July 2025 Release Notes
Copy link

The Command Platform release notes include information about what’s new, which are updated monthly, and improvements and fixes, which are updated weekly.

ℹ️

Last updated: July 28, 2025

What’s New
Copy link

Learn about new features across the Command Platform. These features were released over the past month and are available now:

Attack surface
Copy link

Your attack surface is comprised of all of the potential entry points that attackers could exploit across your systems, applications, and networks. Developing knowledge of your attack surface is a key goal in improving your company’s security posture.

Accelerate remediation with workflow automation in Remediation Hub
Copy link

Security teams can now streamline their remediation processes directly from the Remediation Hub by triggering automation workflows. This feature helps reduce mean time to respond (MTTR) by eliminating manual steps and ensuring faster communication with asset owners.

With this capability, you can:

  • Launch prebuilt workflows for common remediation scenarios with just a few clicks.
  • Build and deploy custom workflows tailored to your environment and operational needs.
  • Automatically notify asset owners about required remediations to improve accountability.
  • Reduce time spent on repetitive tasks, enabling your team to focus on higher-priority issues.

Impacted offerings:

  • Exposure Command
  • Cloud Security (InsightCloudSec)
  • InsightVM
  • Automation (InsightConnect)

Top of page

Protect your asset space with Attack Surface Management (Surface Command) integrations
Copy link

Attack Surface Management (Surface Command) now integrates with additional third-party tools to further enhance your visibility across the attack surface. The newest connectors enable streamlined insights, automation, and contextual analysis across diverse asset types:

  • Cisco Identity Services Engine (ISE)
  • CyberArk Privileged Access Manager
  • Nucleus Security
  • PingOne
  • Deep Instinct

With this capability from Attack Surface Management (Surface Command) > Connectors, you can:

  • Achieve full-spectrum visibility–understand your entire attack surface, including assets, networks, business applications, data storage, and user identities.
  • Gain multi-source context–correlate vulnerabilities and exposures from different security tools for deeper insights into risks and threats.
  • Automate security workflows–leverage integrated, action-oriented APIs to trigger remediation processes and streamline security operations.

Impacted offerings: **Attack Surface Management (Surface Command)

  • Exposure Command

Top of page

Risk
Copy link

Risk is the potential for loss or damage to your assets, operations, or reputation, due to vulnerabilities being exploited by a bad actor. Security teams must assess the risk level by evaluating the likelihood of a threat occurring and the impact that it would have if realized.

Improve risk prioritization with enhanced AWS public accessibility accuracy
Copy link

  • Cloud Security (InsightCloudSec)** now provides more accurate and comprehensive tracking of AWS public accessibility, enabling better risk prioritization for cloud security teams. These enhancements refine how public exposure is identified, reducing false positives and offering clearer visibility into network exposure paths.

With this capability from Cloud Security (InsightCloudSec) > Attack Paths, you can:

  • Gain better visibility into cloud exposure with new node types for Web Application Firewalls and Network Firewalls added to Attack Paths.
  • Understand true exposure with end-to-end tracking of open ports, such as tracing from a load balancer’s listener to backend target group ports.
  • Leverage improved data from Harvesters for key resources like Load Balancers, Network Firewalls, and NACL/Security Groups.

Top of page

Improve container risk visibility and prioritization with local vulnerability assessments for private registries
Copy link

  • Cloud Security (InsightCloudSec)** now supports Local Container Vulnerability Assessment (Local CVA), enabling customers to scan images stored in private container registries that reside in restricted or on-premises environments without exposing their network or allowing inbound access from Cloud Security (InsightCloudSec).

With this capability from Cloud Security (InsightCloudSec) > Vulnerabilities, you can:

  • Perform local vulnerability assessments in network-partitioned environments via outbound-only connections.
  • Gain coverage for OCI-compliant private registries.
  • Securely store registry credentials and manage registry configuration through a dedicated administrative interface.

