• November 30, 2021
  • Adam Dudley

Nucleus customers have a need for speed at scale! Our laser-like focus on accelerating vulnerability management and response with streamlined workflows and process automation is how we fulfill that need. In this month’s product updates, we stayed true to this focus with multiple speedups and added efficiencies.

Active Vulnerabilities Page Speedups

Nucleus processes and analyzes mountains of vulnerability and asset data for customers. It’s been a big challenge to get all that data to load quickly in certain views when there’s lots of it. The Active Vulnerabilities page is one of the most frequently used pages in Nucleus and it wasn’t loading fast enough, causing delays and frustrations. With no small amount of engineering wizardry, we made it a lot faster and are going to continue making it faster in the future.

Faster GitHub Scan Ingests

A few months ago, GitHub for code scanning was a high-demand addition to Nucleus’s already substantial portfolio of prebuilt integrations. A couple of weeks ago we released an initial round of speedups to ensure you can get your GitHub code scan data synced with Nucleus faster. But we didn’t stop there! This week we released round two of speedups designed to make GitHub imports even faster. Now you can ingest all the code repositories you have in GitHub with Nucleus on an hourly basis for near real-time sync. Please let us know how it’s working for you at ninja@nucleussec.com.

Automation for Processing Compliance Findings

Compliance is hard and time-consuming. Nucleus saves you tons of time on it with purpose-built automation and reports. The next time you log in to Nucleus and navigate to the Automation view, you’ll notice that “Vulnerability Processing” rules have been relabeled to “Finding Processing”. This is because we’ve made it easy to match compliance findings with vulnerabilities from other sources and automate arduous compliance workflows using the existing actions available in Nucleus such as changing statuses, upgrading severities, etc.

Automation Findings

Other Changes and Improvements

  • You can now update the order of execution for asset processing rules so that you can build logic for cascading asset processing actions based on previous actions.
    Automation Asset Processing
  • Recently we released a brand new report, the Executive Group Comparison Report. To allow you to use it to report on changes in risk over time, this report now contains risk scores with the following details:
    • Risk Score at the beginning of the date range.
    • Risk Score at the end of the date range.
    • The number difference between the beginning and end of the date range.
    • The % difference between the beginning and end of the date range.
  • For reports with advanced filtering options like the Vulnerability Summary and Vulnerability Custom report, we’ve added support for regex matching for the CVE condition as was already possible. This will make it faster and easier to report on the CVEs that you and management care about.
  • Assorted bug fixes and enhancements.