2024 Release Notes

We follow a two week sprint cycle. Every two weeks we release new functionality, bug fixes, or general improvements.

Last Updated: 11/19/2024

Releases

11/19/2024

  • New Features
    • Default Static Filters
      • The prioritize page now contains default static filters that will allow users to filter out vulnerability instances in specific states. Users can select and filter out one or more of the following static filters to include:
        • Closed
        • False Positive
        • Risk Accepted
        • Duplicate
    • Bulk Tag Upload API
      • Users now have the ability to manually upload or automatically script bulk asset tag changes via the API.
        • API documentation located here: https://developer.nopsec.com/#a965f405-945e-402d-9d00-1d8576ae2e3c

10/30/2024

  • New Features
    • Shared Dashboards
      • Users are able to share saved dashboards to individual user or Teams.

10/18/2024

New Features
    • Inventory Watch List/Group
      • Users can create and monitor specific CVE's in a watchlist or watch group. This features allows users to monitor when new instances of a list of CVE's appear on assets.
    • File Upload API
      • Users can script a file based ingestion via the file upload API allowing for automated uploads of vulnerability data outside of a direct integration.

09/26/2024

  • New Features
    • Insight Pages Team Filters
      • Users can filter insight page metrics to specific teams based on that teams data access controls.
  • New Integrations
    • Prisma Cloud

09/11/2024

  • New Features
    • Executive Widgets
      • The following new Executive level dashboard widgets have been added to the dashboard library:
        • Most prevalent overdue technologies - This widget shows the technologies that have the largest count of OPEN and Overdue (outside of SLA) vuln instances and breaks down count by vuln instance severity.
        • Team SLA Compliance By Quarter - This widget provides a measure of SLA Compliance (percent of vuln instances remediated within SLA) as a function of the Nopsec Team and Quarter.
        • Team Risk Score By Month - This graph represents a weekly overall team risk calculation. Risk can be represented by a number range from 0-100 and/or a letter grade. The score to letter grade correlation is: 0 -25 = A 26 - 50 = B 51-75 = C 76-100 = D
        • YTD Risk Change By Team - This metric provides the YTD Risk change of Teams. Positive risk change is a worsening of the risk scores due to increased vuln instances and/or vuln instance scores.
        • Percent of Open Vuln Instances in Approved Exception Plans - This metric shows the percent of open vuln instances that are in Approved Exception Plans as function of the Exception Plan type.
        • Percent of Approved Excepted Vuln Instances by Reason  - This metric shows the percent of excepted vuln instances by the reason given for the Exception Plan in which they are found. Only Approved Exception Plans are included in this calculation.
        • Percent of Vuln Instances Excepted per Technology - This metric shows the percent of excepted vuln instances by the reason given for the Exception Plan in which they are found. Only Approved Exception Plans are included in this calculation.
          •  

           

08/30/2024

  • New Features
    • New Search Operators
      • The following search operators have been added to the Nopsec query builder to enhance search functionality. (In, notIN, contains, doesNotContain, startsWith, doesNotStartWith, similarTo, NotSimilarTo, null, notNull)
    • Multiple Dashboard Segments
      • Users have the ability to add additional data segments to a dashboard widget to provide more robust metrics.

08/22/2024

  • New Features
    • Exception Plan Comments
      • Users are able to add a comment to a Risk Exception plan when approving or denying a submitted plan.
    • Team Name Filters
      • Users are able to filter dashboards based on team names to view metrics specific to a team's data access controls.
  • Platform Improvements
    • Asset Inventory Search
      • The Asset Inventory page query functionality has been improved to mirror the functionality of the Prioritize page allowing full query capabilities.

07/09/2024

  • New Features
    • Beta Release for Relationships
      • Please contact your Customer Success team or submit a help ticket to enable Relationships.
      • The first release of Relationships introduces Same Scanner and Different Scanner relationships, essentially allowing you to control deduplication of targets and the creation of Assets.
    • Asset Inventory Page
      • Users can now view the unique list of targets as Assets within the new Inventory Assets page. 
      • If you've enabled Relationships an Asset will be the primary Target of all related duplicate targets or a Target that has no relationship. This is effectively the correlated unique list of targets.
      • You will be able to view Assets that are not visible in the Prioritize page as the Prioritize page is only showing targets that have vuln instances. This means an Asset in the Inventory page is being scanned by your scanner.
      • We've introduced a new filter:
        • Asset ID - this is the ID that correlates multiple targets. This is really helpful in the prioritize page. 