Top of page

Administration
Copy link

Manage third-party remediations from a single location
Copy link

In Exposure Command, Cloud Security (InsightCloudSec), InsightVM, Automation (InsightConnect), you can now view and manage vulnerabilities and remediations from third-party tools directly in Remediation Hub. This feature expands Rapid7’s remediation capabilities beyond Rapid7 sources to help unify vulnerability management across your environment. Remediation Hub currently supports third-party data from the following connectors:

  • Amazon Inspector
  • Claroty xDome
  • ManageEngine Endpoint
  • Qualys VMDR
  • Red Hat Insights
  • Tenable.io
  • Tenable Security Center
  • Wiz

With this capability from Command Platform > Risk > Remediation Hub, you can:

  • View third-party vulnerability and remediation data in Remediation Hub.
  • Leverage existing remediation workflows to manage findings from Attack Surface Management (Surface Command).
  • Align remediation efforts across multiple tools from a centralized location..

Top of page

Accelerate investigations with AI-assisted workflows for MDR
Copy link

Rapid7’s MDR service now leverages agentic AI-assisted workflows to streamline investigations, reduce manual effort, and deliver consistent outcomes at scale. This new capability enhances triage precision and boosts SOC efficiency across your environment.

With this capability in Alerts, you can:

  • Automatically triage benign alerts with 99.93% accuracy to reduce false positives and sharpen focus on high-risk threats.

  • Accelerate investigations through AI-driven enrichment, correlation, and evaluation of alerts.

  • Ensure consistent, high-quality outcomes with standardized evidence gathering and contextual insight delivery.

  • Managed Detection and Response (MDR) users will receive access as part of a phased rollout

Top of page

Eliminate alert ambiguity with dynamic third-party alert prioritization
Copy link

SIEM (InsightIDR) now dynamically maps third-party alert priorities to ensure ownership is clearly defined between your team and the Rapid7 SOC. This enhancement eliminates confusion, enables faster response, and boosts confidence in how alerts are triaged.

With this capability in Alerts, you can:

  • Clearly identify whether your team or Rapid7 is responsible for triaging each third-party alert.
  • Minimize delays caused by priority mismatches or ambiguous ownership.
  • Strengthen SOC coordination and ensure every alert gets the right response at the right time.

Impacted offering:

  • Managed Detection and Response (MDR)

Top of page

Enhance threat coverage with new and migrated detection rules
Copy link

The SIEM (InsightIDR) Detection Library continues to evolve, delivering faster, broader threat detection. This month six legacy rules have been migrated—part of our ongoing effort to unify and strengthen your detection experience.

With these updates in Detection Rules > Detection Rule Library, you can:

  • Stay ahead of emerging threats – leverage newly released rules to detect high-risk activity like watched or admin-led password resets.
  • Streamline rule management – benefit from the migration of legacy User Behavior Analytics (UBA) rules into the Detection Library, offering a single, comprehensive view of your detection landscape.
  • Improve response efficiency – with consistent rule access and faster insight into potential threats.

New Detection Rules:

  • Carbon Black Cloud

Migrated Legacy Rules:

  • RESTRICTED ASSET AUTHENTICATION - NEW SOURCE was migrated to User Behavior - Restricted Asset Authentication - New Source
  • HONEY USER AUTHENTICATION was migrated to User Behavior - Honey User Authentication
  • FIRST TIME ADMIN ACTION was migrated to User Behavior - First Time Admin Action

This month we have migrated detection rules for the following 3 third-party sources of alerts:

  • Duo
  • Vectra Networks X-Series
  • Varonis DatAdvantage

Top of page

Boost protocol accuracy and visibility with Network Sensor enhancements
Copy link

This update to Network Sensor improves protocol detection precision and expands support for critical protocols, helping security teams reduce false positives and gain trusted visibility into modern and OT/SCADA environments.

With this capability, you can:

  • Reduce false positives and missed detections in SSH, RDP, SMB, and DNS with sharper protocol classification.
  • Identify DNP3 protocol natively, closing a major visibility gap in OT and SCADA networks.
  • Improve fidelity of LDAP and Kerberos authentication traffic for stronger Active Directory analytics and fewer “unknown” flows.
  • Analyze encapsulated traffic with greater depth through enhanced inspection of VLAN and VXLAN traffic.

