Dec 09, 20206.6.56

New

  • Microsoft Patch Tuesday coverage: This release includes updated scan coverage for December 2020.
Customer Requested
  • New macOS policy: We added a new Center for Internet Security (CIS) policy that provides coverage for Apple macOS 10.14.
  • New wizard for report creation: Try our new report creation wizard, powered by the Query Builder, to scope and schedule CSV exports of data and printable dashboards as PDFs.
Customer Requested
  • Proxy support for Scan Engine and Security Console communication: Scan Engines that are configured to communicate with the Security Console using the engine-to-console method can now route traffic through an HTTP proxy server. This capability supports the following authentication mechanisms:
    • Basic
    • Digest
    • NTLM

Improved

  • More report details in the Reports Archive: Report cards in the Reports Archive now display the following additional details:
    • The users that have access to the report
    • The name of the saved query that sets the scope of the report
    • The schedule on which the report is generated

Fixed

  • We resolved a Back Orifice false positive affecting Unix systems that was caused by the Scan Engine failing to identify the underlying protocol after finding that either TCP port 54320 or UDP port 54321 was open.
  • The Manage Group Assets user permission in the Security Console now grants users the ability to add or remove assets from a static asset group as expected.
  • We fixed an issue that could cause assets to fail to integrate due to an invalid credential status remaining from prior scans.
  • We fixed an issue where the Scan Engine could receive a valid authentication response from an SAP HANA service but would not correctly fingerprint the service.
  • We fixed an issue with our policy override retrieval process that would ultimately prevent the overall Exceptions and Overrides page in the Security Console from loading.

Other Changes

  • To improve case resolution times and your overall experience with the Rapid7 Support team, the Send Logs capability in the Security Console now requires that you associate the log package with a Customer Portal case number before submitting it. This additional information ensures that Support Engineers are in the best position to assist you when your log package is received.