SNow App 1.2.0, Custom File Schema upgrade, and more asset group restrictions incoming.
Welcome to the Nucleus Product Update 3.7. This product update comes just in time for the start of the 2023 US Open Tennis Championships. Serving a few aces, this edition continues to rack up the work we’re doing to introduce new features and product capabilities that improve your Nucleus platform experience and vulnerability management outcomes.
Key highlights from this update include:
- ServiceNow App update to further strengthen our ticketing integration
- Performance upgrades to Custom File Schema ingestion
We’ve also included a preview of the enhancements coming for AGAC. Oh yea!
Get the details for all updates below.
Have questions or want to know more about anything you see here? Our team is happy to help. Just reach out to our crew at support@nucleussec.com for further assistance. Happy reading!
ServiceNow App v 1.2 strengthens our ticketing integration
Our integration with ServiceNow ITSM just improved: We’re excited to announce the release of version 1.2.0 of our ServiceNow App!
Highlights include a new “Manage Projects” menu in the ServiceNow App, which allows customers to integrate and easily configure mapping for each action in each project. It also includes an automated test suite that will check that everything is working per the permissions, which reduces the time to integrate substantially and can get you up and running with the app in minutes.
Additionally, this menu has a configurable selection of your preferred ticketing structure for incidents from Nucleus. Select from single tickets per unique vulnerability or a parent/child configuration that maps parent tickets at the unique vuln level to child tickets for each vuln instance.
These changes will ensure a smoother and more functional integration between Nucleus and ServiceNow, which is much faster to configure and test. We hope the result will be a better experience for our customers’ vulnerability remediation teams and, ultimately, more remediated vulnerabilities.
View our change log for a complete list of our updates in v 1.2.0, or view our listing on the ServiceNow store.
Performance upgrades to Custom File Schema ingestion
One of our most popular and most-beloved product features is the ability for customers to upload any data they want onto the platform using our Custom File Schema. The flexibility provided by this capability means that Nucleus customers are never blocked by our lack of a native connector with any of their favorite security tools, even as we continue to add to our roster of integrations with these. Our Custom File Schema is a workhorse that our customers have used for years, and we’ve incorporated many lessons learned in building file ingestion into the product over that time.
We are pleased to share that we’ve made some low-level changes to this functionality to improve the speed of these file ingestions. Best of all, no changes are required by customers to enjoy the benefits of these enhancements. Stay tuned for additional improvements in the coming months!
Upcoming Release Spotlight:
Enterprise Scale Asset Group Restrictions
We are greatly enhancing Asset Group Access Control (AGAC) functionality in the coming quarter. Once released, Org Admins can restrict their users’ asset group access in the context of SSO Team Mapping in Nucleus. With this upcoming release, Org Admins can create teams within Nucleus, map an SSO object to that team, and restrict that team’s access to specified asset groups. Currently, only a single user’s access can be restricted, which can be cumbersome for sprawling enterprises with tons and tons of users. We will also give the “Add Team” modal a facelift to better accommodate these changes.
This release will be available in closed beta by the end of the quarter. Please get in touch with Nucleus Support if you want to be added to the beta program or would like to learn more.
Your personal invite to our upcoming webinar
On Augusts 30th at 2 pm ET, join Patrick Garrity, Security Researcher at Nucleus Security, as he sits down with Stephen Shaffer, Staff Security Automation Engineer at Peloton Interactive, Jonathan Spring, Cybersecurity Specialist at CISA, and Chris Madden, Sr Principal Technical Security Engineer at Yahoo, to talk about the benefits of using SSVC Decision Trees to automate your vulnerability triage process, and also share real-world examples of how to build out a decision criteria that will address critical vulnerabilities first.
The session will include topics such as an overview of SSVC, the benefits of using SSVC, and how to gain organizational alignment on risk priorities. You can register here.