Top of page

Improvements and Fixes
Copy link

Improvements and fixes are posted each Monday, and include a roundup of infrastructure improvements and fixes across the Rapid7 products and offerings:

Application Security (InsightAppSec) and AppSpider
Copy link

No updates released at this time.

Cloud Security (InsightCloudSec)
Copy link

Release availability for self-hosted users

Self-hosted users are able to download the latest version usually six business days after SaaS users are upgraded from the following locations:

  • Terraform deployments: Public S3 bucket. Modules can be updated with the terraform get -update command.
  • Amazon Elastic Container Repository (ECR) deployments - You can obtain the ECR build images for this version from the InsightCloudSec ECR Gallery
⚠️

Delayed self-hosted release for 25.7.29

The self-hosted release for version 25.7.29 is delayed. It is expected to be available by August 7, 2025.

⚠️

No self-hosted release for 25.7.15

There will be no self-hosted release for version 25.7.15. The next self-hosted release is planned for version 25.7.22.

Version 25.7.29
Copy link

Software release date: July 29, 2025 | Release notes published: July 28, 2025

ℹ️

No version 25.8.5

There will be no release for version 25.8.5. Regular updates will resume with 25.8.12.

ℹ️

Reminder: Change to OCI Compartments and Impact on Bot Configurations

All users will receive enhanced support for OCI Compartments as part of the 25.7.29 release. This update promotes OCI Compartments to the Organization Services level, improves resource harvesting accuracy, and introduces a dedicated Compartments tab to the Cloud Accounts view.

Action required for users with OCI automation:

  • Bots interacting with Compartment resources will trigger alerts if they reference outdated organization service IDs.
  • Bots must reference the new organization service ID associated with the updated Compartment structure.

Depending on how your bots are configured:

  • If they reference specific service IDs, you’ll need to manually update them.
  • If they use broader cloud or badge filters, they may continue to function as expected without changes.

To minimize disruption, review your OCI automation configurations ahead of the release.

Improved:

