The following describes the new features and improvements introduced in RiskVision version 9.7 released on February 2, 2022.
New System Details Hardware Tab
Entities have a new System Details Hardware tab that displays all hardware type CPEs that have been attached to the entity. Users can add new or existing technologies to an entity or remove it. This will better represent the technologies deployed on a specific asset, provide better correlation of vulnerabilities for assets, and provide better usability when reporting on vulnerabilities affecting specific technologies.
New Related Risks Tab
Risks now have a Related Risks tab that allows users to view related risks that have been attached from the risk repository. Users can use this tab to add or remove related risks.
Improved Entity Deletion Warning
When deleting an entity with a linked object, a pop-up window will display the name of all linked objects before asking if you wish to continue deleting. When using the Delete All function to delete all entities that are part of a Dynamic Group, a pop-up window will display the name of the Dynamic Group before asking if you wish to continue deleting.
Export Different Version of Content Pack
Users can now export different versions of content packs populated with content pack key attributes. This will allow users to view and identify the differences between each content pack version and facilitate more informed decisions for the control going forward.
New Vulnerability Identifier Column
There is a new Identifier column on an entity's Vulnerabilities List grid that displays the full identifier code of the vulnerability. The identifier also contains a hyperlink leading to the Vulnerability Instance page.
CVSS V3.1 Score Calculation
Vulnerabilities that use CVSS V3.1 will now use the 3.1 calculator to calculate their score. If a vulnerability uses CVSS V3.1, the title of the CVSS v3 tab, as well as its score sections, will display version 3.1.
Automatic Of Interest Field Update
Technology assigned to an entity will have the value of its Of Interest field automatically changed to Yes after the user runs the Update Technologies Summary function.
Batch Edit Entity Maximum Size
By using the com.agiliance.asset.batchoperations.size
property, users can adjust the maximum size of entities affected by the Batch Edit Entities action. By default, the maximum size is 50.
Fix for Apache Log4j 2 Vulnerability
RiskVision has implemented a fix for a recently discovered vulnerability in Apache Log4j 2 versions 2.0 to 2.17.0. Implementing this fix will make your system less susceptible to Remote Code execution attacks.
Threat & Vulnerability Manager Dashboard Changes
The dashboard for the Threat & Vulnerability Manager has been updated to only display the Top 20 Vulnerabilities report. This will free up more resources and prevent application degredation.
JasperReports Server 7.9.0
Riskvision can now run up to version 7.9.0 of JasperReports Server, delivering the following enhancements:
- Updated User Interface
- Support for new Third-Party Platforms
- New Custom Reports
- JRIO At-Scale
- JasperReports Library Updates