Click here to expand our full Release Notes
You can access the Nucleus change log to view the complete, unedited version of release updates posted each week. Select the subscribe to the RSS feed option on this page if you would like to receive weekly change log updates. This new Nucleus Product Update is intended to fully summarize and outline those weekly changes for you, with more details, each month. The product updates include all the following features and improvements:
New Features
- Added the ability to assign external Jira cases dynamically by assignee, using a dynamic value in the assignee field. This is in beta for Jira only. Please contact Nucleus Support if you are interested in having this enabled for your org.
Product Improvements (Performance, Experience, & Functionality)
- Added “total mitigated,” “total manual,” and “total open” data to the response of the GET projects/{project id}/findings/mitigated API endpoint.
- Improved performance of Nucleus custom file schema ingestion.
Integration Improvements
All:
- Improved the Ticketing automation experience by making system entries in the external system drop down more detailed.
Carbon Black:
- Improved the Carbon Black connector by allowing larger download limits.
- Sped up ingestion of the Carbon Black connector by more efficiently updating finding statuses.
Defender:
- Added retries in Microsoft Defender for certain network errors, like failure to connect.
Dependabot:
- Sped up ingestion of Dependabot connector by more efficiently updating finding statuses.
HackerOne:
- Added a setting to append HackerOne’s report unique id to the finding name. Contact support for enablement.
InsightVM:
- Improved the InsightVM connector by speeding up ingestion, especially for large data sets.
Prisma Cloud:
- Added support for the Prisma Cloud (self-hosted) connector to work with auditor service accounts that are restricted by projects and/or collections.
ServiceNow:
- Improved the ServiceNow App connector by providing more meaningful errors during setup.
Tenable:
- Standardized the naming convention of Tenable WAS imports to be consistent across both scheduler and automation engines.
Reporting Improvements
- Improved the Vulnerability Details xlsx report by increasing download speed, especially for large data sets.
Bug Fixes
- Fixed an issue where using host name as criteria in asset processing automation failed to run in certain scenarios.
- Fixed an issue in Qualys where previously manually mitigated findings were incorrectly marked as “potential” upon scan ingestion.
- Fixed an issue where vuln details xlsx report was not generating as expected in limited scenarios where a unique finding was not unique enough across multiple sources.
- Fixed an issue with ServiceNow asset ingestion where EMAC addresses were not being ingested correctly.
- Fixed an issue where empty CSV files were attached to tickets in cases where assets were deactivated and later reactivated.
- Fixed a few issues with SNYK:
- SNYK orgs and targets were not being removed from Nucleus.
- We were still ingesting results from inactive SNYK projects.
- Fixed an issue where assigning asset groups dynamically using {{asset.business_owner}} was not assigning as expected.
- Fixed an issue in Crowdstrike where we were not downloading all data from APIs for exceptionally large environments.
- Fixed an issue where ingesting Veracode sandbox scans included non-descript scan names.
- Fixed an issue where using certain Mandiant filters to generate a Vuln Details xlsx report for large data sets resulted in an error.
- Fixed filtering in the Active Vulnerabilities and Resolved pages by ensuring that applied filters pull through to the instance details view.
- Fixed an issue where a specific combination of filters on the active vulnerabilities page was incorrectly populating the quick filters at the top of the page.
- Fixed an issue where the mitigated count on the resolved page was incorrect when using a combination of asset groups and team filters.
- Fixed an issue where the last seen dates were not consistent between the active vulnerabilities grid and the instance details view.
- Fixed an issue when creating a Jira ticket where text with lengthy values were not wrapping properly.
- Fixed an issue where the Crowdstrike last import date was incorrectly showing as “never” in certain cases.
- Fixed an issue where the teams filter applied on the active vulnerabilities page was not applied when creating a report.
- Fixed an issue where finding descriptions were not rendered correctly, nor consistently between the interface and API when certain HTML tags were included as part of the description.
- Fixed an issue where duplicate entries of finding instances in the CSV attached to ServiceNow tickets were included.