  • Replaced references to InsightCloudSec with Cloud Security
  • Updated InsightCloudSec logo to Cloud Security logo
  • New CVA Local Scanner release (v. 25.7.21), which includes:
    • Support for custom network configurations with new environment variables:
      • HTTPS_PROXY for proxy-based network communication
      • SSL_CERT_FILE and SSL_CERT_DIR for custom SSL certificate paths
    • Performance and stability improvements
  • Improved performance for Clouds Listing UI
  • Added external scanner validation to publicly accessible resources
  • Added Query Filters:
    • Cloud Account With Root Compartment Creation (maps to CIS OSI 3.0.0 Recommendation 6.2)
    • Cache Instance with System Assigned Identity Disabled (maps to CIS Azure Database Services 1.0.0 Recommendation 2.5)
    • Cloud User Has Invalid Email Address
    • Instance Not In An Availability Zone
    • Instance Not In A Scale Set
    • Instance Not In Availability Zone Or Scale Set
    • Web Application Firewall With Disabled Managed Rules
    • Web Application Firewall With Disabled Custom Rules
    • Web Application Firewall With Disabled Rules
    • Load Balancer Using WAF Policy With Disabled Rules
    • Database Instance With No Databases
    • Azure Database Instance TDE Auto Key Rotation Enabled/Disabled
    • Compute Instance Without In Transit Encryption Enabled (Oracle Cloud)
    • Storage Account With Specified Redundancy
  • Added Insights:
    • Cloud Account With Root Compartment Creation (maps to CIS OSI 3.0.0 Recommendation 6.2)
    • Cache Instance with System Assigned Managed Identity Disabled (maps to CIS Azure Database Services 1.0.0 Recommendation 2.5)
    • Network Security Group Flow Log Retention Less Than 90 Days
    • Cloud User Has Invalid Email Address
    • Compute Instance Without In-transit Encryption Enabled
  • Updated Insights:
    • Cloud Users With Multiple Active API Keys
    • Cloud Account Without Microsoft Defender External Attack Surface Monitoring > Cloud Account Without Microsoft Defender External Attack Surface Monitoring (EASM) Enabled
    • Cloud Account With Microsoft Defender Disabled for Containers
    • Storage Account with Blob Soft Delete Disabled
    • Storage Account with File Share Soft Delete Disabled
    • Cache Instance With Microsoft Entra Authentication Disabled
  • Added compliance packs:
    • CIS Azure 3.0
    • CIS Azure 4.0
    • CIS Azure Database Services 1.0
  • Deprecated compliance pack: CIS Azure 2.1 (removal scheduled for February 2026)
  • Added me-central-1 region support to the following harvesters:
    • AwsWebAppHarvester
    • AirflowEnvironmentHarvester
    • AppStreamFleetHarvester
    • BackupVaultHarvester
    • BatchEnvironmentHarvester
    • BigDataServerlessNamespaceHarvester
    • BigDataServerlessWorkgroupHarvester
    • BuildProjectHarvester
  • Added ap-south-2 region support to the following harvesters:
    • AirflowEnvironmentHarvester
    • BackupVaultHarvester
    • BatchEnvironmentHarvester
    • BigDataServerlessNamespaceHarvester
    • BigDataServerlessWorkgroupHarvester
  • Expanded Instance resource to store Azure availability zone and scale set membership.
  • Updated Azure label for Database resource to display SQL Pool Database.
  • Updated Azure Storage Account Harvester to include SMB settings.
  • Added redundancy type visibility for Azure storage accounts.
  • Added harvesting of TDE automatic key rotation setting for Azure SQL Managed Instances.
  • Added support for new OCI Instance property: In Transit Encryption.
  • Added support for AWS RDS clusters to the Terraform converter.
  • Updated the description text in the Insight severity update modal to improve user understanding.

Fixed:

  • Detaching an instance no longer deletes its network interface in Cloud Security.
  • Fixed an issue where GoogleInstanceInterfaceIpHarvester failed when the instance was deleted mid-harvest or before Cloud Asset Inventory registered the removal.
  • Fixed inconsistent behavior in Alibaba Cloud where instances were not correctly associated with subnets.
  • Resolved failures in TimeseriesDatabaseHarvester caused by deprecation of the Timeseries Database resource in AWS for new accounts.
  • Updated DatabaseInstanceHarvester to account for AWS VPC Sharing and correctly associate database instances with networks across organization services.
  • Fixed BackupVault converter for AWS infrastructure as code (Terraform).

Version 25.7.22
Copy link

⚠️

Update on release 25.7.22

We’ve decided not to move forward with the 25.7.22 release. During final checks, we identified a few issues in our release pipeline and front-end systems that could impact delivery. Rather than risk disrupting your current experience, we’re holding this release to ensure everything meets our quality standards.

The main features planned for 25.7.22 are important, especially for our larger customers, and we’re committed to delivering them in a stable and reliable update. Several smaller improvements originally included in this release will now be part of the upcoming 25.7.29 release.

Version 25.7.15
Copy link

Software release date: July 15, 2025 | Release notes published: July 14, 2025

ℹ️

Version 25.7.15 availability

The 25.7.15 release will include three major new features: a new Bot Factory interface, container attack paths and public accessibility, and enhanced Oracle Cloud Infrastructure (OCI) Compartments support. To help ensure stability, customers with larger, more complex environments will not receive this release. All customers are expected to receive version 25.7.22, which includes these features in addition to standard weekly improvements and fixes.

⚠️

New Azure permissions required

These permissions support the Azure Capacity Reservation and Azure Capacity Reservation Group resources. All permissions (and any relevant wildcard equivalents) have been added to the appropriate onboarding user roles.

