11.27.26 Platform Release
Released June 20, 2024
This upgrade requires supervision due to the launch of the Status Configuration feature. Only proceed with the update if a technical resource is able to review it immediately afterward. Additionally, since a full orchestration is required, it’s recommended to schedule the update during a period of low user traffic, allowing sufficient time to complete the full orchestration. Please contact the Brinqa Team if you need assistance.
Security updates
- Fixed the vulnerabilities detected in version 11.21.36 build #44.
New features and enhancements
-
We are excited to announce two new features, Data Lifecycle Management and Status Configuration for assets and findings.
-
Status configuration defines the conditions that set the Status attribute for assets and findings. These configurations use the asset's or finding's source status to determine the status for the dataset. This feature enables you to set the conditions that might lead to a Data Lifecycle age out. (The default status of an asset or a finding is "Unknown".)
-
Data lifecycle settings replace data retention in data integrations. The existing data purge policies are carried over as data lifecycle policies. Please refer to the documentation for details.
-
-
Users are now able to see the last seen/last updated information when hovering over a source icon.
-
Added the hostname of the instance to the Email notification for Orchestration to provide clarity as to which of the recipients instances were affected.
-
Added cluster content for Affected technologies tied to Finding Definitions based on the CVE → CPE they associate with, in order to better indicate which software are affected by findings.
-
Converted all pre-built, non-trending visualizations that leveraged Analytics Source to use Neo4j.
-
The UI has been refreshed to optimize table columns and rows.
-
The UI has been refreshed to improve the data table visualizations.
-
Applied branding colors to the top navigation, this makes the UI appear more modern.
-
Updated UI elements in the top navigation to improve functionality and the user experience.
-
Visualization configuration now includes a color palette to support conditional colors.
-
Split the Sankey input for dimensions, which makes this visualization type more configurable.
-
Improved performance of generated SQL queries for one relationship hop distinct values queries.
-
Updated the source and risk factor icons to be more distinct and modern.
-
Improved the current value resolution of BCL, which should improve performance when returning results.
Data model changes
-
Added two new data models: Security Advisory and Status Configuration Model.
-
A new attribute,
supportsStatusConfigurationModel
, has been added to Asset and Finding as well as data models that extend from them, respectively. The attribute is true by default. -
The Asset, Entity, and Finding data models have added the following attributes to support status configuration:
-
lifecycleInactiveDate
-
lifecyclePurgeDate
-
lifecycleStatus
-
sourceStatus
-
statusCategory
-
-
The Finding data model has added the following attributes to denote the remediation request approval status:
-
approvedExceptionRequest
-
approvedFalsePositiveRequest
-
approvedRemediationValidationRequest
-
approvedRiskAcceptanceRequest
-
-
The CPE Record and Weakness data models have been updated to support risk scoring.
Addressed issues
-
Fixed the issue where users had to purge caches before a Risk Analyst can see the data to which they have access.
-
Implemented truncation on export values when their length exceeds the limit for Excel to help avoid sprawling cells.
-
Fixed the frequency (weekly, monthly, etc.) aggregation in Trend charts.
-
Fixed user creation to disallow usernames to begin with whitespaces.
-
Fixed the issue in which data sources were active but not running in orchestrations.
-
Fixed an issue with the Show More option under Inventory > Teams in which this was unclickable.
-
Fixed the Analytics Source Trend chart to persist user changes.
-
Fixed the Frequency field in the Analytics Source Trend chart.
-
Fixed the Dimension drill-down so that this works reliably.
-
Fixed the Date transformations on Bar/Line Charts using Analytics Source.
-
Fixed the reports so that toggling simple mode and advanced mode recognizes Measures and Sorting.
-
Fixed the color picker in reports so that these work properly.
-
Refactored caching for Analytics Source and cache management in general.
-
Fixed Date format issues on BQL queries.
-
Fixed the drill-down on Trend Value Analytics Source charts.
-
Fixed the issue where users were getting a 404 error on the Findings list pages.
-
Fixed the issue where users were unable to save notification changes in Orchestration.
-
Fixed the Help text displaying in List pages.
-
Fixed the issue that the BQL mode selector was grayed out when navigating to a list view.
-
Fixed the issue that users were unable to add new columns.
-
Changed the default order for Clusters to a larger number.
-
Fixed the typos in riskAcceptanceRequestLibrary and requestLibrary.
-
Fixed a broken CAASM install where configuration updates were in an infinite loop.
-
Fixed the issue where Visualizations using Analytics Source reported 0 data when data existed.
-
Fixed the count of relationships in the parquet file.
-
Fixed the NPE when exporting data models without any data to the Data Warehouse.
-
Fixed issue in which the last element on a list page overflowed .
-
Fixed an issue where Informed Users saw broken visualizations on dashboards.
-
Added support to send events from connectors to logs.
-
Fixed the Vulnerability Definition compute failure on the Affected Technologies cluster.
-
Fixed the issue that Risk owner or Risk analyst could not access dashboards.
-
Fixed the issue that a newly created view was not visualized correctly.
-
Added 'Measure Attribute' and 'Start' fields back in the SLA Definition Create form.
-
Removed the default status on findings so that computation is run to calculate the status.
-
Removed duplicated cluster content that caused CAASM install to fail.
Known Issues with Workarounds
-
Users would receive a 500 internal server error when trying to create a data model extending the Entity model and selecting the 'Support consolidation' option.
To workaround this issue, create the data model without selecting the options first, then edit the data model and add the desired options.
Known issues
-
Filters in drill-downs do not update when the same filter in the report is modified.
-
Attributes of reference type exporting from LIST view show multiples of the same value.
-
Certain BQL queries don't work with Visualization.
-
The "Windows web server" cluster in OS families may contain assets that belong to the "Windows desktop standard" cluster.