Release Notes

The release notes outline features, updates and patches that are included in each version of BigFix Insights for Vulnerability Remediation, including the latest application updates.

IVR V.4.1.0

Features and Enhancements for Tenable Security Center Integration

  • Added support of Tenable Security Center (formerly known as Tenable.sc) on the new IVR v.4 architecture
  • Tenable.sc Multi Instance support

Summary

We are happy to announce the release of BigFix Insights for Vulnerability Remediation (IVR) 4.1.0 for our customers using Tenable Security Center (formerly known as Tenable.sc)

  • The new IVR v.4 architecture is now able to directly integrate and load Vulnerability information from Tenable Security Center via API calls
  • IVR v.4 supports direct integration with multiple different instances of Tenable Security center. The data coming from the different instances of Tenable.sc are collected into the IVR database and correlated with BigFix content and devices, to identify the remediation content that must be deployed
  • The new integration with Tenable Security Center leverages of all the enhancements of the IVR v.4 architecture, as:
    • More accurate, effective and faster device correlation logic, that is based on IDs that guarantee much more reliability on the final correlation results.
    • More reliable and more accurate logic for the correlation between the Tenable findings and the BigFix remediation content, based on additional metadata available in the Tenable data flow
    • Reduced infrastructure requirements (in terms of computational resources, server configuration and time to process the data)

The goal of IVR remains the same, to help align Security and Operations teams with intelligent patching prioritization and automated remediation, reduce the time between vulnerability discovery and remediation, and greatly reduce risk by reducing the vulnerable attack surface.

Resources

Site Versions

Site Type Name Version
Fixlet Site BigFix Insights for Vulnerability Remediation
WebUI Site WebUI IVR

IVR4.0.1

Features and Enhancements for Tenable Vulnerability Management Integration
  • Bug Fixes: Resolved known issues to enhance stability and performance.
  • New Features: Improvements and functionalities were added to enrich the user experience.

Summary

We are happy to announce the release of BigFix Insights for Vulnerability Remediation (IVR) 4.0.1 for our customers using Tenable Vulnerability Management (formerly known as Tenable.io)

  • Improved SQL Password Management
  • Enhanced Logging
  • Added additional logging for the --reset switch.
  • Implemented logging for assets missing certain fields to improve diagnostics.
  • Introduced additional logging for Job Automation to enhance traceability.
  • Implemented purging of table data once it reaches its expiration date to maintain optimal database performance.
  • Fixed issue with automation jobs holding and not releasing sockets during connections.
  • The --printconfig flag is now required to generate the appconfig.log file, preventing unintentional disclosure of settings.
  • Engine Resolution changes - Optimized the code to handle concurrency and rate limit scenarios from Tenable.
  • Added enhanced features to the SetUp screen to display existing configurations when adding new ones.

Site versions:

Site Type Name Version
Fixlet Site BigFix Insights for Vulnerability Remediation 26
WebUI Site WebUI IVR 16
WebUI Site WebUI Common 90

IVR4.0.0

Key features:

  • Brand new framework for IVR v.4 that reduce infrastructure requirements (in terms of computational resources, server configuration or time to process the data)
  • BigFix IVR v.4 supports integration with Tenable VM
  • An improved, more reliable and more accurate logic for the correlation between the Tenable findings and the BigFix remediation content, based not only on CVE, but on additional metadata available in the Tenable data flow
  • Optimized identification of the remediation. BigFix will deliver a pre-correlated mapping between Tenable findings and BigFix content, that is maintained and refreshed by BigFix
  • A more accurate, effective and faster device correlation logic, that is based on IDs that guarantee much more reliability on the final correlation results.

The goal of IVR remains the same, to help align Security and Operations teams with intelligent patching prioritization and automated remediation, reduce the time between vulnerability discovery and remediation, and greatly reduce risk by reducing the vulnerable attack surface.

Features and Enhancements

  • Brand new architecture and design for IVR
  • IVR Support of Tenable.vm
  • Reduced infrastructure requirements
  • Improved assets correlation
  • Streamlined deployment
  • Optimized vulnerability to remediation correlation

Resources

Site versions:
Site Type Name Version
Fixlet Site BigFix Insights for Vulnerability Remediation 26
WebUI Site WebUI IVR 16
WebUI Site WebUI Common 90

IVR 3.0 - Customers using Rapid7 and/or Custom CSV Ingestion

IVR 3.0 is available natively in the WebUI and includes these new features:
  • New platform for IVR, improved performance
  • Support for IVR integration with Rapid7
  • Ability to import .csv files for IVR correlation in BigFix
  • WebUI Patch Policy support for Rocky Linux 9 and Oracle Linux 9
  • Bugfixes
  • Security Improvements

Support for IVR integration with Rapid7

  • IVR now supports a native integration with Rapid7 in IVR 3.0, now BigFix can take the vulnerability information from Rapid7, correlate it to devices in BigFix, and then suggest remediation based on the CVEs discovered in the environment.
  • BigFix can report and export on the vulnerability exposed currently in the environment, the severity of the vulnerabilities currently in the environment, and dates of the various exposures

CSV Import

  • BigFix now supports importing .csv files that contain asset information and corresponding CVEs and correlating them to existing BigFix devices and fixlets.
  • Devices and exposures can be remediated easily be selected and executed from the wizard

Insights Live ETL Feed

  • Insights Live ETL Feed page is designed to display the stages and various steps of an active BFE ETL process. Its primary purpose is to assist in debugging ETL issues and monitoring the progress of ongoing ETL operations.
  • The Live ETL Feed page can only be accessed directly via URL and is accessible after logging into Insights in the WebUI. There are no direct links or buttons that will lead you to this page.
  • To access the Live ETL Feed page, follow these steps, open your web browser and enter the following URL: https://<webui_server>/insights/live

How to Update

WebUI will update automatically by default, unless configured otherwise. Please note that updates for WebUI Insights and WebUI IVR must be done manually via the Application Updates page on WebUI. Now, updating WebUI IVR will also update WebUI Insights. For more information, please see: https://help.hcl-software.com/bigfix/11.0/webui/WebUI/Admin_Guide/c_manage_application_updates.html

Resources