  • \"Microsoft.Compute/capacityReservations/read\"
  • \"Microsoft.Compute/capacityReservationGroups/read\"

Improved:

  • Added a new interface for the Bot Factory page. You can access the new interface by using the Switch to Modern UI button.
  • Added support for AWS-based containers to Attack Paths and public accessibility checks.
  • Enhanced support for Oracle Cloud Infrastructure (OCI) Compartments:
    • Promoted Compartments to the Organization Services level
    • Improved resource harvesting accuracy
    • Added a dedicated Compartments tab to OCI Cloud Account Details.
  • Deprecated the following Insights:
    • Access List Exposes High Risk Port to the Public
    • Access List Exposes High Risk UDP Ports to the Public
    • Access List Exposes SSH to the Public (SG)
    • Access List Exposes Windows RDP to the Public (SG)
  • Added the following Insights to replace deprecated ones:
    • Resource Access List Exposes Critical Ports to the Public
    • Resource Access List Exposes High-Risk UDP Ports to the Public
    • Resource Access Lists Expose SSH Ports to the Public
    • Resource Access Lists Expose Windows RDP Ports to the Public
  • Expanded the Database Instance resource harvester to include geo-redundant backup information.
  • Added harvester support for Azure Capacity Reservation Groups and Reservations.
  • Added Query Filters:
    • Database Instance With Geo-Redundant Backup Disabled
    • Capacity Reservation Group Without Reservations
    • Capacity Reservations By Capacity
    • Capacity Reservations By Fault Domain Count
    • Cloud Group Without Users and Managed Identities
  • Added Insights:
    • Cloud Group Without Users and Managed Identities
  • Added finding_id column to the KubernetesFindings table, set as provider_id.
  • Renamed Data Collections to Data Groups. This is a visual change only and does not affect functionality. The new name appears in buttons, navigation, and entitlement labels.
  • Renamed Query Filter Cloud Group Orphaned to Cloud Group Without Users.

Fixed:

  • Fixed support for Terraform Infrastructure as Code scans involving AWS AppSync API resources.
  • Fixed a UI issue where refreshing the tag overview page in Tag Explorer would display an error.
  • The following resource types are now fully removed when running the OrphanedResourceCleanup job:
    • AI Service Deployment
    • Bedrock Agent
    • Bedrock Guardrail
    • Bedrock Model
    • Bedrock Training Job
    • Comprehend Job
    • Connect Instance
    • Data Lake Source`
    • Elasticsearch Ingest Pipeline`
    • Kubernetes Finding
    • Polly Synthesis Task
    • Vertex Job
  • Fixed an issue where threat findings could not be harvested from newly created GCP projects due to use of the deprecated v1 Security Command Center API. ICS now uses the v2 API.

Version 25.7.8
Copy link

Software release date: July 8, 2025 | Release notes published: July 7, 2025

⚠️

New Alibaba Cloud permissions required

These permissions support the ApsaraDB resources. All permissions (and any relevant wildcard equivalents) have been added to the appropriate onboarding user roles.

  • \"rds:DescribeDBInstanceEncryptionKey\"

Improved

  • Added Insights:

    • Azure Databricks Not Deployed in a Customer-Managed Vnet (maps to CIS Azure 4.0 Recommendation 3.1.1)
    • Azure Storage Account Blob Versioning Not Enabled (maps to CIS Azure 4.0 Recommendation 10.2.2)
    • Virtual Network Flow Log Retention Less Than 90 Days
    • Virtual Network Flow Log Without Traffic Analytics Enabled
  • Added Query Filters:

    • Storage Account Blob Versioning Status (maps to CIS Azure 4.0 Recommendation 10.2.2)
  • Added validation to the IaC configuration creation API endpoint to ensure all Insight IDs are structured correctly.

  • Added support for creating tags on GCP DNS Domain resources.