06/25/2024

  • New Features
    • Vuln Instance Access Query
      • Admins can now configure each team to have both Target Access Query and Vuln Instance Access Queries. 
      • Target Access Query behaves exactly the same as the previously named Data Access Query, the improvement is the ability to set a list of vuln instances that a team can see by setting a query.
      • Use Cases:
        • Maybe Team A and Team B share oversight of the same target. 
        • You want Team A to focus on the OS level vulnerabilities that Microsoft publishes.
        • You want Team B to focus on the Application level vulnerabilities for Chrome. 
        • You can configure vuln instance access queries for both use cases and ensure that Team A only sees the windows vulns and Team B only sees the Chrome vulns even though they share the same target.
    • New Filter added:
      • Software
        • alias: target.software
        • For targets where a scanner provides software information you will now be able to query and view the associated software for each target.
    • New Segments added to Widget Framework:
      • CPE Vendor List
      • CPE Product List

06/19/2024

  • New Features
    • Dashboard Filters
      • Users can now filter their dashboard widgets using a global filter located at the top of the Dashboard page. 
      • Our first filter is Teams, allowing users to filter the values found within their widgets by the Teams they choose. 
      • Users are only allowed to filter down to teams they belong to and up to 5 teams at a time.
      • We will continue to release other filters and offer more functionality over time.



05/13/2024

  • New Features
    • Derived Fields
      • Admins can now configure the logic to use for sourcing the values of 7 new fields (9 altogether with 2 existing fields) from either NopSec metadata fields or from Tags. The 9 fields are:
        • Target Name
        • Target Location
        • Target Uniqueness
        • Target OS
        • Target Owner
        • Target Value
        • Target Organization
        • Target Application
        • Target Country
      • Learn more here.
  • Improvements
    • We've made some improvements to the Target Details Metadata card which now holds all of your derived fields.
    • You now have Derived Fields as Columns and Query Filters.
  • Bug Fixes
    • Target Details Open Vuln Instance Metrics for Risk Acceptance and False Positive now are fixed when you click the value to see the report. Previously we included both Open AND Risk Accepted which cancelled each other out. Now the proper filter is applied on the prioritize page.

04/26/2024

  • New Features
    • Lifecycles - Clients will now be able to configure Target and Vuln Instance Lifecycles.
      • Clients may have a data retention policy to manage or maybe they prefer to only analyze vulnerabilities for targets recently scanned. You can now configure a Target Lifecycle policy to either mark a Target as Inactive or to delete it based on the last time it was scanned.
      • Clients can also mark Vuln Instances closed in bulk based on when they were last detected and may also choose to delete them in bulk. 
      • These rules are run once a day at night (EST).
      • Go to Settings  |  Lifecycles to configure your settings.
  • Improvements
    • The Vuln Instance Details page gets an update to the Location card. This card is meant to represent the specific location a vulnerability was found on a target by the scanner. Typically it can be a Port or a URL or a File Location.
  • Bug Fixes
    • Exception Insights Details for Target Properties widgets have now been fixed. 

04/15/2024

  • New Features
    • Create Widgets
      • Users can now create custom widgets for use within their own instance. You provide the following:
        • A Query
        • Segment
        • Values
        • Visualization Type
      • You can follow the guide here to learn how to create your first widget.
      • We will continue releasing more functionality to allow you even more customization and visualization types over the next several months.
  • Improvements
    • Select All functionality in Prioritize Table
      • Users can now define if they are selecting all items in one page or all items across all pages for use with Create Remediation Plans and Create Exception plans use cases.
    • Large Task handling
      • When creating large Actions with either a large number of plans or a large number of vuln instances you will now see that the task has been started in the backend and we will notify you in the UI when it is done. 
      • The completed notification will now include a link to the Action itself. 
  • Bug Fixes
    • We are closing the bug for receiving an Error when creating large Actions as that is now resolved by not timing out and instead moving the processing of the task to the backend. 

