Winter 2015 Release Notes
- Added Massive Bulk Edit Operations on Vulnerabilities.
- Added Risk Accepted vulnerability state.
- Added False Positive vulnerability state.
- Discovered dates now displayed in the vulnerabilities table in Home.
- Closed dates now displayed in the vulnerabilities table in Home.
- Ability to filter on vulnerable ports in Home.
- Support for Nessus 6.
- New Dashboard Compare tab displays vulnerabilities trending by operating systems and tags.
- API Updates: There were several updates made to our RESTful API. See API doc for changelog.
Q4 2014 Release Notes
- Add Massive Bulk Edit Operations on Assets.
- New OpenVAS Connector.
- New McAfee Vulnerability Manager Connector.
- Display and sort assets by Risk Meter score.
- Add ability to send Fixes via email.
- New Type Ahead searching of asset tags.
- Zero Day Vulnerability flagging of assets.
- Ability to download fixes to csv.
Summer 2014 Release Notes
New Simplified Changelog Format
- Filter vulnerabilities by locator type.
- Add color scales to Risk Meter hover: Hovering over a Risk Meter exposes the green, yellow, red color scale.
- Beyond Security connector: Risk I/O now integrates with BeyondSecurity vulnerability scanner.
- Qualys certificate authentication: Qualys connector now works with Qualys certificate authentication.
- Expose references, CVE’s and assets for each “fix” in Fixes tab.
- Dell CTU threat data now included and correlated with vulnerabilities.
- Threat Trends: Dashboard now includes ThreatTrends pane including successful exploit and attack data across all of our threat sources.
- Qualys WAS connector: Risk I/O Qualys connector now pulls associated Web Application Scan data from Qualys.
- Fine grained scan scheduling: When scheduling Nessus scans through Risk I/O you can specify exact time of scan.
- Individual RM asset scores displayed in asset table: Each asset in asset table includes color coded risk meter score for that asset.
- Filtering of Fixes view: When filtering vulnerabilities or assets, only the Fixes for those vulnerabilities and assets are displayed in Fixes tab.
- Include scanner ID’s in Omniview vulnerability table: ID’s from scanner vulnerabilities can be displayed in Vulnerabilities tab.
- TypeAhead suggestions for tags.
- API Updates: There were several updates made to our RESTful API. See API doc for changelog.
March & April ’14 Release Notes
Dell SecureWorks Integration
Risk I/O now offers full integration with Dell SecureWorks. SecureWorks customers have Single Sign On between the Counter Threat Platform and their Risk I/O instance. All asset information synched in Risk I/O can be imported into the SecureWorks Counter Threat Platform.
Web Application Attack Correlation
Risk I/O now tracks web application attacks from over 50,000 web sites and correlates those attacks with your open vulnerabilities in order to prioritize remediation on those that are under a large volume of attack.
Additional Fields Included in Data Exports
We’ve added additional fields to vulnerability exports. The additional attributes include custom fields, active internet breaches, and easily exploitable vulnerabilities.
We continue to add more functionality to our RESTful API. The latest updates allow for automating your vulnerability management program with file upload and connector run capabilities. The majority of API updates were to the Connectors end point. You can find a list of our API updates here.
January & February ’14 Release Notes
Risk I/O now has the ability to deactivate assets within your account. This allows users to filter these deactivated assets out of their asset and vulnerability views and not include any of these stats within your dashboard metrics. Just like tagging and prioritizing, you can deactivate assets in bulk using our bulk editing menu that appears after selecting multiple assets.
IP Address Range Searching
A common operation requested by our users has been searching assets by IP ranges. With this newly added search syntax you can now look for groups of assets by IP range. The search syntax is specific, for example, to search a range from 192.168.1.1. – 192.168.100.100 use the following search: ip_address_locator:[192.168.1.1 TO 192.168.100.100]
User Interface Redesign
December ’13 Release Notes
For several connectors including Nessus and Qualys, Risk I/O now tracks vulnerable ports. Once a connector run is complete, you can filter your vulnerabilities by vulnerable ports from within the Vulnerabilities tab. This can be helpful in several use cases. One example: If you have multiple web services running on an asset and receive an SSL vulnerability, you can track this vulnerability to the vulnerable service running.
If a vulnerable port is detected, that port will also be added to the asset in the Assets tab as an open port.
Qualys Dynamic Asset Tags
In addition to Qualys Asset groups, Risk I/O will now automatically create new asset tags when a dynamic asset tag is discovered within Qualys. This will allow users to filter and report on these dynamic asset tags within Risk I/O, as well as create Asset Groups and associated Risk Meters for their dashboard.
Nexpose Site Tags
Our Rapid7 Nexpose connector will now automatically tag assets with their Nexpose Site Name as they are synched into Risk I/O. This will allow users to filter and report on these site tags within Risk I/O, as well as create Asset Groups and associated Risk Meters for their dashboard.
