0
26.0.13
Yokohama, Xanadu, Washington DC, Vancouver
Vulnerability Response helps organizations respond faster and more efficiently to vulnerabilities, connects security and IT teams, and provides real-time visibility into your security posture. Vulnerability Response connects the workflow and automation capabilities of the Now Platform® with vulnerability scan data from leading vendors to give your teams a single platform for response that can be shared between security and IT.
The Vulnerability Response application includes the following capabilities:
- New modern user experience through the Vulnerability Manager and IT Remediation Workspaces.
- Automate the process of organizing vulnerabilities into a group and assigning it to the IT operations team.
- Prioritize vulnerabilities based on asset criticality and vulnerability severity.
- Improve the flow of work between Security and IT via a comprehensive remediation workflow.
- Import Dynamic Application Security Testing (DAST), Static Application Security Testing (SAST), Software Composition Analysis (SCA) vulnerabilities, manual penetration test assessments, and application vulnerable items to help you determine, prioritize, and remediate the impact and priority of flaws in your code using the Application Vulnerability Response (AVR) feature.
- Import information from the NIST National Vulnerability Database (NVD) with the Vulnerability Response Integration with NVD to better understand your vulnerability exposure.
Changed:
- Vulnerability Managers and Vulnerability Analysts can now adjust the severity of Common Vulnerabilities and Exposures (CVEs) and Third-Party Entries (TPEs) from the List View in the Vulnerability Manager Workspace.
The risk level of the associated vulnerabilities will be recalculated during the scheduled jobs based on the modified severity.
You can also reset the severity to its original source value if required.
Fixed:
- If you request an extension for an exception rule, multiple approvals are not generated.
- Exception rules are automatically approved when created by users with granular roles.
- The Overview page in workspaces will display in Dark mode if you select it in your user preferences.
- For reimported vulnerable items (VITs), the state roll-up will occur if the Last seen dates are older than the Resolution dates.
- Editing existing remediation target rules no longer results in duplicated histories.
- Assignment groups for VITs linked to third-party entries (TPEs) are updated after Tenable imports them, following the execution of lookup rules.
- A runtime error in detection processing can occur if multiple detections have the same Last found date.
- When you change your target rules and select Apply Changes, only the remediation target rules marked for reapply are executed.
- The Running total is displayed on the Default Risk Rule for vulnerability calculators.
- Configuration item (CI) attributes on VITs are updated to reflect changes in corresponding discovered items.
- The DetectionBase script include automatically updates the ip_address, DNS, netbios, port, protocol, SSL, and proof fields. Note: To roll these updates up to discovered items and VITs, you must activate the sn_vul.show_last_open_detection system property. This update process may affect system performance.
- Exclusion rule changes the state of VITs from Under Investigation or Awaiting Implementation to Open.
- Email notifications are sent for expiring exception requests in Vulnerability Response.
- The following dependency plugins for Vulnerability Response must be activated:
- com.snc.vul_dep plugin for Vulnerability Response Dependencies
- The following Security Operations applications must be installed and activated:
- Security Integration Framework
- Security Support Common
- Security Support Orchestration
- Permissions and roles
- Roles required:
- System Admin (admin) for installation
- For Configuration:
- Application Security Manager (User part of App-Sec Manager group) for Application Vulnerability Response
- For access to the Vulnerability Response Workspaces:
- IT Remediation Workspace: sn_vul.remediation_owner
- Roles required: