Accelerate vulnerability response. Find out how at RSAC 2024, May 6-9. Meet With Us →

WATCH DEMO

Nucleus Product Update 3.8

Nucleus Security > Product > Product Updates > Nucleus Product Update 3.8
Nucleus Product Update 3.8

Better team and finding management, plus a Bulk Data Export release preview!

Welcome to the Nucleus Product Update 3.8. It’s September, the official starting month of Oktoberfest and fall. There’s so much to love about the good times, autumn colors, and first peeks of the incoming holiday season you’ll experience starting this month. There’s also a lot to love about this month’s product updates, like the love so many feel for the now cooler temperatures (finally).

Nucleus Product Update 3.8

As we continue to introduce new features and product capabilities that improve your Nucleus platform experience and vulnerability management outcomes, here are a few we were able to deliver this past month: 

  • Add/Update Findings via Bulk APIs for better finding management  
  • Improved user experience with a redesigned Team Management interface  

We’ve also included a release preview for our upcoming Bulk Data Export release, in addition to an invite to this week’s webinar. 

Get the details for all updates below.  

Have questions or want to know more about anything you see here? Our team is happy to help. Just reach out to our crew at support@nucleussec.com for further assistance. Happy reading!

Add/Update Findings via Bulk APIs for better finding management 

Project Findings view in Nucleus

We have added new bulk API endpoints so that you can modify findings and add custom findings to scans in bulk. We understand this has been key functionality in the interface, so we are excited to extend this functionality to the API, where users can perform these actions programmatically.  

Enhanced Teams Management Interface 

New Teams Management Interface in Nucleus

The interface for managing teams within Nucleus is redesigned. The new interface allows you to create and manage project and global teams more easily. We released the team experience redesign in anticipation of designating asset group access control for teams, which will be available in beta very shortly.

Upcoming Release Spotlight:
Bulk Data Export API

Design Preview of Bulk Data Export menu

We’re happy to provide a sneak preview of our bulk data export functionality, tentatively scheduled for a beta release in October.   

Today, Nucleus customers can access their data with our AWS S3 file upload connector. They can use this data to power reports or dashboards and get easy access to all critical information about their VM program. With the new bulk data export API, customers can access the same information directly from Nucleus without the added cost and friction of establishing and maintaining an S3 bucket. With a few simple clicks in the console, Nucleus will begin uploading files as specified, and customers can view the upload status and download the files directly via an easy-to-use API interface. This way, the bulk data export API makes customer data more accessible. Please get in touch with Nucleus Support or your account representative to sign up for the beta release. 

You’re invited to this week’s webinar

A Deep Dive into the Exploit Prediction Scoring System (EPSS)
On this upcoming Wednesday, September 27th at 2 PM ET, our panelists of cybersecurity experts including Patrick Garrity (Security Researcher at Nucleus Security), Jay Jacobs (Co-Chair of First EPSS SIG and Chief Data Scientist at Cyentia), Yotam Perkal (Director, Vulnerability Research at Rezilion), and Sam Moore (Senior Cyber Security Engineer at a large Telecommunications organization), will dive into the benefits of using the Exploit Prediction Scoring System (EPSS) as a threat intelligence source for vulnerability prioritization. It’s a value-filled session covering topics such as the benefits of using EPSS, how to use EPSS, and an overview of EPSS. You can register here. 

Click here to expand our full Release Notes

Click here to expand our full Release Notes

You can access the Nucleus change log to view the complete, unedited version of release updates posted each week. Select the subscribe to the RSS feed option on this page if you would like to receive weekly change log updates. This new Nucleus Product Update is intended to fully summarize and outline those weekly changes for you, with more details, each month. The product updates include all the following features and improvements: 

Product Improvements (Performance, Experience, & Functionality) 

  • Added an option to remove vulnerability severity from ticket titles. Please contact Nucleus Support for enablement. 
  • Added the ability to update findings via new bulk API endpoints:  
  • PUT /projects/{project_id}/findings/bulk 
  • POST /projects/{project_id}/findings/bulk   
  • Added the ability to set secondary app names for application type assets for Nucleus custom scan ingestion. 
  • Updated the GET /projects/{project_id}/assets endpoint to include asset_base_risk_score in the response.  
  • Updated the Finding Instances interface to include a path/package column when ingesting from Snyk.   
  • AddedPort” and “Output field” as additional criteria in finding processing automation. Using output as criteria will include up to the first 1000 characters in a findings output field. Contact support for enablement 

Integration Improvements    

Carbon Black: 

  • Sped up Carbon Black ingestion.      

Defender: 

  • Improved the Microsoft Defender connector by adding retries when Microsoft Defender fails to respond. 

InsightVM: 

  • Increased timeout for InsightVM report generation. 

