Nucleus Product Update 3.4

Faster Snyk imports, improved reporting and ownership, easier automation configurations, and powerful UX additions.

Welcome to the Nucleus Product Update 3.4! If April brings showers, which month brings flowers? If you haven’t guessed the answer already, it’s May, the month we thank mothers, teachers, and fallen heroes. 💙🙏  

This month we’re in full bloom after the work we’ve completed to further simplify and streamline your vulnerability-related tasks. 

Key highlights from this update include:  

  • Improved reporting with new report filters for speedy team oversight 
  • Container base image analysis for better workflow management 
  • Flexible ingestion for Snyk connector users with new Import by Org option 
  • Better user experience with enhanced vulnerability filters 
  • Easier automation configurations with powerful Finding Processing addition 

We’re also including a release sneak peek and a special invite to an insightful webinar we’re hosting later this month. Check out all the details below. 

Have questions or want to know more about anything you see here? Our team is happy to help. Just reach out to our crew at support@nucleussec.com for further assistance. Happy reading!

 

Improved reporting with new report filters for speedy team oversight

New Custom Report Options in Nucleus
New Custom Report Options in Nucleus

Nucleus customers can now get data for a subset of multiple teams in one report. This new advanced filtering function, accessible within your Custom Report Options, can be applied when creating a vulnerability details report. Completed reports appear in the Reports List view. With a newly added “teams” column, managers of multiple teams within our largest organizations can now get one report with all the data they need, and only the data they need, rather than having to pull all or only that of a single team. This helps them quickly see how each team is doing within one report  

Container base image analysis for better workflow management

Container Base Image Analysis in Nucleus
Container Base Image Analysis in Nucleus

The new base container image analysis allows Nucleus customers to quickly detect and view relationships between container images to determine whether a vulnerability was introduced on the base image or another image. This new feature enables teams to rapidly and effectively establish vulnerability ownership while clarifying the solution for the assigned remediation team. It also helps ensure teams report only on the vulnerabilities they can affect. This initial release is available for users of Prisma Cloud, with others being added in the future. 

Flexible ingestion for Snyk connector users with new Import by Org option 

Snyk Import by Org in Nucleus
Snyk Import by Org in Nucleus

The new Snyk Import by Org function enables large organizations to ingest multiple projects contained within an org when importing data into Nucleus from Snyk. This new function is designed for Nucleus customers with too many projects to select individually or too many orgs to import all at ingest. This marks a significant improvement in the ease of configuring Snyk scan imports for our largest customers and a big step forward in our continual efforts to improve your experience with connectors.   

Better user experience with enhanced vulnerability filters 

Vulnerability-Instance Filtered Experience in Nucleus
Vulnerability-Instance Filtered Experience in Nucleus

This much-anticipated update ensures that vulnerability filters applied to the Active Vulnerabilities, Assigned to Me, Assigned to My Team, and Resolved pages extend to the instances tab when viewing vulnerability details in Nucleus. Previously, filters in these experiences were often limited to the unique vulnerability level, making drilling down to instance-specific information challenging for assigned users and teams. This enhanced vulnerability filtering functionality provides users a more consistent and personalized experience throughout our platform and a much smoother process when diving into vulnerability details. It also makes it easier and faster to get to the heart of questions like “What do I need to fix and how,” so users can spend more time fixing vulnerabilities and less time configuring filters. 

Easier automation configurations with powerful Finding Processing addition 

Multiple CVE Selection Option in Nucleus
Multiple CVE Selection Option in Nucleus

Nucleus customers can now enter multiple CVEs in finding processing automation. Previously, customers were only able to enter one. With this addition, we’ve reduced the number of rules needed to manage vulnerabilities at any given time and allowed our customers to filter by multiple CVEs on the Active Vulnerabilities page at both the project and global levels. As a result, customers will now encounter an easier experience when configuring automation and a faster turnaround when analyzing vulnerability data. This critical update supports our ongoing mission to automate as much of the vulnerability management process as possible and to protect our customers against breaches. 


Upcoming Release Spotlight

Yep. We’re doing it again. Telling you about something before it’s here! That’s our second time doing it, and we like it. 

Don't Post The New Releases

As you might recall, we released Asset Group Access Control (AGAC) V1 to customers in March 2023, enabling the feature by request only. It complements our existing role-based access control (RBAC) in the Nucleus platform and allows administrators to assign specific asset groups to users. Any Nucleus customers who opted-in can now restrict user access to only specific asset and vulnerability data within projects. We also introduced a new role type, Asset Group Restricted User, and an update to how we handle asset grouping that allows us to keep asset groups up-to-date dynamically based on the conditions of automation rules that populate those asset groups. Combined, AGAC V1 and our new role type fulfill a critical need for our customers to safeguard access to their sensitive data and streamline their mitigation teams’ experience. 

We’re thrilled to share that our next AGAC release is targeted for the end of June. At release, we will automatically enable all features from the limited March release to every customer. Opt-ins will no longer be necessary as all features will become immediately available to Nucleus customers. The most notable change will be the way we handle asset grouping. If the criteria for placing assets into a group are no longer valid, those assets will be removed. Previously, assets remained permanently within groups they were assigned to in Nucleus, unless manually removed. Keeping asset groups up to date will be much easier, as those groups will update dynamically based on the conditions of automation rules that populate them.   

For more information, please get in touch with your Nucleus Account Manager or Nucleus Support at support@nucleussec.com. You can also find information in this help article. 


