Nexpose Release Notes / Sep 28, 2016

Sep 28, 20166.4.0

New

  • Remediation Workflow (Beta) enables you to easily create remediation projects and assign tasks to remediation teams so they know exactly what they have to fix and why. Remediation details are presented in a language that IT teams can understand and provide the prioritization they need to be effective. With Remediation Workflow (Beta), IT, management, and C-suite teams now have the data they need to track the progress of every fix in real-time and validate each fix when it is done. Remediation Workflow (Beta) is available with Nexpose Enterprise and Ultimate. Once you opt-in to Nexpose Now, you'll be able to create remediation projects to group together vulnerabilities that need to be remediated. Remediation projects leverage the simple yet powerful filtering capabilities of Nexpose Now Liveboards so that remediators will only see the information relevant to them. With Remediation Workflow, you now have the ability to track the progress of remediation projects across all teams at a glance.
  • Live Monitoring enables you to assess exposures in real-time and easily identify any changes on your network. With Live Monitoring, you can deploy Rapid7 Agents (Beta), which provide visibility into assets under heavy scanning restrictions while virtually eliminating credential management challenges that are typically associated with network-based scanning. Rapid7 Agents (Beta) automatically collect data, which is then seamlessly integrated into Nexpose Now Liveboards so that you can visualize and prioritize risks as they occur. You can monitor the status of your Rapid7 Agents (Beta) from your Nexpose Now Liveboards to identify any discrepancies or errors that require attention.
  • We have added user preferences for notifications. Now you can select the types of notifications you want to see while using the Security Console. The notifications panel will also now auto expand on login if there are any new notifications since the last login. You can configure this in the user preferences under notifications.
  • We have added notifications for updates to improve visibility for the update process. This includes notifications for when new updates are applied and if there are problems updating.
  • The documentation is now available online at https://help.rapid7.com/nexpose/. Links within the Security Console have been updated to point to the online help.

Improvements

  • Policies now have a new user interface that allows you to track your overall compliance position, see which policies are the most and least compliant, and drill into a policy to get detailed results. Each policy has a dedicated page that provides more information, such as assessment results by rule and scanned asset. The new interface also includes an Assets view, which shows you the assets that are the most compliant and least compliant. Like with policies, you can drill into an asset to get more detailed results and go to its dedicated page to get more information, such as policy assessment results, proof for why the rule passed or failed, and remediation steps.
  • Scan Engines are now sorted by name in the Discovery Connection settings of the Site Configuration page.
  • The connections list in the site configuration is now sorted by group and connection name.
  • PCI report templates have been updated to reference the relevant sections of PCI DSS v3.2.

Fixes

  • We have addressed a persistent cross-site scripting (XSS) vulnerability in the reports page. Thanks to Dinesh Ponnudurai for discovering this issue.
  • We have resolved an issue where policy scans fail to integrate when there are a large number of policy scans on the console.
  • We have addressed an issue that caused policy rules checking for network connections on Unix-based systems to return an error on certain targets.
  • A solution that referenced an invalid version of PHP has been updated to refer to the appropriate version.
  • A false positive for the PHP vulnerability CVE-2015-4601 has been resolved.
  • The host field for vulnerability syslog alerts has been changed to the address of the engine instead of the scan target.
  • We have addressed an issue where in certain situations the highest certainty fingerprint was not used when multiple fingerprints were found against the same asset.