October ’13 Release Notes
Risk Meter Dashboard
The Risk Meter dashboard provides an at-a-glance view of security risk across organizational assets. With the new dashboard, you can now save a Risk Meter based on asset groups to view at any time within your dashboard tab. New asset groups are automatically saved to the dashboard for later viewing. You can also create asset groups directly from the dashboard just by clicking on the New Risk Meter button.
The Risk Meter Dashboard provides this view of security risk across any group of assets.
Asset and Vulnerability Groups
Saved search has been modified to allow for the creation of asset and vulnerability groups. These groups can be created through any of the filters, tags, and searches used in the assets and vulnerabilities tab. All Asset Groups are automatically saved to the Risk Meter Dashboard as noted above.
To save an Asset or Vulnerability group just perform a filter or search against your assets or vulnerabilities and then click Save. You will be prompted to name the asset or vulnerability group. You can then view the group at any time with the link provided in the upper right of the sidebar.
Filter Assets by Connector
You can now filter your assets by connectors. This can be used to quickly tag all assets coming in from a given connector or creating asset groups by connector. You’ll find the connector filter in the sidebar of the Assets tab.
Qualys Tag Importing
In addition to Qualys asset groups, Risk I/O now automatically imports Qualys asset tags and tags those same assets. This allows for greater continuity between your Risk I/O and Qualys asset structure. This update does not yet include Qualys dynamic tags which will be added in a later release.
More API Improvements
We continue to make enhancements to the API. Some of the recent improvement include a partner API for managing client accounts and SSO integration. For a full least of API features and changes please see our API documentation: https://api.risk.io.
September ’13 Release Notes
The Risk Meter is an asset-based measure of the security risk a group of assets poses to an organization. Our proprietary algorithm is based on the following signals:
- Adjusted CVSS: We adjust the scores with an algorithm which ensures that CVSS is a better indicator of the probability of a breach.
- Exploit Analytics: Does a vulnerability have known exploits or breaches and are they being observed in the wild? Is this vulnerability a popular target?
- Asset Priority: How critical is the asset to your infrastructure? You can modify this priority in bulk or individually.
The Risk Meter will give you an at-a-glance look at your risk across a select group of assets. As you filter your assets your Risk Meter score is dynamically updated. To view the Risk Meter just navigate to the Assets tab.
Dynamic Patch Reports
As part of the launch of the Risk Meter, we now have a dynamically updated patch report to match each Risk Meter. As you filter or search against your assets, the Risk Meter score will update to reflect those assets and the patch report will include the patches and advisories related to the assets within the current view. The patch report itself is sorted in order of risk reduction prioritizing the patches that will have the greatest effect on your environment.
You can view the new dynamic patch reports within the Assets tab located directly under the Risk Meter.
More API Improvements
We continue to make enhancements to the API. Some of the recent improvement include primary_locator’s to asset responses, asset id’s to vulnerability responses, definition data to vulnerability responses and much more. For a full least of API features and changes please see: https://api.risk.io.
Qualys Asset Tag Import
In addition to Qualys asset groups, we now automatically import Qualys asset tags and tag your new assets with those tags. This allows users to maintain a structure they have established within Qualys and then expand on it with additional tags and meta data. The QualysGuard connector will automatically pull in these tags with your new assets.
August ’13 Release Notes
Nessus API Connector – Command & Control
We added a connector for Tenable Nessus that takes advantage of the Nessus API. This connector is in addition to both our Nessus XML connector and the Security Center connector.
With this newest connector Risk I/O users can schedule the importing of vulnerabilities and assets on a daily, weekly or monthly basis. Our Nessus users can also schedule and kick off scans with their Nessus scanner directly from Risk I/O. By combining this new functionality with our virtual tunnel, you can ensure all of your on-premise scan reports are loaded automatically into your instance of Risk I/O.
New Asset Filtering & Searching
New facets have been added to the Assets tab. You can now filter your assets by Service Names, Open Ports, Service Protocols, Service Products, Connector Names, and Connector Types.
We recently wrote a blog post on some examples of using the service and port filtering in combination with nmap scans. Check it out and let us know what you think.
We received a lot of requests from our users in expanding our role-based access controls to allow for multiple tags to be assigned to a role. Well you asked and we delivered.
With multi-tag roles, you can take advantage of existing structure setup in your scanners to grant access to specific assets as they show up in Risk I/O to only those who need it. This gives our users the ability slice up their reporting and dashboards by many tags while still managing a smaller amount of roles by grouping tags within them.
Qualys EU Platform Support
Our Qualys connector integration has been extended to support the Qualys EU platform. The connector works just as before but now gives you the option to authenticate to both the US and EU Qualys platforms.
In addition to several performance improvements made to our API we have also added new data such as returning all tags associated with an asset when pulling asset data via the API. You can find more details about these changes and all of our API functionality at api.risk.io.
Expanded Virtual Tunnel Capabilities
We expanded the connectors our Virtual Tunnel works with to include the new Nessus API connector, the Nexpose API connector, the Jira connector, and the Qualys connector.
Our virtual tunnel is a virtual appliance that allows for connectivity between your Risk I/O instance and your on premise tools.