Accelerate vulnerability response. Find out how at RSAC 2024, May 6-9. Meet With Us →

WATCH DEMO

Nucleus Product Update 3.1

Nucleus Security > Product > Product Updates > Nucleus Product Update 3.1
Nucleus Product Update 3.1

Metadata additions and performance improvements for Tenable, Rapid7, Prisma Cloud, and several more.

Welcome to the Nucleus Product Update 3.1. The Nucleus vulnerability management platform keeps getting better! With 2023 off to a great start, we’re excited to share several changes to improve your experience with Nucleus, including multiple metadata additions and connector performance improvements. We started the first month of the year running at high speed, managing to roll out numerous changes for several of our most popular connectors within the same month. This product update includes the following: 

  • A major Tenable.io rework to improve functionality, asset handling, and ingest speeds 
  • Additional metadata for Snyk, Prisma Cloud, and Invicti/Netsparker 
  • Several Rapid7 performance improvements to align with recent API changes 

Check out all the details for these updates below. 

Have questions or want to know more about anything you see here? Our team is happy to help. Just reach out to our crew at support@nucleussec.com for further assistance. Happy reading!

Tenable.io connector gets a major rework 

Additional Tenable.io metadata

Say hello to an all-new Tenable.io experience within Nucleus. As part of this significant rework, we introduced a new host asset matching algorithm which will result in better tracking of dynamic asset changes over time and more reliable asset matching across cloud environments. We also increased the speed of scan file downloads and ingests and added additional metadata on assets for asset management, automation, and reporting use cases. Additionally, asset metadata is now populated on ingest instead of separate scheduled ingests specifically for assets. This major Tenable.io connector update, released this past month, significantly improves its functionality, performance, and available metadata moving forward. 

More metadata for Synk, Prisma Cloud, Invicti/Netsparker 

Prisma Cloud Additional Metadata
Snyk Additional Metadata
Invicti/Netsparker Additional Metadata
Invicti/Netsparker Additional Metadata

Improved speed and reliability continue to be a big focus for our team. At the same time, bringing more metadata to Nucleus is a priority to support more automation. As part of those efforts, we made multiple metadata additions and enhancements over the past month. For the Snyk connector, we added additional metadata around projects and targets by organization ID. We rewrote the Prisma Cloud connector to implement faster downloads and ingests of scans, and improved the reliability and volume of additional metadata available. We added Invicti/Netsparker tags as additional metadata, supporting more automation. Ongoing connector improvements allow us to make continual progress towards significantly improving your speed, efficiency, and outcomes when using Nucleus. 

Rapid7 updates to align with recent API changes 

New Select Site Scan option when ingesting Rapid7 scans

Over this past month, we applied several changes to the Rapid7 connector to improve overall performance and introduce more opportunities for automation. We updated ingests to align with changes made to the Rapid7 API and added the ability to select specific site scans when ingesting. We also added the ability to ingest additional operating system details, now available as additional metadata supporting further automation. Additionally, the Rapid7 InsightVM connector now stores and performs asset matching using AWS EC2 metadata, including automatically removing connector-generated reports. All these changes and additions significantly improve your available Rapid7 data in Nucleus, making it even more reliable and valuable for your teams. 

Click here to expand our full Release Notes

You can access the Nucleus change log to view the complete, unedited version of release updates posted each week. Select the subscribe to the RSS feed option on this page if you would like to receive weekly change log updates. This new Nucleus Product Update is intended to fully summarize and outline those weekly changes for you, with more details, each month. The product updates include all the following features and improvements: 

Product Improvements (Performance, Experience, & Functionality) 

  • Added Invicti/Netsparker tags as additional metadata, which can now be used in automation.  
  • Improved speed of the Active Vulnerabilities details page. 
  • Updated API documentation for PUT asset endpoint to include all supported fields. 
  • Added the asset id in the response for the following endpoint: GET /projects/{project id}/findings/details/{finding number}   
  • Improved the worker queue so that jobs run more quickly 
  • Added the ability to add comments to findings via the PUT projects/{project_id}/findings API endpoint. 
  • Improved scan ingestion for some connectors to allow for downloading of scan files whilst other files are being ingested into the project. 