  • Updated the following Insight details based on CIS Azure 3.0 benchmarks and recommendations:

    • Database Instance without Log Auditing Enabled (MySQL)
    • Database Instance without Connection Log Auditing Events (MySQL)
    • Encryption Key not Supporting Key Rotation
    • Storage Account Storing Activity Logs Encrypted using Customer Managed Key (formerly …using Cloud Managed Key)
    • Web App With Remote Debugging Enabled
    • Database Instance without Transparent Data Encryption (SQL)
    • Storage Container Soft Delete Disabled
    • Storage Account Allows Access from the Public
    • Storage Account without Microsoft Azure Services Bypass Enabled
  • Updated the System Profile Settings page and API documentation to display your base URL for API calls.

  • Added Azure support for the following Insights:

    • Encryption Key Without 90 Day Rotation Period Enforced
    • Compute Instance Recently Backed Up
    • Compute Instance Backup Age Exceeds
  • Added new harvesters for CloudWatch Deliveries, Delivery Sources, and Delivery Destinations.

Fixed

  • Creation timestamp is now correctly populated on AWS SSH Key Pair resources in Infrastructure as Code (IaC) scans.
  • Resolved issue where Azure ResourceLocks were not being linked with private endpoints.
  • Insight CloudFront Not Logging detection now considers v2 Standard Logging configurations.
  • Resolved an issue where database flags without values caused the Google DatabaseInstanceHarvester to fail.
  • Fixed a pagination issue with the SnapshotHarvester that occurred when a large number of snapshots existed in one region.
  • The Limit Folder by Parent IDs feature in the Manage Organization interface for Azure cloud accounts now checks for exact parent ID matches rather than prefix matches.

Version 25.7.1
Copy link

Software release date: July 1, 2025 | Release notes published: June 30, 2025

Improved

  • We made several improvements to our user interface to ensure a cleaner and more consistent experience for the System Settings pages. Additionally, the option to Switch to Legacy UI has been removed.
  • Deprecated Insights and Compliance Packs will now remain visible in the UI until their specified removal version, allowing more time for transition and minimizing workflow disruptions.
  • Expanded Azure Container Registry fields to include local admin and managed identity information.
  • Added Insights:
    • Encryption Key Vault With Public Network Access Enabled When Using Private Endpoint
    • Databricks Workspace Enable Customer Managed Keys (CMK)
  • Removed the option to automatically deploy Azure LPA outside of a Virtual Network because it is less secure.
  • The filenames for downloaded reports in Settings > Diagnostics > General > System Diagnostics Reports have been updated for clarity:
    • Bots and Their Configuration
      • Before: CloudSec-InsightCloudSec-<today_date_time>
      • Now: CloudSec-bots-<today_date_time>
    • Processor Jobs and Queue Health
      • Before: CloudSec-InsightCloudSec-<today_date_time>
      • Now: CloudSec-processors-<today_date_time>

Fixed

  • Orphaned Kubernetes findings are now correctly removed by the OrphanedResourceCleanup job.
  • The Resource Encrypted With Cloud Managed Key Query Filter now fails as expected when the KmsKeyId property is omitted.
  • Fixed a sync issue between vulnerability fix versions and remediation summaries.
  • Resolved an issue where the total vulnerability count did not update correctly when filtering by Cloud Account ID on the Vulnerabilities page.

SIEM (InsightIDR)
Copy link

Release notes published: July 21, 2025

Improved:

  • On the event source form:
    • Optional “Description” field added to Custom Logs event sources for elaborating on the data that should be ingested.
    • Cisco IOS event source form updated with more organized field structure.
    • Concise copy introduced in the Data Settings section of the event source form.
    • Additional field descriptions added for improved usage clarity.

Fixed:

  • Unexpected appearance of asset update error banner on Asset Details page resolved.
  • Event sources can now be added on outdated versions of Chrome.
  • Honey Files table now automatically refreshes after adding or deleting entries.
  • Active Directory Admin Activity button now routes to a valid query in Log Search.
  • Multiple IPs inputted in the Event Source form are now correctly parsed.

