New

• Linux coverage. We added Linux authenticated coverage in response to CVE-2023-46604, which affects Apache ActiveMQ.

Improved

• Asset correlation algorithm. We improved our asset correlation algorithm to be more accurate when correlating agent assets. This change now gives a higher weighting to Citrix IDs and Rapid7 Insight Agent IDs to ensure the Security Console will always use the most accurate ID available.
• Complementary scanning. The Security Console now uses agent-based assessment results to override less reliable remote check results from unauthenticated scans.
• Global Blackouts page The Global Blackouts page has been redesigned with improved navigation and usability. Global blackouts and site blackouts can now be filtered by type in the same table. Additionally, UTC has been added as a new supported timezone.

Fixed

• A fingerprinting issue which caused SMTP ports to be incorrectly identified as FTP has been fixed.
• The data warehouse no longer stores deleted assets in the dim_asset_tag table.
• An issue where AWS discovery connections would frequently disconnect because it retrieved an invalid poll time has been fixed.
• A defect which caused users with Global permissions to be unable to edit Site parameters has been fixed.