Reporting Improvements 

  • Added source column to the asset management export.    

Integration Improvements 

Checkmarx: 

  • Improved the Checkmarx scan file download job to handle situations where Checkmarx’s report generation silently failed and never returned a report. 

Invicti/Netsparker: 

  • Updated the Invicti/Netsparker connector to ingest data from Acunetix 360 after their headers changed.   

Prisma Cloud: 

  • Sped up ingestion for the Prisma Cloud Connector. 
  • The Prisma Cloud connector has been rewritten to implement faster downloading and ingestion of scans and improve the reliability of additional metadata. This improvement also adds significantly more metadata. 

Qualys: 

  • Updated the Qualys connector to ignore queued scans when auto importing.   

Rapid7 

  • Updated Rapid7 ingestion to align with changes made to their API. 
  • Added the ability to select specific site scans when ingesting from Rapid7. 
  • Added the ability to ingest additional operating system details from Rapid 7, which is also available as additional metadata 
  • The Rapid7 InsightVM connector now stores and performs asset matching using AWS EC2 metadata. This change also includes removing connector generated reports automatically. 

ServiceNow: 

  • Improved speed of the asset sync in the ServiceNow connector. 

Snyk: 

  • Added additional metadata in the SNYK Connector around projects and targets by organization ID. 

Tenable.io: 

  • Major Tenable.IO rework for upgraded functionality, better performance, and additional metadata.  
  • Upgraded functionality: Added better tracking of dynamic assets over time and more reliable asset matching across cloud environments.  
  • Better performance: Significant speed up for scan file downloads and ingestion.  
  • Additional metadata: Added more asset metadata from Tenable.io, now available in asset management and automation. We have made performance improvements to the way that asset metadata is ingested for Tenable.io as well. 

Bug Fixes 

  • Fixed an issue where finding processing rules could not run manually if finding criteria was set to “both” or “compliance.”  
  • Fixed an issue where tags in the interface were not spaced correctly.    
  • Fixed an issue with Acunetix failing to ingest in certain scenarios.  
  • Fixed an issue with false booleans not displaying in the finding reference field. 
  • Fixed an issue where InsightVM was not ingesting new scans. 
  • Fixed an issue where hyphens in metadata did not allow rules to execute. 
  • Fixed an issue where vulnerabilities in an active state were showing in the resolved page in certain edge cases.  
  • Fixed an issue where the Executive Group Comparison report was not saving.  
  • Fixed an issue where unrelated assets were being combined.  
  • Fixed an issue where scheduled reports were losing saved filters after being edited.  
  • Fixed an issue where .bmp files were not uploading correctly in the evidence section.  
  • Updated the GET assets API endpoints to return an empty array if the asset_info is empty, to better align with API documentation 
  • Fixed an issue where the Doesn’t Contain filter in the Asset Management page was not showing assets with no source.  
  • Fixed an issue in the Crowdstrike connector where we were not ingesting additional metadata. 
  • Fixed an issue where ServiceNow asset ingestion failed in limited scenarios. 
  • Fixed an issue where asset group tags were showing as blank in the Asset Management page in certain scenarios. 
  • Fixed an issue in asset processing automation where certain rules had the ability to run out of order in certain cases.  
  • Fixed an issue where mitigated asset note findings were remaining in a mitigated state even though they were active in subsequent scans.  
  • Fixed an issue where ingesting a json scan file with container image data was adding certain container image attributes to unrelated container image data in subsequent scan files.  
  • Fixed an issue where some scheduled Nessus Pro jobs were failing to ingest new scans. 


Click here to review past Nucleus product updates.

Tags: