New

• New false positive investigation tool: You can now investigate vulnerability findings as potential false positives directly from your Security Console. If your investigation determines that the finding could indeed be a false positive, you can send the results to Rapid7 for analysis in one mouse-click. Check out our new false positive investigations article  to learn how to use this new tool.

• New MongoDB policy: We added a new Center for Internet Security (CIS) policy that provides coverage for MongoDB 3.6 for Linux.

Improved

• New tmux support for Linux-based installations: Security Console and Scan Engine installations on Linux hosts now support the tmux terminal multiplexer as an alternative to GNU Screen when the latter is unavailable during service startup. As of January 13th, 2021, tmux will become the primary multiplexer and GNU Screen will become the alternative option.
• Updated DISA policy content: We updated the following existing DISA benchmarks:
  • Microsoft Internet Explorer 11 STIG
  • Benchmark- Ver 1, Rel 15
  • Mozilla Firefox STIG Benchmark for Windows - Ver 1, Rel 6
• Improved Scan Engine performance for policy scanning: The Scan Engine will now use less memory when scanning assets for policy compliance.

Fixed

• We fixed an issue where the agent data retention routine configured in the Security Console would fail when handling significantly large amounts of stale Insight Agent assets.
• We fixed an issue with Custom Policy Builder where saving a new rule to an empty policy could fail.
• We fixed an issue with Custom Policy Builder where importing rules without any values would cause an import failure.
• We fixed a display issue with the Cloud Findings by Severity and Cloud Findings Percentage by Severity dashboard cards.
• Static Remediation Projects created from Goals will now display the expected number of assets in the project creation wizard.
• We fixed an issue that could occur when scanning Windows systems on two or more independent networks.