04/1/2024

  • New Features
    • Exception Insights Page
      • There is a new Insights tab named Exceptions.
      • This tab aims to identify insights based on your Exception data. Each insight is captured within an Insight Widget which has a visualization, a specific insight highlight from that dataset, the risk captured within the Exception Plan, and finally a recommendation on how to leverage the data displayed.  Users can view the specific Exception Plans for the highlighted data by clicking on View Details. 
    • Threat Vector Insights Page
      • There is a new Insights tab named Threat Vector.
      • NopSec is now categorizing vulnerabilities by leveraging data analysis tools to evaluate vulnerability data and our threat intelligence. These categories can be used by users to help further prioritize vulnerability remediation. The Insight page aims to provide an easy way for users to learn about these threat vectors and see how many, if any, exist in the network similar to Celebrity Vulnerabilities or CISA KEV. However, now users can jump into an Insight page per Threat Vector where they can continue to deep dive into the threat and its impact to the network. 
    • Velocity Insights Page
      • There is a new Insights tab named Velocity.
      • Every client identifies vulnerabilities and aims to remediate them within a specific timeframe. This can be calculated as the time to remediate a vulnerability from first detected date to remediated date. When looking across the entire dataset it helpful to look at the Mean Time to Remediate. We can consider the length of time to remediate a vulnerability as the speed or velocity an organization is performing at to remediate vulnerabilities. Now, why would an organization be getting faster or slower at remediating vulnerabilities? This is the core question for the Velocity Insights page. 
      • You can now view different potential correlation events that you can use to evaluate where you may be performing slower or where there may have been an event that could have lead to an increase or decrease in speed. 
  • Integrations
    • We have a new Integration with Veracode SAST and DAST. 
      • Users can now view their SAST or DAST scan results within the platform.
    • We have expanded our Wiz Integration to bring in more AWS configuration and policy data.
      • Users can now view new Target Types such as Database and Server and 
  • Bug Fixes
      • Floats have been formatted to become 2 decimals. There were a few areas where they were not properly being formatted such as the Top Risk Factors.

03/18/2024

    • Improvements
        • SLA Details have been updated in Vuln Instance Details page
          • Users can now see a timeline of the vuln instance compared to SLA expectations in order to determine the scope of compliance.
        • Vuln Instance Risk Score Column in Vuln Instance Details page has been re-arranged to show that Target Criticality is calculated before Risk Reduction.
        • Other small improvements to the Vuln Instance details page have been done.
    • New Features
      • Dashboard with Edit Dashboard Capabilities
        • Users can now create a new Dashboard and add or remove widgets from the Widget Library. 
        • Users can :
          • Resize widgets
          • Add or Remove Widgets
          • Set a Dashboard as a Favorite (or unfavorite a dashboard)
          • Set your Default dashboard, the one that loads first, by setting your Dashboard list order. The first item is loaded first. 
      • New NopSec to Qualys workflow for marking Approved NopSec Exception Vuln Instances as Ignored in Qualys.
        • Users can now have their NopSec Exception Plans trigger a workflow for NopSec to create Qualys Tickets to mark Qualys items as Ignored.
    • Bug Fixes
        • CSV Download Fix for reports with over 26 columns is now fixed.
        • Data discrepancy issues have been addressed.

    03/04/2024

      • Improvements
        • Vuln Instance Details and Vuln Detail pages have been updated to better tell the story of a vulnerability. Read Risk Scoring 101 for more details.
          • Details:
            • Vulnerabilities are published by NVD and receive a CVSS score.
            • The scanners update their logic and release new scanner plugins. This leads to a Scanner Severity.
            • Next NopSec leverages its threat intelligence and machine learning model to determine the NopSec Vulnerability Risk Score.
            • Finally the NopSec Vuln Score can be modified by the unique client environmental context such as, Target Criticality and Control Risk Reduction, to form the final Vulnerability Instance Risk Score. 
          • You can also now see the SLA status of a specific vulnerability instance.
            • You can track when the SLA Due Date is, how many days you have until the due date, and whether or not it is overdue.
          • You can now quickly see the status of a vulnerability instance as Open, Risk Accepted, False Positive, or Closed.
        • Column Presets have been improved:
          • Column Presets are now favorited by default upon creation.
            • Previously users had to reopen the Column Manager and favorite their new column preset before they could see the preset within the Prioritize Page for use. This is no longer the case, upon saving a new preset you can begin using the preset from the column preset dropdown menu.
          • Current Column Preset loaded is highlighted to show which preset is currently active. 
        • Remediation Plan and Exception Plan Details pages now show the Plan Name rather than the UUID as the title of the page.
        • Integration Sync Improvements
          • Implemented self-healing logic to reduce potential issues with syncs that experience small errors. This will help remove the likelihoods of Generic Errors for integrations.
      • New Features
        • Top Risk Factors 
          • Alongside the Vuln Instance Details updates we've released a new feature for our Top Risk Factors. 
          • Top Risk Factors are the features our machine learning model leveraged to determine the likelihood that the specific vulnerability would be used by an attacker. The Top Risk Factor now displays a description of the feature and provides two numbers; Seen Across all CVEs and Seen Across all Threat CVES.
            • If a Top Risk Factor feature has a percentage of 50% Seen Across all CVEs, this means this feature has been seen as top risk factor across 50% of all of your vulnerabilities. This provides context for the vulnerabilities potential uniqueness.
            • Similarly, we display the percentage the feature has been seen across vulnerabilities that NopSec has labeled a threat. A threat being a validated active threat through open source reporting or research. This means there are active malware samples and confirmation of attack of vulnerability rather than just theoretical code.
            • By comparing both the Seen Across All vulns and those specifically in vulns labeled a threat you can determine the impact this risk factor has had in the scoring. If it's high in items with threats then this feature highlights the specific vulnerability may be similar to other threat vulnerabilities. 
      • Bug Fixes
        • Fixed broken Icon's for ServiceNow across the site, they are now rendering correctly.
        • SLA Cards in Vuln Instance Details pages are now displaying again. 
        • Reports with empty tag columns were causing an unexpected error, this has been addressed in a hotfix. 
        • Column Preset bug fixed.
          • We found an issue where Client Level Presets were not properly loading. This only affected one client but was addressed to prevent future issues.

