New
- Active Risk scoring strategy. Our new vulnerability risk scoring strategy, Active Risk, is now available. This risk strategy provides a threat-aware vulnerability risk score by using the latest version of CVSS available for a vulnerability and enhancing it with multiple threat intelligence feeds, including proprietary Rapid7 research, to prioritize remediation for actively exploited vulnerabilities first. You can upgrade to Active Risk from Administration > Vulnerabilities > Risk Score Settings.
- Active Risk dashboard cards. We added two new dashboard cards that use Rapid7's new vulnerability risk model, Active Risk:
- The Vulnerability Findings by Active Risk Score Severity and Publish Age card creates a heat map of Active Risk severity scores and the publish age of each vulnerability finding.
- The Vulnerability Findings by Active Risk Score Severity card displays the number of vulnerability findings in each Active risk score severity level (i.e., critical, high, moderate, and low).
Fixed
POST /api/3/sites/{id}/assetsnow correctly updates the description when importing an asset.- An issue that caused the CSV Exporter to fail when generating reports has been fixed.
- An issue that caused the
unix-path-resolver-threadto display errors and use excessive memory during scans has been fixed.