Release notes

The release notes outline the features, updates and patches that are included in each version of BigFix Insights for Vulnerability Remediation v.4, including the latest application updates.

IVR 4.2.0.0

We are excited to announce that BigFix IVR 4.2.0.0 is now available.

Key features introduced in this release are:

  • Vulnerabilities View by Device

    The IVR WebUI page will now include an option to switch the view from Vulnerabilities to Device List. This new view provides immediate visibility into the number of detected vulnerabilities for each correlated asset.

  • Universal Vulnerabilities Import

    IVR V. 4.2.0.0 introduces enhanced support for importing vulnerabilities using a generic .csv file format. Key enhancements include:
    • Multi-file Import Support
    • Device Correlation Support
    • Improved Content Accuracy and Correlation

  • Defect Fixes

Resources

IVR V.4.1.1.1

Features and Enhancements for BigFix Insights for Vulnerability Remediation (IVR) 4.1.1.1

  • Bug Fixes: Resolved several known issues to improve overall system stability and performance.

    Table 2.
    Site Type Name Version
    Fixlet Site BigFix Insights for Vulnerability Remediation 121
    WebUI Site WebUI IVR 19

IVR V.4.1.1.0

Features and Enhancements for BigFix Insights for Vulnerability Remediation (IVR) 4.1.1.0

  • Bug Fixes: Resolved several known issues to improve overall system stability and performance.
  • New Features: Improvements and functionalities were added to enrich the user experience.

Summary

We are happy to announce the release of BigFix Insights for Vulnerability Remediation (IVR) 4.1.1.0, which introduces key improvements aimed at enhancing security, flexibility, and user experience.

Features and Enhancements for BigFix Insights for Vulnerability Remediation (IVR) 4.1.1.0:

  • The Tenable.io data source URL located in the DataSources tab (within the Setup section) is now an editable field

  • The internal TLS configuration has been updated to enforce a minimum TLS version of 1.2

    Site Type Name Version
    Fixlet Site BigFix Insights for Vulnerability Remediation 72
    WebUI Site WebUI IVR 19

IVR V.4.1.0

Features and Enhancements for Tenable Security Center Integration

  • Added support of Tenable Security Center (formerly known as Tenable.sc) on the new IVR v.4 architecture
  • Tenable.sc Multi Instance support

Summary

We are happy to announce the release of BigFix Insights for Vulnerability Remediation (IVR) 4.1.0 for our customers using Tenable Security Center (formerly known as Tenable.sc)

  • The new IVR v.4 architecture is now able to directly integrate and load Vulnerability information from Tenable Security Center via API calls
  • IVR v.4 supports direct integration with multiple different instances of Tenable Security center. The data coming from the different instances of Tenable.sc are collected into the IVR database and correlated with BigFix content and devices, to identify the remediation content that must be deployed
  • The new integration with Tenable Security Center leverages of all the enhancements of the IVR v.4 architecture, as:
    • More accurate, effective and faster device correlation logic, that is based on IDs that guarantee much more reliability on the final correlation results.
    • More reliable and more accurate logic for the correlation between the Tenable findings and the BigFix remediation content, based on additional metadata available in the Tenable data flow
    • Reduced infrastructure requirements (in terms of computational resources, server configuration and time to process the data)

The goal of IVR remains the same, to help align Security and Operations teams with intelligent patching prioritization and automated remediation, reduce the time between vulnerability discovery and remediation, and greatly reduce risk by reducing the vulnerable attack surface.

Resources

Site Versions

Site Type Name Version
Fixlet Site BigFix Insights for Vulnerability Remediation 36
WebUI Site WebUI IVR 17

IVR 4.0.1

Features and Enhancements for Tenable Vulnerability Management Integration
  • Bug Fixes: Resolved known issues to enhance stability and performance.
  • New Features: Improvements and functionalities were added to enrich the user experience.

Summary

We are happy to announce the release of BigFix Insights for Vulnerability Remediation (IVR) 4.0.1 for our customers using Tenable Vulnerability Management (formerly known as Tenable.io)

  • Improved SQL Password Management
  • Enhanced Logging
  • Added additional logging for the --reset switch.
  • Implemented logging for assets missing certain fields to improve diagnostics.
  • Introduced additional logging for Job Automation to enhance traceability.
  • Implemented purging of table data once it reaches its expiration date to maintain optimal database performance.
  • Fixed issue with automation jobs holding and not releasing sockets during connections.
  • The --printconfig flag is now required to generate the appconfig.log file, preventing unintentional disclosure of settings.
  • Engine Resolution changes - Optimized the code to handle concurrency and rate limit scenarios from Tenable.
  • Added enhanced features to the SetUp screen to display existing configurations when adding new ones.

Site versions:

Site Type Name Version
Fixlet Site BigFix Insights for Vulnerability Remediation 26
WebUI Site WebUI IVR 16
WebUI Site WebUI Common 90

IVR4.0.0

Key features:

  • Brand new framework for IVR v.4 that reduce infrastructure requirements (in terms of computational resources, server configuration or time to process the data)
  • BigFix IVR v.4 supports integration with Tenable VM
  • An improved, more reliable and more accurate logic for the correlation between the Tenable findings and the BigFix remediation content, based not only on CVE, but on additional metadata available in the Tenable data flow
  • Optimized identification of the remediation. BigFix will deliver a pre-correlated mapping between Tenable findings and BigFix content, that is maintained and refreshed by BigFix
  • A more accurate, effective and faster device correlation logic, that is based on IDs that guarantee much more reliability on the final correlation results.

The goal of IVR remains the same, to help align Security and Operations teams with intelligent patching prioritization and automated remediation, reduce the time between vulnerability discovery and remediation, and greatly reduce risk by reducing the vulnerable attack surface.

Features and Enhancements

  • Brand new architecture and design for IVR
  • IVR Support of Tenable.vm
  • Reduced infrastructure requirements
  • Improved assets correlation
  • Streamlined deployment
  • Optimized vulnerability to remediation correlation

Resources

Site versions:
Site Type Name Version
Fixlet Site BigFix Insights for Vulnerability Remediation 26
WebUI Site WebUI IVR 16
WebUI Site WebUI Common 90