      Releases

      02/19/2024 

        • Improvements
          • Dashboard Widgets are now clickable. Users can click on a value or segment and be routed to a Prioritize page to view the data in a report table. 
          • We've increased the number of Teams that can be compared at once within the Team Performance page to 6. 
        • New Features
          • Tag Management with Edit and Delete -
            • Users can now use the Tag File Upload feature to edit or delete tags created previously via the file upload feature (user created tags). 
          • Create New Dashboard - This is our first release of several over the next four sprints which will focus on releasing a Self-Service Dashboard for users to create and manage custom dashboards. This release allows users to create a new dashboard and:
            • Set a Dashboard Name
            • Re-arrange Widget order and save configuration
            • Favorite Dashboards in order to switch between dashboards
            • The first Dashboard in your Dashboard List is your Default dashboard which is the dashboard that will be loaded upon signing in. 
            • Next:
              • Ability to remove widgets and add existing widgets to a dashboard.
              • Then, by end of Q1 the Ability to create new widgets through Queries and configurations of Segments and Values
        • Bug Fixes
          • Exception Plan CSV Downloads are no longer timing out for reports with over 10k rows.


          02/05/2024 

            • Improvements
              • Qualys Vuln Type has been improved to capture all Qualys types and display them as needed.
              • Qualys Pre-Filter Lists.
                • Clients may now leverage a Qualys List to configure items that should not be ingested by NopSec. This is useful if you'd like to prevent the ingestion of items such as Potential vulnerabilities.
            • New Features
              • Team Performance Insights
                • Clients can now have their admins (users with settings.read, settings.write, and teams.read and teams.write) compare Teams by their performance within the system. 
                • You can view compare teams by team member size or by number of vuln instances, and see how they may be performing alongside each other. This should help clients manage their teams and begin to ask follow up questions on why differences may be appearing between teams that are considered to be similar. 
              • Virtual Appliance
                • Clients with on-premise integrations that are not connected directly to the internet may now have NopSec connect to those platforms via a NopSec Virtual Appliance.
                • The NopSec Virtual Appliance is a Docker image and scripts that NopSec provides clients to host. The Virtual Appliance communicates with NopSec over HTTPs 443 and uses encrypted communications. 
                • The client needs to ensure the appliance is able to reach any internal application from wherever the appliance is being run from. Once connected, the appliance connects to the platform via APIs as if it was a public integration. All NopSec platform features remain the same.
            • New Integration
              • Microsoft Defender for Endpoint Vulnerability Management
                • We are proud to announce clients can now integrate with Microsoft Defender to capture all of the vulnerabilities being detected by Microsoft across all Defender agents. 
            • Bug Fixes
              • Exception Plan CSV Downloads are no longer timing out for reports with over 10k rows.
              • The query filter of vuln.score is now working with >, >=, <, <= operators, as expected.

