Articles in this section

Release Notes

Parag Baxi
  • Updated
Follow

This page documents production updates to Unified VRM. You can periodically check this page for announcements about new or updated features, bug fixes, known issues, and deprecated functionality.

To get the latest product updates delivered to you, add the URL of this page to your feed reader.

  

March 2019

Why: Metrics Dashboard

As a CISO, I want to see my vulnerability trending data so that I can track the progress of my vulnerability management program

What: My Risk Today & My Risk Trends

This shows your current overall risk score, your vulnerability risk, asset risk, threat risk and the percent change since last month for each.

Vuln Risk: a break out of vulnerability counts for each risk grade, the count change since last month and a drill in link for more details.

Asset Group Risk: a list of the 5 most risky asset groups with links to drill in for more details for each. Also, a link to the lowest risk assets groups is also available.

Threat Risk: Active Threats is a count of all vulnerability that have been associated with a known Trojan, Malware, Ransomware, Exploit Kit or Targeted Attack. Potential Threats are vulnerabilities that have not been associated with a threat, but score high on our machine learning algorithm as having threat potential. Active Threats on Critical Assets is the count of active threats on your business critical assets

My_risk_today_Screenshot.png



What: Improve My Risk Score

This is NopSec’s recommendations for how you can improve your risk score. The button will take you to see all the vulnerabilities you should remediate to improve your score.

Improve_My_risk_Score_screenshot.png

 

What: Reduce My Attack Surface

This is NopSec’s recommendation for the most impactful remediation effort for your team. It shows the one most risky vulnerability that can be found on the most number of your critical assets.

Reduce_My_Attack_Surface_Screenshot.png

 

What: Remediation of Critical Vulns Graph

This is a graph that will track remediation of critical vulns per quarter. By using the tracking only the vulnerabilities that originate in a single quarter, you can get an accurate view of your remediation progress without the noise of newly found vulnerabilities skewing the numbers.

Remediation_of_Critical_Vulns_Screenshot.png

 

What: Mean Time To Remediation

This will track your Overall Mean Time To Remediation, your Mean Time to Remediation for Critical Assets and the asset groups with the best and worst Mean Time to Remediation. Along with those metrics it will also track the change increase or decrease in your Mean Time to Remediation since the previous month.

MTTR_Screenshot.png

 

What: Patch Coverage on My Top Asset Groups

This will track the patch coverage of your most important asset groups by showing the percent of assets that were recently patched in each group. Along with that it will show the current grade, score and mean time to remediation per asset group.

Patch_Coverage_Screenshot.png

 

What: Prioritization Made Easy

This will show your vulnerability reduction after NopSec enriches the data from your scanners.

Prioritization_Screenshot.png

                                                                                                             

February 2019

Why: NopSec Risk Reduction Recommendations

As a Security Analyst I want to see NopSec’s recommendations for what will have biggest effect on my risk health so that I can most efficiently remediate.

 

What: Improve My Risk Score Recommendations

The Improve My Risk Score feature will highlight the best route to improving your risk score. On the dashboard it will show the number of vulnerabilities that can be remediated to improve your score to the next letter grade. Drilling into it will lead to an exact list of those vuln instances, including the information about the assets they are on.

 

What: Reduce My Attack Surface Recommendations

NopSec’s Reduce My Attack Surface feature will allow you to identify the most important vulns to focus on. It will highlight the most critical and prevalent vulnerability in the environment. That vulnerability will be the one with the worst risk score that can be found on the highest number of critical assets.

                                                                                                             

October 2018

Why: Advanced Search & Dashboard Drilldown expansion

As a Security Analyst, I want to be able to search across multiple attributes so that I can find exactly what I want.

What: Advanced Search on Asset Group Creation

This is a backtip limited search. Every search clause added would be performed using AND logic.

Example:

````name:nyc dept`ip:10.2.3.0/24`netbios:abc```

 

This would translate to

  “Find all assets that contains ‘nyc dept’ (case insensitive) AND IP range in 10.2.3.0 - 10.2.3.255 AND netbios contains ‘abc’

Three fields are searchable:

  1. name: contains query and case insensitive
  2. netbios: contains query and case insensitive
  3. ip: CIDRs only (1.2.3.4 would be treated as 1.2.3.4/32, 1.2 would be treated as 1.2.0.0/32) - LIMITED to /16

What: Asset group creation exposes asset details

“New Asset Group” window shows  Asset names, IP and netbios name

What: CIDR Search on Fix Page

Customers can now search via CIDR on Fix.

 

What: Dashboard drilldown to fix page

We want to allow them to drill down from the “Riskest group” on landing page to fix page with the asset group filtered.

                                                                                                             

January 31, 2019

Welcome to Unified VRM!

FEATURE
 Browse your assets in Asset Inventory across vulnerability scanners and CMDBs and view them in one place.
 
FEATURE
   
FEATURE
 Share vulnerability information automatically from Unified VRM into your existing unified communications tools such as Slack, email and more to automate the manual copy and pasting distribution.

Related articles

Comments

0 comments

Article is closed for comments.