11.10.27 Platform Release

Released August 29, 2023

Changes to behavior and appearance

• Users can now customize the HTML content of notification email templates.

• Report elements now snap more cleanly to the grid, preventing issues where report elements were sometimes off by one or two pixels.

• You can now nest functions in BQL, allowing you to take greater control when creating reports. For example, you can now round the average of an attribute by using round(average(attributeName)).

• You can now clone reports directly from the report list. To create a copy of a report, hover over the report and click Clone.

  

Data model changes

The following data models have changed from v11.9.5:

Affected data model	Changes	Reason	Recommended action
Asset (and data models extending Asset)	Removed attribute: Applications	This attribute created a circular dependency for data computation.	Please contact Brinqa Customer Support if you need to restore this attribute.
CVE record	Added new attributes: CISA added date CISA required action CISA vulnerability name	These attributes are useful because they map to the dateAdded, requiredAction, and vulnerabilityName attributes respectively in the CISA data feed.	Upgrade the CISA Known Exploited Vulnerabilities connector to its latest version.
Person	Changed parent data model from Asset to Entity model.	The previous relationship created a circular dependency from Asset to any reference attribute on Person.	The asset count in reports and the All assets list view will likely decrease because they no longer include the Person data sets.
Person	Removed attribute: Assets	This attribute created a circular dependency for data computation.	To indicate the relationship between an asset and a person, use the owners attribute in Asset instead.
Package	Renamed the Software data model to Package.	We've adopted the Package naming to represent unique AppSec plugin packages.	Update any data integration that has been mapped to Software. Recreate the consolidation mapping to Package instead.
Risk scoring model	Changed the display attribute from UID to Name.	The UID attribute isn't intended for display.	None.
Software install	Renamed the Software install data model to Installed package.	We've adopted the Installed package naming to represent packages installed on a device.	Update any data integration that has been mapped to Software install. Recreate the consolidation mapping to Installed package instead.

Addressed issues

• The Risk scoring models list view no longer hides records when the list is longer than 50 entries.

• Improved the handling when an exception is thrown at loading ComputeCache so that the orchestration isn’t stuck.

• Fixed the issue where orchestration could hang when an invalid CIDR block was used in a Subnet.

• Fixed the issue where Integrations with many SDMs couldn't be deleted.

• Fixed the issue where Exception requests emails weren't sent to reviewers.

• Fixed the issue where the BCL preview doesn't match the actual results.

• Fixed the issue where automation with the “Create risk acceptance request” action failed with a MissingMethodException.

• Fixed the issue where calculated reference attributes were timing out, causing some flows to fail.

Known issues

• The Visual Query Builder (beta) sometimes displays the incorrect Name attribute values when making queries based on related attributes.

• Inside of the Automation builder, if the Run type is initially set to Manual , users are unable to change it to Schedule.

• The Status of data integrations sometimes fails to update, even after the integration completes successfully.

• When customizing List view pages, users are unable to add filters for the Table section type.

• Report filters don’t use the correct syntax for booleans in BQL.

• When filtering by severity in the Static code finding List view, an error pops up showing “HTTP failure response”.

• When filtering by Environment in the Report Builder, CVE names are shown as filter criteria instead of the display name of the Environment.