Version 14.26.00 Release Notes

Summary: A high-level overview of the changes/updates included in Ivanti Neurons for RBVM, ASPM, and Vulnerability KB version 14.25.00, released on November 8, 2024.

Release version 14.26.00 of Ivanti Neurons for RBVM, ASPM, and Vulnerability KB includes the following:

• Integrations

• Automation Enhancements

• Miscellaneous Changes

• Fixed Issues

• Known Issues

For assistance with using our new features, receiving feature documentation, and/or scheduling training, please contact support through the Ivanti Success Portal.

Integrations

• Orca beta connector - Users can now ask to test the beta version of the new Orca connector. This connector uses the Orca API to retrieve security vulnerabilities and threats on cloud endpoints. Depending on the asset type, Orca asset will populate as either network or application assets.
• SonarQube Credentials Update - Users can now enter a username and password instead of just a UserToken in the configuration form.

Automation Enhancements

• Custom Attribute Job Updates - On pages where you can add or update custom attributes, you can track the progress of those updates as well as downstream updates to impacted assets and findings.
• Auto-ticketing now available to most user roles - Users now only need Finding Collection Control to create auto-ticketing configurations. Most foundational roles come with Finding Collection Control by default.

Miscellaneous Changes

• Names and logos have been updated for a few connectors:
  • “Synopsys” will now be referred to as “Black Duck”.
  • "Black Duck Software Composition Analysis" has been shortened to "Black Duck SCA".
  • “Coverity” will now be shown as "Coverity® Static Analysis".
  • "WhiteHat Dynamic" will now be shown as "WhiteHat™ Continuous Dynamic Analysis".
• “New user” emails will now have updated contact information for Ivanti support. The emails also use Ivanti colors and branding. Note that the emails refer to ASOC (Application Security Orchestration and Correlation) by its new name, ASPM (Application Security Posture Management).
• The platform now supports UTF-8 characters in client names.

Fixed Issues

• If a user provides a generic upload file with a “asset-only” mapping, the Validate Mapping step will now only show asset fields.
• Automated workflows will clearly state that the expiration date of a workflow can be no more than 10 years in the future.
• Automated workflows will not count toward a user’s playbook total.
• Remediated findings for Wiz should now show the correct “Last Discovered On” dates in Ivanti Neurons. Changes to the Wiz UrBA process have been made so that Ivanti Neurons can better respond to findings impacted by Wiz data retention policies.
• Tenable.io and Wiz assets should now be correctly marked as “risksense-archived” if Ivanti Neurons does not ingest them for 30 days.
• The filter “Past Due” will return only findings that are overdue.

Known Issues

• The custom attributes update dialogue shows numbers at the bottom near the “next” and “back” buttons. These numbers show the total number of jobs across all tabs rather than the total number of jobs that you can scroll through per tab.