            01/19/2024 

              • Improvements
                • Remediation Plan and Exception Plan Filters have been improved to be more performant.
                • Exception Plan Expiration Dates are now limited to 1 year.
                • Target Detail Click to Report - Users can now click on Target Details such as the Total Number of Vulns or Vuln Instances and be routed to a Prioritize Page with the correct query applied. 
                • General sync improvements have been implemented to improve data ingestion.
              • New Features
                • Remediation Plans with Descriptions
                  • Users can now add a description to Remediation Plans similar to Exception Plans. This text can then be displayed within your Destination tickets or emails. 
                  • Users can view the Description by opening a specific Remediation Plan Details page.
                • Remediation Plan with Due Dates
                  • Users can set a Due Date to a remediation plan to signal to their teams when all items in the plan must be marked closed or placed into an approved Exception Plan. 
                  • Users can view their Remediation Plans and see when they are due. 
                  • Users can filter the Remediation Plan page by plans that will be due in the next 7, 15, 30 days or the plans that are already past due.
                • Remediation Plans can now attach a CSV report to all external Destinations.
              • Bug Fixes
                • The Tags column within the Targets view is now fixed. The values had been showing a circles but are now fixed.

               


              01/09/2024 

                • Improvements
                  • Ability to open a Prioritize page based on the Metric Clicked within the Insight Pages
                    • You can now click on items within the Insights Page and it will open a Prioritize Page and load the proper query for you to view the data used in the metric. 
                  • General Performance improvements were implemented
                    • Pages should load faster
                    • Queries should load faster
                  • HTML is now formatted within the Top 10 * widgets in the Dashboard.
                • New Features
                  • Automated Remediation Plan Rules
                    • This feature now allows you, through the help of your Customer Success team, to implement a rule based on the Query you would like to continue creating remediation plans for. You can schedule this rule to execute every day at specific times or only on specific days of the week. If you've configured your Remediation Plans to create remote tickets via an ITSM integration that will continue with Automated Remediation Plans. 
                • New Integrations
                  • Sonarqube
                • Bug Fixes
                  • You can now open the Exception Plan within the Vuln Instance Details view. 

                12/15/2023 


                  • Improvements
                    • New Filters and Columns
                      • instance.port = You can now query by the port scanned by your specific scanner. 
                        • Ex. instance.port == 443
                        • instance.port >= 80
                      • instance.age = You can query by the age of a vuln instance calculated as:
                        • Fist Detected Date - Today = X days
                  • New Features
                    • New Widget named NopSec Threat Based Prioritization
                      • This widget aims to showcase how NopSec has prioritized your scanner data by showcasing a before and after view of your vulnerabilities now that they have been re-prioritized by NopSec.
                      • In general, we've seen that NopSec's threat based machine learning model tends to dramatically reduce the prioritization of many vulnerabilities coming from the scanner while also elevating a few low priority items from the scanner to High, Critical, or Urgent severity within NopSec.
                      • This should help showcase the value of leveraging NopSec compared to other products and showcase the immediate Return on Investment through the reduction of time spent by your teams by ensuring they are focusing on the truly important items based on risk.
                    • We are releasing our second Insights page; CISA KEV!
                      • CISA publishes a list of Known Exploitable Vulnerabilities (KEV) which are given a Due Date to provide organizations with a date that vulnerabilities should be remediated by. 
                      • Users can view the Insights Page and see if any existing vulnerability instance is associated as a CISA KEV. If so you can determine which of them are Managed or Unmanaged in order to be able to take action to resolve the ones that are unmanaged.
                        • Managed vulnerabilities are any vulns that have been placed into an Exception of Risk Accepted, False Positive or have been placed in a Remediation Plan. 
                        • Unmanaged vulnerabilities are any vulns that are not in a Remediation Plan and have not been Risk Accepted or marked False Positive meaning there is no intention to resolve this vulnerability detected by the platform so these are items we believe you should focus on determining next steps.We are releasing our second Insight page with the release of CISA KEV.Insights Page!
                    • Vuln Instance Details now include:
                      • Threat Intel
                        • If you have configured Crowdstrike Falcon Insight or Qualys as an integration NopSec will attempt to associate a Threat Intelligence report or data to the vuln instance.
                          • Qualys Real Time Threat Indicators (RTI) are now shown as a Threat Intel card to showcase all of the RTI values Qualys has associated with the vulnerability.
                          • Crowdstrike Falcon Insight provides a wealth of data for specific vulnerability instances such as:
                            • Threat Name
                            • Short Description ( Crowdstrike limits the description string and users will need to view the external link to view the full details )
                            • Origins
                            • Motivations
                            • Capabilities
                            • Objectives
                            • Other metadata
                  • New Integrations
                    • Qualys PCI
                      • You can now integrate with Qualys PCI to capture all of your current vuln instances that have been scanned by Qualys PCI.
                      • Items that have failed a PCI check will be given a Category Label of PCI. You can find these items using:
                        • vuln.categories == "PCI"