Netsparker: 

  • Added the ability to include custom headers in the Netsparker connector set up. Please contact Nucleus Support for enablement. 

Prisma Cloud: 

  • Improved the Prisma connector experience by removing the legacy ingest by project method.   

Qualys: 

  • Added CVSS V3 scores from Qualys scans when available. 
  • Increased ingestion speeds for Qualys CSV scans for very large files. 

ServiceNow: 

  • Added the ability for the ServiceNow App to use Business Owner, Business Owner Team, and Support Team when creating tickets in ServiceNow.   
  • Updated the ServiceNow App connector to send Assigned Team data from Nucleus to the ServiceNow App so that tickets can be grouped accordingly.  
  • Updated the ServiceNow App version to 1.2.0. Updates include:   
  • Visibility into each Nucleus Project connected to the ServiceNow instance. 
  • Configure Single v. Parent/Child ticketing structure on a Project level. 
  • Verify configuration mapping and permissions are valid for each Project. 
  • Default field mappings updated. 
  • Commenting now mapped to work_notes field for all ticket types by default. Additionally, commenting bug for tickets  has been fixed. 
  • All child incidents are now returned in subsequent requests and not just the parent.  

Sonatype: 

  • Improved the Sonatype connector by including constraints as available data in finding references. This can be seen in the Instance Details view. 

Tenable: 

  • Added retries to Tenableio connector in certain gateway timeout scenarios.  
  • Added nessus.last-scan-name as additional metadata upon Nessus ingestion.  

Veracode: 

  • Improved the Veracode connector by including additional metadata when ingesting sandbox scans. 
  • Updated ticketing for Veracode Sandbox findings so that the sandbox name appears in the ticket description and attached CSV. 

Reporting Improvements 

  • Improved the top-level metrics in the average vulnerability lifetime widgets on the trends page to be total averages of the project, rather than averages by severity. 
  • Updated the PCI Technical reports to use CVSS V3.1 when available and updated the format of the report in certain sections, like alphabetizing Part 3c. 
  • Sped up report generation for environments with especially large data sets. 

Bug Fixes 

  • Fixed an issue in the Dependabot connector where previously inactive assets were reactivated upon reingestion.  
  • Fixed an issue with the AWS Security Hub connector where placeholder findings were incorrectly added to empty assets.  
  • Fixed an issue where adding an asset filter on the active vulnerabilities page caused the asset count in the table to include mitigated findings in certain cases. 
  • Fixed an issue in Finding Processing Automation where dynamically assigning to a team was not mapping as expected.  
  • Fixed an issue where certain characters, like apostrophes and ampersands were not displayed as expected in the asset name on the asset management page.    
  • Fixed an issue when searching for certain filters to apply on the asset management page resulted in incorrect filters being applied due to overzealous auto-completion.  
  • Fixed an issue where the app automatically refreshed, even after logging out, resulting in users automatically getting logged back in.  
  • Fixed an issue where the Executive Group Summary report could not be scheduled via the Scheduled Reports page.  
  • Fixed an issue where ServiceNow tickets could not be created in certain instances where findings contained special characters. 
  • Fixed an issue in the ServiceNow App connector where creating tickets without a ticket title resulted in an error. 
  • Fixed an issue where the instance count on the Top High Risk Vulnerabilities widget on the project dashboard was incorrect.  
  • Fixed an issue in the Crowdstrike connector where the last seen date was incorrect.       
  • Fixed an issue where the instance URL search in the vulnerability details view did not return expected results based on text input. 
  • Fixed an issue where applying “Mandiant Risk Rating does not exist” as criteria in Finding Processing automation was not including findings with unrated values.  
  • Fixed an issue where ingestion for Prisma Cloud Images returned inconsistent data.  
  • Fixed an issue where applying certain asset filters on the Resolved Vulnerabilities page resulted in slow loading times.  
  • Fixed an issue where updating the solution and description fields of a finding did not reflect in the Vulnerability Details XLSX export.  
  • Fixed an issue where multiple jobs could be created for the same ingest type and scan. 
  • Fixed an issue where roles associated with deprecated projects could not be deleted. 
  • Fixed an issue with the SNYK Issues API endpoint, after unexpected and unannounced breaking changes were made by SNYK resulting in SAST findings failing to ingest.  
  • Fixed an issue where scan ingestion of the custom file schema would error when a project was configured with Asset Ignore rules.  
  • Fixed an issue where manually set statuses were being overwritten by subsequent scans.   
  • Fixed an issue with Veracode Sandbox scans where we were ingesting additional sandbox scans incorrectly. 
  • Fixed an issue where manually mitigated findings were incorrectly showing in the Vulnerability Details XLSX export.  
  • Fixed a perpetual loading issue when modifying an asset in the Assessment page. 

 


Click here to review past Nucleus product updates.

Tags: