Version 13.21.00 Release Notes

Summary: A high-level overview of the changes/updates included in Ivanti Neurons Version 13.21.00, released on August 24, 2023.

The platform version 13.21.00 update includes the following features and enhancements:

For assistance with using our new features, obtaining feature documentation, and/or scheduling training, please contact your Customer Success account manager directly or send a message to [email protected].

List View Enhancements

  • Updated Assessments List View - The Assessments list view will now appear in the v2 format. The new Assessments view includes additional Quick Filters.
  • Updated Create Host Vulnerability Form - Users who enter vulnerabilities manually can now use the new “Create Finding” form on the Host Findings and Hosts pages. The updated form allow users to search for to 25 hosts by any asset identifier if they go from the Host Findings page. From the Hosts page, users can select up to 1000 hosts that should have the new finding. For more information, visit Creating a Host Finding Manually.
  • Renamed Finding Export Fields - The field “Ransomware Family” will be renamed to “Ransomware Families” in the Host Findings and Application Findings exports. Additionally, the field “Vulnerability” will be renamed to “Title” in the Host Findings and Application Findings exports.
  • More OR filters - Users can now add up to 4 OR filter groups on the Hosts, Host Findings, Applications, and Application Findings pages. This can be expanded upon request to a customizable number of OR groups.

Integrations

  • BMC Tickets Attachments can use Configurable Exports - Ticket attachments for BMC can now be customized with the configurable exports module for either Host Findings or Application Findings. The configurable export module gives users the most flexible options for managing the ticket content by letting them select the specific fields to include and define the field order.
  • Closed ACCEPTED Findings from Tenable IO - Risk that has been marked as ACCEPTED in the Tenable.IO platform will be ingested as a closed finding. The reason for acceptance will also be added as a new scanner-specific field called “Nessus Reason Accepted”. Vulnerabilities with a Risk of RECASTED in the Tenable.IO platform will continue to be ingested as open findings with the changed severity stored in the Scanner Reported Severity field. This new feature will bring in the RECASTED status in the new Suppression Value field as well as the new scanner-specific field called “Nessus Reason Recasted”. Ivanti Neurons for RBVM workflows for acceptance of risk or severity change will not be created to mirror the upstream changes. Existing users of Tenable.IO will need to opt-in to this new feature by selecting the new option on their configuration card, “Close findings that have been marked as accepted in Tenable.io.”
  • Closed SUPPRESSED findings from Crowdstrike - Risk that has been marked as SUPPRESSED in the Crowdstrike platform will be ingested as a closed finding. The reason for acceptance will also be added as a new scanner-specific field called “Falcon Spotlight Suppressed Reason”. Ivanti Neurons for RBVM workflows for acceptance of risk will not be created to mirror the upstream changes. Existing users of Crowdstrike will need to opt-in to this new feature by selecting the new option on their configuration card, “Close findings that have been marked as suppressed in Crowdstrike.”
  • Title and Description for InsightAppsec - The Rapid7 InsightAppsec findings now have the Title and Description, which comes from another API endpoint called “modules”.
  • DNS for Tenable.SC - The new v2 connector for Tenable.SC has been updated to include an undocumented but available field called DNS. This will be mapped to the DNS field within the platform.

Dashboards and Reporting Enhancements

  • The Quick Interactions on the SLA Dashboard will allow users to click outside of the menu to exit.

Miscellaneous Changes

  • Ivanti is continuing efforts to rebrand Risksense to Ivanti Neurons by updating references on the Roles page, Client Settings, and User Settings.

Fixed Issues

  • The list view results will properly retain the tag filters chosen in the “Findings Summary” widget for click throughs on Open Medium Findings.
  • Issues with stuck jobs were resolved, and measures were taken to prevent future occurrences.
  • The queuing of jobs was adjusted to improve SLA job performance.
  • Snyk Code will correctly ingest asset tags when this configuration is selected.
  • InsightAppSec findings will be ingested as expected.
  • Metric Exclude menu options will properly display on the asset list views.
  • On the Host Findings and Application Findings pages, the Observations section in the detail pane will no longer display deleted assessments.
  • Issues related to ISE errors (seen by users updating the connector configuration for Rapid7 InsightAppSec) have been resolved.
  • InsightAppSec will now ingest tags for applications that do not have findings.
  • The menu that the user sees when right-clicking a line item on the Groups page will now display correctly.
  • For SLAs with the configuration “Only future findings”, SLAs will now properly only operate on new findings. Due dates for existing findings will no longer be deleted.
  • SLA jobs will start as expected regardless of whether an upload exists in a failed state.