                   


                  12/01/2023 

                  • Bug Fixes
                    • Remediation Plans will now load faster.
                    • Users tables will now display > 100 users.
                    • Improvements
                      • Bulk assignment of users to teams.
                        • User Management has gotten a little easier by allowing admins to bulk select users from the Users table and assign them to a Team rather than only being able to do it from the Team card manually.
                      • User Status - Active vs Inactive
                        • Admins can now mark users as inactive by selecting one or more users and changing their status. 
                          • Inactive - User data (reports, queries, etc.) are still available but user is unable to login. They will receive an error when attempting to login.
                          • Active - Users can login as normal.
                    • New Features
                      • Insights Page!
                        • We are releasing our first Insight page with the release of Celebrity Vulns.
                          • Celebrity Vulnerabilities are vulnerabilities NopSec has researched and identified to be prevalent and important vulnerabilities our clients should be aware of. They may be vulnerabilities that are being talked about widely in the news; ie. Celebrity, but they may also be vulnerabilities our security team believes are worthy of mention based on our threat analysis. 
                          • Users can view the Insights Page and see if any Celebrity Vuln exists in the network, if so which of them are Managed or Unmanaged in order to be able to take action to resolve the ones that are unmanaged.
                            • Managed vulnerabilities are any vulns that have been placed into an Exception of Risk Accepted, False Positive or have been placed in a Remediation Plan. 
                            • Unmanaged vulnerabilities are any vulns that are not in a Remediation Plan and have not been Risk Accepted or marked False Positive meaning there is no intention to resolve this vulnerability detected by the platform so these are items we believe you should focus on determining next steps.
                        • Insights will continue to grow as this is where we will focus on delivering new value to our clients so keep an eye out for future Insights. If you have any ideas of an insight or a question you're hoping to be able to reliably answer with the data in our platform please reach out to us by submitting a feature request!
                          • The next Insight is CISA KEV. 
                      • Remediation Plans with Destinations
                        • Jira - You can now configure an Integration with Jira Cloud and configure multiple destinations (Jira Projects) in order to allow users to create remediation plans to create remote tickets in Jira. NopSec Customer Success can configure and format how tickets should be formatted (data mapping) please work with your CS team to ensure your formatting is correct.
                        • ServiceNow - You can now configure an Integration with SNOW and configure multiple destinations (SNOW Tables such as Incidents or other tables) in order to allow users to create remediation plans to create remote tickets in SNOW. NopSec Customer Success can configure and format how tickets should be formatted (data mapping) please work with your CS team to ensure your formatting is correct.
                        • For both, NopSec will continue querying your remote destinations to capture any ticket status changes and assignment changes.
                          • NopSec prioritizes your Scanner as the source of truth for the remediation of vulnerability instances and remediation plans will remain open if one or more vuln instances are still open from the scanner's perspective even if the remote ticket status is closed.
                      • Target Details now include:
                        • Controls
                          • If you have configured Crowdstrike XDR/EDR as an integration NopSec will associate the controls deployed to your Targets and displays them in the Target Details view under the Controls Tab.
                            • A control can be a policy or set of settings deployed to an endpoint. In the case of Crowdstrike EDR controls are configured with specific settings. We display all settings and their status per control.
                            • On top of that all Mitigating Controls within NopSec are assessed for the type of policies/settings enabled and if applied NopSec will apply a risk reduction to the Target which affects all vulnerability instances found on that target. The risk reduction is limited to 25% for all controls as we believe there is no perfect solution to truly reduce your risk to 0, however, we believe there is a sizable benefit for deploying mitigating controls such as an EDR as long as it's configured to properly enforce prevention policies.
                            • Reminder, vuln instances will leverage the Target's Criticality, NopSec Vuln Risk Score (based on our Threat Model), and Control Risk Reduction, to calculate the final Vuln Instance risk score. On top of that NopSec aggregates all of the vuln instances to form the Target Risk Score. Finally, NopSec aggregates all of the Target Scores in your network to calculate your Overall Risk Score. This means by applying mitigating controls across as many Targets you can potentially reduce your overall risk up to 25%. 