InsightVM
Copy link

Version 8.16.0
Copy link

Software release date: July 30, 2025 | Release notes published: July 28, 2025

Improved

  • Enhanced tag management with more granular user permissions, giving you greater control over who can manage tags in your environment. New permissions include:

    • Manage Site Tags – Allows users to add or remove tags from a site.
    • Manage Asset Tags – Allows users to add or remove tags from individual assets within a site.
    • Manage Group Tags – Allows users to add or remove tags from asset groups.
  • Updated built-in content to support CIS Microsoft Windows Server 2019 STIG Benchmark version 3.0.0, expanding coverage for secure configuration assessments.

Version 8.15.1
Copy link

Software release date: July 17, 2025 | Release notes published: July 17, 2025

Fixed

  • Fixed an issue that was impacting scheduled scans under certain conditions.

Version 8.15.0
Copy link

Software release date: July 17, 2025 | Release notes published: July 17, 2025

Improved

  • Added recurring coverage support for FortiClient for Windows.
  • Added recurring coverage support for Ivanti Cloud Services Application.
  • Updated the CIS Oracle Database 19c Benchmark to version 1.2.0.
  • Enhanced scan schedule configuration: you can now select from all available asset groups when excluding assets, not just those tied to the selected site.

Fixed

  • Resolved an issue with asset data retention that affected the Vulnerability Trends Report. Reports now reflect accurate historical data based on the selected time period.
  • Fixed an issue in the CIS Microsoft Windows 11 Enterprise Benchmark v4.0.0.

Version 8.14.0
Copy link

Software release date: July 9, 2025 | Release notes published: July 7, 2025

Fixed

  • Fixed an issue impacting successful backup and restore operations under specific conditions.
  • Fixed an issue that affected trend graphs and reporting accuracy following asset deletions
  • Fixed a data synchronization issue that could occur during certain console restart scenarios.
  • Added a fix to improve the accuracy of Fingerprint Certainty reporting.

Top of page

Threat Intelligence (Intelligence Hub)
Copy link

No updates released at this time.

Nexpose
Copy link

Version 8.16.0
Copy link

Software release date: July 30, 2025 | Release notes published: July 28, 2025

Improved

  • Enhanced tag management with more granular user permissions, giving you greater control over who can manage tags in your environment. New permissions include:

    • Manage Site Tags – Allows users to add or remove tags from a site.
    • Manage Asset Tags – Allows users to add or remove tags from individual assets within a site.
    • Manage Group Tags – Allows users to add or remove tags from asset groups.
  • Updated built-in content to support CIS Microsoft Windows Server 2019 STIG Benchmark version 3.0.0, expanding coverage for secure configuration assessments.

Version 8.15.1
Copy link

Software release date: July 17, 2025 | Release notes published: July 17, 2025

Fixed

  • Fixed an issue that was impacting scheduled scans under certain conditions.

Version 8.15.0
Copy link

Software release date: July 17, 2025 | Release notes published: July 17, 2025

Improved

  • Added recurring coverage support for FortiClient for Windows.
  • Added recurring coverage support for Ivanti Cloud Services Application.
  • Updated the CIS Oracle Database 19c Benchmark to version 1.2.0.
  • Enhanced scan schedule configuration: you can now select from all available asset groups when excluding assets, not just those tied to the selected site.

Fixed

  • Resolved an issue with asset data retention that affected the Vulnerability Trends Report. Reports now reflect accurate historical data based on the selected time period.
  • Fixed an issue in the CIS Microsoft Windows 11 Enterprise Benchmark v4.0.0.

Version 8.14.0
Copy link

Software release date: July 9, 2025 | Release notes published: July 7, 2025

Fixed

  • Fixed an issue impacting successful backup and restore operations under specific conditions.
  • Fixed an issue that affected trend graphs and reporting accuracy following asset deletions
  • Fixed a data synchronization issue that could occur during certain console restart scenarios.
  • Added a fix to improve the accuracy of Fingerprint Certainty reporting.

Attack Surface Management (Surface Command)
Copy link

No updates released at this time.

Top of page

Digital Risk Protection (Threat Command)
Copy link

No updates released at this time.