Your special invitation to our upcoming webinar 

We’re stoked to invite you to our upcoming webinar featuring Nucleus co-founders Stephen Carter (CEO) and Scott Kuffer (COO), alongside David Hazar, SANS Institute Certified Instructor and Co-Founder & CISO at Next Level3, on Wednesday, May 24. In this webinar, we’ll explore fundamental issues within vulnerability management and effective ways to address vulnerabilities before they become high-priority risks. Gain valuable insights on managing technology, root cause analysis, prioritization, and exception management from industry experts. Register here to attend the webinar live or catch it on-demand afterward.

rom Reactive to Proactive: Addressing Fundamental Issues of Vulnerability Management

Click here to expand our full Release Notes

You can access the Nucleus change log to view the complete, unedited version of release updates posted each week. Select the subscribe to the RSS feed option on this page if you would like to receive weekly change log updates. This new Nucleus Product Update is intended to fully summarize and outline those weekly changes for you, with more details, each month. The product updates include all the following features and improvements: 

Product Improvements (Performance, Experience, & Functionality) 

  • Enhanced vulnerability filters in the Active Vulns page, Assigned to Me page, Assigned to My Team page, and Resolved page to extend to the vulnerability instances. 
  • Added a “last found” column in the vulnerability details grid for Tenable.io findings to denote when the finding was last found by the scanner. 
  • Enhanced the “CVE” condition in Finding Processing automation to support multiple CVEs. 
  • Sped up Asset Processing rules during scan ingestion in situations where customers have many small scans being ingested. 
  • Added new date option values when filtering by discovered date. 
  • Improved Asset Processing automation by speeding up rules that add assets to groups. 
  • Added indications in the UI to denote container findings that have an associated base image for users of Prisma Cloud. 
  • Added a Base Image field in the Asset properties section of the Asset Management page. 
  • Added an Image column in the vulnerabilities tab of the Asset Mangement page to identify if the image has a base image. 

Reporting Improvements 

  • Added the ability to filter by multiple teams when using advanced filters to create a vulnerability details XLS report in the Reports List view. Additionally, added a “Teams” column to the report.  

Integration Improvements    

AWS S3: 

  • Added net new finding instances for findings that had already been discovered to the S3 delta file upload.  

Checkmarx: 

  • Added additional metadata for the Checkmarx connector.  

Jira: 

  • Added all asset information as new columns in the attached CSV to Jira tickets. 

Prisma Cloud: 

  • Improved the Prisma Cloud connector to include additional cloud metadata used for better host matching.  

Qualys: 

  • Introduced a fail-safe into the Qualys connector to ensure that existing Nucleus generated VM reports are deleted before a new report is requested to prevent exceeding memory in customer Qualys instances.  

Snyk: 

  • Updated the API endpoints used for ingestion on the Snyk connector to their latest version. 
  • Added the ability to import by Org in the Snyk connector to more easily ingest multiple projects within an organization. 

Tenable: 

  • Improved Tenable WAS connector by making it easier to see the scan name and target URL in the Select Web Applications tab.   

Bug Fixes 

  • Fixed an issue in the /projects/{project_id}/assets/{asset_id}/findings endpoint where the Cisa Vuln Name was not included in the response body. 
  • Fixed an issue with ServiceNow CMDB where creating an asset sync rule in certain scenarios resulted in an error. 
  • Fixed an issue where a CSV of affected hosts was not included for the ServiceNow ITSM app connector. 
  • Fixed an issue in the Jira connector where certain fields were rendering as text inputs as opposed to a menu selection.  
  • Fixed an issue in the Carbon Black connector where unique findings didn’t always have a unique finding name.  
  • Fixed an issue with Scan Nipper where certain findings that marked as “potential” were not ingesting as expected.  
  • Fixed an issue where scheduled ingest times for Tenable.io scans were incrementing forward in time.  
  • Fixed an issue in the Qualys connector where we tried to delete reports which were already deleted. 
  • Fixed an issue where specific Veracode statuses were not mapped to the correct resolved status in Nucleus.   
  • Fixed an issue where filtering by “Assigned Team” at the global dashboard level was not yielding expected counts.  
  • Fixed an issue where the count between the compliance findings grid and instance grid did not match up.  
  • Fixed an issue where the tickets tab on the vulnerability details instances view did not appear.  
  • Fixed an issue where the vulnerability export was not considering asset filters specified in the interface.  
  • Fixed an issue with ticketing automation where rules with multiple vulnerability criteria stopped processing in very limited scenarios.  
  • Fixed an issue where Jira tickets were incorrectly closed in limited scenarios.  
  • Fixed an issue where the Tickets page was timing out or taking longer than normal to load in certain scenarios. 
  • Fixed an issue in the PUT projects/{project_id}/automation/ticketing/{rule_id} where updating ticketing rules via the PUT projects/{project_id}/automation/ticketing/{rule_id} endpoint resulted in an error. 
  • Fixed an issue in the PUT projects/{project_id}/automation/ticketing/{rule_id} to adjust the endpoint to return an error if an invalid input is supplied.  
  • Fixed an issue where calling the trends API endpoint with asset group parameters resulted in an error in certain scenarios. 
  • Fixed an issue with filtering in the asset management page where the applied filter was not maintained when navigating back to the asset management page from the Asset Details view.   
  • Fixed an issue with displayed counts in the interface where the number in the instance view did not match the number displayed at the unique level on the active vulns page.


Click here to review past Nucleus product updates.