                    11/22/2023 

                    • Goals for next sprint
                      • Target Details will receive new tabs for:
                        • Mitigating Controls - we will display the Crowdstrike Controls and Settings associated to the Target alongside any risk reduction provided for having this control.
                      • Vuln Instance Details will receive a new tab for Threat Intelligence
                        • We will show you threat feeds specific to your instances that have associations with your vuln instance based on your integrations such as Crowdstrike Falcon Insight or RecordedFuture or Qualys RTI. 
                      • New Insights Page
                        • Celebrity Vulns will be the first page we display for Insights. You will be able to see which vulnerabilities NopSec has labeled as Celebrity Vulns, whether they are being managed (in a remediation plan or exception plan) or if they are unmanaged (open). Or if they are not present at all (no vuln instance found for this vulnerability).
                      • New Remediation Plan Destinations
                        • Jira
                        • ServiceNow
                    • Bug Fixes
                      • Impact Section is now displaying data
                      • Instance.status now works in Group By Vuln
                      • Team Role selection bug has been fixed
                      • Team Renaming bug has been fixed
                      • Removing Members from Teams race condition has been fixed. This appeared when removing users rapidly one after the other.
                      • Custom Role issues have been fixed.
                    • Improvements
                      • You can now download All of your rows (greater than 40k rows) by selecting the All option in the Download CSV modal.
                      • You can now create a Column Preset with ALL columns selected.
                      • We've introduced new Columns for Vuln Instance Presets:
                        • SLA Due Date
                        • CVSSv2 and CVSSv3 
                      • Vuln Instance Details now allow you to:
                        • View SLA Due Date (if available for the specific vuln instance)
                        • View the associated Remediation Plan or Exception Plan (if available for the specific vuln instance)
                        • Create a Remediation Plan or Exception Plan from the Details page (if one doesn't already exist. A vuln instance can only exist in one remediation plan or one exception plan at once)
                        • View last detected date
                        • View remediated date
                      • Output Section for Vuln Details has been removed
                      • Ability to select table cells and copy and paste items
                      • General Updates to Target Details, Vuln Instance Details, and Vuln Details
                      • Formatting HTML in scanner provided fields for Description and Impact
                    • New Features
                      • Column Preset Favoriting - You can now select which Presets show up in your dropdown menu's. 
                      • Remediation Plans with Destinations
                        • Email - You can configure Email Destinations and have remediation plans be sent via an email (they will continue existing within UI) to the destination. We recommend choosing Group By: No Grouping for this option, otherwise your destination recipients will receive an email per Remediation Plan.
                      • Target Details now include:
                        • CMDB tab- this will display all CMDB related fields associated to the target (not just the ones created as tags)

                     


                     

                    10/27/2023 -

                    • Goals for Next Sprint
                      • Remediation Plans with Destinations (Email first, then SNOW and JIRA the following sprint)
                      • Column Manager - Favoriting Presets
                      • CSV Download > 40k
                    • Bug Fixes
                      • Access Denied Permission errors are now displayed for roles with Users.Read = False, Remediation Plans.read  = False, and Integrations.Read = False.
                      • Output card is blank on Vuln Details but there will not be any Output at the Vuln Level - Output card will be removed in future releases, for now, there is no issue with data.
                    • Improvements
                      • First Name and Last Name are now captured via SSO Claims.
                      • New Columns are now available via the Column Manager.
                      • All Tables now allow users to select field values (for copy pasting)
                    • New Features
                      • Column Manager - Users can now create and save their column presets; the specific columns to display in a specific order (left to right). Users can switch between column presets as needed and save a specific preset to a specific Report. When the Report is loaded the specific query + column preset is loaded. Downloaded CSVs will only display the Columns Visible in the Report Table, this should help focus your downloads.
                      • Query Summary - All query results (total number of records returned from the database) is now also visible on top of the Report Table. Previously only visible within the Query Builder drawer. 
                      • Report Table Select # of Rows per Page - Users can now set the number of rows to display per page within the report table. Note: the report table only displays 10k rows.
                      • Nessus File Upload Integration is now available
                      • Crowdstrike Spotlight Integration is now available
                      • Crowdstrike Falcon Insights Integration is now available
                      • Crodstrike XDR Integration is now available with Risk Reduction calculations

                     

                    10/11/2023 - 

                     

