Release Notes
The release notes outline features, updates and patches that are included in each version of BigFix Insights for Vulnerability Remediation, including the latest application updates.
IVR V.4.1.0
Features and Enhancements for Tenable Security Center Integration
- Added support of Tenable Security Center (formerly known as Tenable.sc) on the new IVR v.4 architecture
- Tenable.sc Multi Instance support
Summary
We are happy to announce the release of BigFix Insights for Vulnerability Remediation (IVR) 4.1.0 for our customers using Tenable Security Center (formerly known as Tenable.sc)
- The new IVR v.4 architecture is now able to directly integrate and load Vulnerability information from Tenable Security Center via API calls
- IVR v.4 supports direct integration with multiple different instances of Tenable Security center. The data coming from the different instances of Tenable.sc are collected into the IVR database and correlated with BigFix content and devices, to identify the remediation content that must be deployed
- The new integration with Tenable Security Center leverages of all the enhancements
of the IVR v.4 architecture, as:
- More accurate, effective and faster device correlation logic, that is based on IDs that guarantee much more reliability on the final correlation results.
- More reliable and more accurate logic for the correlation between the Tenable findings and the BigFix remediation content, based on additional metadata available in the Tenable data flow
- Reduced infrastructure requirements (in terms of computational resources, server configuration and time to process the data)
The goal of IVR remains the same, to help align Security and Operations teams with intelligent patching prioritization and automated remediation, reduce the time between vulnerability discovery and remediation, and greatly reduce risk by reducing the vulnerable attack surface.
Resources
Site Versions
Site Type | Name | Version |
---|---|---|
Fixlet Site | BigFix Insights for Vulnerability Remediation | |
WebUI Site | WebUI IVR |
IVR4.0.1
- Bug Fixes: Resolved known issues to enhance stability and performance.
- New Features: Improvements and functionalities were added to enrich the user experience.
Summary
We are happy to announce the release of BigFix Insights for Vulnerability Remediation (IVR) 4.0.1 for our customers using Tenable Vulnerability Management (formerly known as Tenable.io)
- Improved SQL Password Management
- Enhanced Logging
- Added additional logging for the --reset switch.
- Implemented logging for assets missing certain fields to improve diagnostics.
- Introduced additional logging for Job Automation to enhance traceability.
- Implemented purging of table data once it reaches its expiration date to maintain optimal database performance.
- Fixed issue with automation jobs holding and not releasing sockets during connections.
- The --printconfig flag is now required to generate the appconfig.log file, preventing unintentional disclosure of settings.
- Engine Resolution changes - Optimized the code to handle concurrency and rate limit scenarios from Tenable.
- Added enhanced features to the SetUp screen to display existing configurations when adding new ones.
Site versions:
Site Type | Name | Version |
---|---|---|
Fixlet Site | BigFix Insights for Vulnerability Remediation | 26 |
WebUI Site | WebUI IVR | 16 |
WebUI Site | WebUI Common | 90 |
IVR4.0.0
Key features:
- Brand new framework for IVR v.4 that reduce infrastructure requirements (in terms of computational resources, server configuration or time to process the data)
- BigFix IVR v.4 supports integration with Tenable VM
- An improved, more reliable and more accurate logic for the correlation between the Tenable findings and the BigFix remediation content, based not only on CVE, but on additional metadata available in the Tenable data flow
- Optimized identification of the remediation. BigFix will deliver a pre-correlated mapping between Tenable findings and BigFix content, that is maintained and refreshed by BigFix
- A more accurate, effective and faster device correlation logic, that is based on IDs that guarantee much more reliability on the final correlation results.
The goal of IVR remains the same, to help align Security and Operations teams with intelligent patching prioritization and automated remediation, reduce the time between vulnerability discovery and remediation, and greatly reduce risk by reducing the vulnerable attack surface.
Features and Enhancements
- Brand new architecture and design for IVR
- IVR Support of Tenable.vm
- Reduced infrastructure requirements
- Improved assets correlation
- Streamlined deployment
- Optimized vulnerability to remediation correlation
Resources
Site Type | Name | Version |
---|---|---|
Fixlet Site | BigFix Insights for Vulnerability Remediation | 26 |
WebUI Site | WebUI IVR | 16 |
WebUI Site | WebUI Common | 90 |
IVR 3.0 - Customers using Rapid7 and/or Custom CSV Ingestion
- New platform for IVR, improved performance
- Support for IVR integration with Rapid7
- Ability to import .csv files for IVR correlation in BigFix
- WebUI Patch Policy support for Rocky Linux 9 and Oracle Linux 9
- Bugfixes
- Security Improvements
Support for IVR integration with Rapid7
- IVR now supports a native integration with Rapid7 in IVR 3.0, now BigFix can take the vulnerability information from Rapid7, correlate it to devices in BigFix, and then suggest remediation based on the CVEs discovered in the environment.
- BigFix can report and export on the vulnerability exposed currently in the environment, the severity of the vulnerabilities currently in the environment, and dates of the various exposures
CSV Import
- BigFix now supports importing .csv files that contain asset information and corresponding CVEs and correlating them to existing BigFix devices and fixlets.
- Devices and exposures can be remediated easily be selected and executed from the wizard
Insights Live ETL Feed
- Insights Live ETL Feed page is designed to display the stages and various steps of an active BFE ETL process. Its primary purpose is to assist in debugging ETL issues and monitoring the progress of ongoing ETL operations.
- The Live ETL Feed page can only be accessed directly via URL and is accessible after logging into Insights in the WebUI. There are no direct links or buttons that will lead you to this page.
- To access the Live ETL Feed page, follow these steps, open your web browser and enter the following URL: https://<webui_server>/insights/live
How to Update
WebUI will update automatically by default, unless configured otherwise. Please note that updates for WebUI Insights and WebUI IVR must be done manually via the Application Updates page on WebUI. Now, updating WebUI IVR will also update WebUI Insights. For more information, please see: https://help.hcl-software.com/bigfix/11.0/webui/WebUI/Admin_Guide/c_manage_application_updates.html
Resources
- Demo Link (September 27th) - https://www.brighttalk.com/webcast/17964/591770?utm_source=HCLBigFix&utm_medium=brighttalk&utm_campaign=591770
- Product Page - https://www.hcl-software.com/bigfix/ivr-home
- Documentation - https://help.hcl-software.com/bigfix/11.0/webui/WebUI/Users_Guide/c_get_started_with_IVR.html