Summer is here and we hope that you have plans to have some fun in the sun. (Of course, we’re not judging if you intend to lock yourself in a dark room to binge Stranger Things season 4 and Obi-Wan!)
The Nucleus team has been hard at work making our platform better, our customers happier, and spreading vulnerability management goodness to all!
We hope you enjoy this second-quarter roundup of new additions and enhancements to the Nucleus platform. It’s a doozy.
The Nucleus API allows users to tap into the power of the platform without having to login into the UI. Additionally, customers use the API to automate and extend Nucleus’s capabilities into existing tools and workflows. We are continuously adding and enhancing API functionality.
- Added the ability to search findings by justification status.
- Added the ability to remove a team assigned to a vulnerability.
- Added the ability in the findings/search endpoint to return findings before or after a specified timestamp.
A foundational use case of Nucleus is vulnerability and asset data aggregation. So, we are continuously adding new connectors and enhancing existing ones. For a complete list of integrations, visit this page.
- ASSETNOTE: Added more metadata and finding references from Assetnote.
- AWS: Added the option to sync from all accounts in the AWS asset sync connector for easier onboarding of ever-changing AWS environments.
- AWS Inspector: Added the ability to ingest Inspector 2 data (ECR and EC2) into Nucleus via AWS Security Hub. This supports aggregated regions as well as the Security Hub administrator account.
- Amazon S3:
- Added an Amazon S3 bucket connector so that you can push Nucleus data to your S3 buckets for use within other third-party tools, like SIEMs, BI, etc.
- Enhanced the S3 connector to get finding data more efficiently.
- Added more asset information available for upload to S3.
- Updated the S3 connector output to smaller file size.
- BUGCROWD: Enhanced how statuses from Bugcrowd are mapped to statuses within Nucleus (including now ingesting all findings).
- CHECKMARX: Enhanced the Checkmarx connector to import all the latest scans, if not already imported, for all available projects.
- CROWDSTRIKE: Introduced support for setting AWS EC2 instance metadata when the provider is specified as AWS_EC2_V2.
- MICROSOFT DEFENDER:
- Improved the ingestion speed of Microsoft Defender by decoupling downloading from ingestion.
- Updated the Microsoft Defender ingestion logic for further speed and efficiency.
- Updated Microsoft Defender asset matching to not match if asset IDs are different.
- QUALYS: Updated the Qualys connector to use a Nucleus-specific report template, so you don’t have to configure it yourself.
- SNYK: Several enhancements to SNYK Code.
- TANIUM: Enhanced the Tanium Connector to skip imports based on dates instead of matching data.
- TENABLE.IO: The Tenable.io connector will now supply detailed feedback when a scan chunk is not available.
- Added more metadata to assets from the Tenable.SC connector.
- Improved Tenable.sc chunking logic to better capture earlier scan dates.
- Updated the Veracode Connector to better identify the discovered date.
- Improved Veracode scan ingestion to prevent timing out in certain scenarios.
- Improved connector job message to include a more accurate error when available.
Nucleus users need speed! This is always top of mind for us, as we continuously raise the bar on platform performance. Our rapidly growing engineering and app ops team is hard at work building Nucleus into the speediest, most reliable, and performant platform it can be.
- Improved the speed of scan ingestion across all connectors by preventing duplicate scans from being re-ingested.
- Improved scan ingestion for some connectors to allow for parallel downloading of scan files.
- Improved Nucleus deduplication logic per host and scan date.
- Improved page loading performance for projects with large amounts of assets.
- Improved Tenable.sc host processing time.
- Improved speed of editing asset inventory sync rules in automation.
- Enhanced the resolved vulnerabilities page to load faster.
- Enhanced duplicate scan detection in certain scenarios for scans that include a single host.
- Improved scan ingestion speed in certain single asset scan scenarios for various scanners.
- Updated CVSS scan logic so that the threat intelligence-based CVSS score takes precedence.
- Added support for SAML 2P format.
- Added a check when merging an assessment into its project to prevent the same assessment from accidentally being merged more than once.
- Increased the number of CVEs that can be stored on a single finding.
- Updated date/time format: Standardized the DateTime format in a few areas within the product.
The Nucleus UI is designed and organized to make vulnerability management workflows faster and easier for analysts and engineers. Our enhancements are based on customer feedback and expert vulnerability management insights.
- Added visibility into project tasks running: Added visibility so you can see the latest background tasks that are running in your project.
- Added an SLA metrics widget to the project dashboard. This gives quick visibility into critical, high, medium, and low severity vulnerabilities that are: past the due date, before the due date, or don’t have a due date set.
- Added the ability to filter the asset management page by scan source to more easily identify which assets have or have not been scanned by a specified scan source.
- Added the ability to select/copy certain information from the interface like copy comments on the tickets page interface.
- Added container image manifest digest and tag data in the instances view.
- Certain links in the Assets section of the global dashboard are now clickable.
- Added the ability to filter the asset management page by Business Owner Teams.
If you’re interested in learning more about any of these features or updates, please contact us or, if you’re a customer, your friendly Nucleus customer success representative!