Score
-
Nessus Severity Default
-
Nessus Severity
-
Nessus VPR
-
Nessus Network Name
-
Nessus AWS Instance ID
-
Nessus Google Cloud Instance ID
-
Nessus Azure VM ID
-
Nessus IPV4 Addresses
-
Nessus IPV6 Addresses
-
Nessus FQDNs
-
Nessus MAC Addresses
-
Nessus Operating Systems
-
Nessus Hostnames
-
Prisma Cloud Compute Enhancements
The Prisma Cloud Compute connector now supports the ingestion of Container data. Previously, this connector only supported host and image data. This feature can be found in the connector configuration.
Tanium Comply Uploads Using Tanium Connect
The Tanium Comply uploads using Tanium Connect now require the file name to be named “Tanium_Comply.csv”. In the next release, the filename requirement will be adjusted to allow for “Tanium_Comply” and “TaniumComply” anywhere in the filename string (no case sensitivity). Tanium Connect required fields include:
-
Computer Name
-
IP Address
-
CVE
-
Operating System
-
First Found Date
-
Last Found Date
Tanium Comply Uploads Using Tanium Data
The Tanium Comply uploads using Tanium Data does NOT require the filename to have any specific naming convention. Tanium data required fields include:
-
Computer ID
-
Tanium Client IP Address
-
Computer Name
-
CVE
-
Operating System
-
First Found Date
-
Last Seen Date
Fixed Issues
-
The CSV export now shows the Scanner ID correctly for:
-
Expanse Asset Identifier
-
FalconSpotlight Agent ID
-
Nexpose Device ID
-
Qualys Host ID
-
Tenable Host UUID
-
Tenable UUID
-
-
When the user filters on IP address or CIDR range, the dialog now supports more than one CIDR range in a comma-separated list.
-
When a user exports data from the Users page, the user will see the correct number of users selected and their associated data included in the export
-
Generic Upload now ingests the Discovered On Date properly.
-
When ingesting a Tanium CSV file, the description now displays properly.
-
When assessments have been processed, the UI no longer intermittently shows assessments as still processing.
-
If a user selects multiple options in a widget configuration, the container for the pills now expands to fit all of the user’s selections. This issue affected Group Metric widgets.
-
The KPIs in the widget “Current Group Performance” no longer overflow outside the bottom boundary.
-
The Executive Dashboard KPI configurations will no longer allow users to select any KPIs other than those available on the dashboard by default.
Known Issues
-
When a user enters incorrect credentials into a connector configuration form, that user may see a persistent processing spinner if they submit incorrect credentials. Close the window after receiving a failure message to remove the spinner.
-
Exports from the user page using client ID may yield inaccurate results.
-
When a user tries to filter on the Nessus Default Severity ID, that user may see an “Internal Server Error” message.