                    • Goals for next sprint
                      • Column Manager
                      • Updates to Expired Exception Plan
                      • Continued Improvements
                        • New Filters
                        • New Columns
                    • Bug Fixes
                      • Remediation Plan Loading Issues - Remediation Plans and Exception Plans now have Pagination to ensure proper loading and usability of pages.
                      • Output is now displayed in Details pages.
                      • Text Input querying is now usable. Validation was kicking off too quick making it hard to type a query without it trying to validate the syntax too quickly.
                      • FQDN field is no longer a link and is now not overflowing.
                      • Hover Over bug is no longer present when hovering over fields. This was a bug in Chrome.
                    • Improvements
                      • Reordered default Columns per Group By.
                      • Included new columns for Group By Vuln Instance
                        • Output
                        • IP Address
                        • OS
                        • FQDN
                        • Hostname
                      • Displaying Data Access Query List in Select Query Dropdown for Admins
                        • Admins can now test their data access queries easier.
                      • Changed Default Filter for Remediation and Exception Plan pages from Today to All Time
                      • Clicking Integrations Defaults to My Integration tab
                      • All pages have full page views with unique URLs to allow for users sharing pages
                      • New Filters
                        • instance.in_plan = This filter is a boolean filter. If true means the vuln instances returned are within a Remediation Plan or an approved Exception Plan. 
                    • New Features
                      • File Upload Tags - Ability to create bulk tags by uploading a csv file with target_id, tag_key, and tag_value columns. 
                      • V1 Dashboards - First release of our new dashboards. Future iterations will provide ability for full self-service use cases.
                      • File Attachment for Exception Plans - Users can now upload attachments for exception plans.

                     

                    09/27/2023 - 

                    • Goals for next sprint:
                      • File Upload Tags
                      • File Attachment for Exception Plans
                      • Column Manager
                      • General Improvements for Prioritize Page
                      • V1 Dashboards
                    • Bug Fixes
                      • Login Refresh Bug has been fixed. Upon logging in you will be directed to the Prioritize Page.
                      • CSV Download was only allowing first page downloads, now users can download up to 40k records. This will be updated next sprint to allow for all rows.
                      • Filter Type Aheads are now available.
                      • Details Pages are displaying. There was an issue where it would sometimes show Could not load data error's. 
                    • New Features
                      • Integration Sync History
                        • Users can view the sync history for a specific integration. You can view how long a sync is taking and if it failed or succeeded. 
                      • Remediation Plan Filters
                        • Ability to filter remediation plans by date created, status, and source.
                      • Exception Plan Filters
                        • Ability to filter exception plans by date created, status, exception number, and submitter.
                        • Note: The default date range filter is currently set Today. This will be changed to All Time in next sprint.
                      • CSV Download Enhancements.
                        • Users can now decide to download only selected vs all items.
                        • Some limitations are still present but will continue to be expanded to allow for full report downloads.
                      • Help Menu
                        • Link to Knowledge Base
                        • Link to Submit Issue or Feature Request

                    09/07/2023 - Major Platform Update (Beta)

                    • New User Management
                      • New Roles
                      • Introducing Teams
                      • New Data Access framework
                    • New Design
                      • General UI redesign with new navigation:
                        • Dashboards (coming soon)
                        • Prioritize (replaces Infrastructure Vulns Reports)
                        • Remediate (new page housing Remediation Plans and Exception Plans)
                        • Integrations (new design and functionality but similar to previous integrations page)
                        • Settings (new page housing user management and new setting configurations pages)
                        • Help (coming soon)
                        • Profile (Logout Button)
                    • Remediation Plans
                      • Users can now create remediation plans without having to have an ITSM integration configured.
                      • Users can review and manage all remediation plans easily within the platform.
                    • Exception Plans
                      • Users can continue marking vuln instances as Risk Accepted or False Positive, however, now Admins can:
                        • create and manage a set of custom Exception Reasons
                        • determine if exception plans should be reviewed for approval internally
                      • Users can review and manage all exception plans easily within the platform
                    • Reports
                      • New Prioritize Page replaces Infrastructure Vulns Report page
                      • Quicker to get to Reports
                      • New Query Builder
                      • New Report Table
                        • More columns
                        • Ability to order columns
                        • Pagination
                      • Improved CSV Download
                      • Ability to Save Queries
                      • Ability to Save Reports
                        • Reports are the combination of a Query + Group By selection
                    • Targets
                      • We have changed terminology from Asset to Target.
                      • Targets are Scanner Results.
                      • Our aim is to build a set of self-service tools to enable users to control how NopSec Assets are created. A NopSec Asset being the relationship between one or more Targets scanning the same location, and any associations with CMDB, Mitigating Controls, or other enrichment services. Goal is early Q1 2024 to introduce NopSec Assets.