New
- New remote check for SolarWinds SUNBURST: We added a remote check for the SolarWinds SUNBURST backdoor supply chain attack. Check out our blog post for the latest information, mitigation guidance, and updates as they become available.
Customer Requested
- New Oracle Database policy: We added a new Center for Internet Security (CIS) policy that provides coverage for Oracle Database 18c.
Customer Requested
- New SSH key exchange support for the Scan Engine: The Scan Engine now supports the
diffie-hellman-group14-sha256SSH key exchange algorithm.
Customer Requested
- New automated vulnerability content: We now support recurring vulnerability coverage for the Cisco AnyConnect Secure Mobility Client on Windows, macOS, and Linux.
Customer Requested
- New vulnerability content: We added a remote check for CVE-2019-11580, a remote code execution vulnerability affecting Atlassian Crowd.
Customer Requested
- User role permissions for goal creation: You can control which of your users have the ability to create goals with the Remediation Projects and Goals & SLAs platform permission in the Security Console.
Customer Requested
- Audit logging for Custom Policy Builder: You can now configure Custom Policy Builder to send audit logs that capture every policy update implemented by your users. These audit logs record what changes were made to a policy, when those changes were applied, and who was responsible for them. Use this new functionality to allow another user or an auditor to view the change history of any policy when needed.
Improved
- Updated Defense Information Systems Agency (DISA) policies: We updated the following DISA benchmarks:
- Microsoft Windows Server 2019 STIG Benchmark - Ver 2, Rel 1
- Microsoft Windows Server 2012 and 2012 R2 MS STIG Benchmark - Ver 3, Rel 1
- Microsoft Windows Server 2016 STIG Benchmark - Ver 2, Rel 1
- Microsoft Windows Server 2012 and 2012 R2 DC STIG Benchmark - Ver 3, Rel 1
- Microsoft Windows 10 STIG Benchmark - Ver 2, Rel 1
- Microsoft Windows Defender Antivirus STIG Benchmark - Ver 2, Rel 1
- Cloud-based reports are now editable: You can now edit cloud-based reports that you've already generated directly from the Reports Archive. Expand the three-dot dropdown menu on the right side of one of your report cards to edit the report using the report creation wizard.
- Reduced scan times for Windows assets: The Scan Engine will now collect a reduced amount of registry data from Windows scan targets to improve scan times on those assets.
Fixed
- We fixed a false positive affecting our No authentication for single user mode vulnerability check.
- We fixed a validation issue in APIv3 that prevented the
PUT /api/3/users/{id}/sites/{siteId}call from adding individual site access to a user that already has access to all asset groups. - We fixed an issue that caused the Vulnerability Trends report to generate as a blank document.
- We fixed an issue that prevented Azure asset data from being stored properly in the Security Console.
- We fixed an issue with our Adobe Flash fingerprinting process that would lead to inaccurate results if the software was installed without any associated version information.
- We fixed an issue with our Nmap service enumeration-based PostgreSQL fingerprinting process that would lead to inaccurate results if the software was installed without any associated version information.