11.28.36 Platform Release

Released August 26, 2024

info

If you are using the NIST NVD connector, Brinqa recommends switching to Brinqa Risk Intelligence, as the NIST NVD connector is no longer supported in Brinqa Platform version 11.28.x or later.

New features and enhancements

• Created datasets for MITRE data models originating from the Brinqa Risk Intelligence feed.

  • Created a kill-switch flow to activate version 2 risk factors and deactivate stock risk factors. This allows the platform to bulk enable the Brinqa Risk Intelligence Feed risk factors.

  • Created a kill-switch to deactivate version 2 risk factors and activate stock risk factors. This allows the platform to bulk disable the Brinqa Risk Intelligence Feed risk factors.

  • Renamed existing risk factors to v1 for versioning given the enhanced risk factors that accommodate the Brinqa Risk Intelligence risk factors.

  • Created the Threat Intelligence Risk Factor Icons when these are applied.

  • Updated the pre-built Brinqa Risk Connector to use the production connector version.

  • Updated 11.x platform to include new Brinqa Risk Intelligence Risk Factor icons.

  • Updated the pre-built Brinqa Risk Intelligence connector version to 2.1.3.

• Replaced data purge with data lifecycle management (DLM) in data integration, which allows administrators to leverage the robust status configuration of DLM.

  • Removed the feature flag for data lifecycle and made the new behavior the default. This allows all organizations to take advantage of DLM.

  • Linked data lifecycle flows with the source data models (SDM), which allows a user to launch these flows from the data model page instead of having to search for it on the flow list view.

  • Added more parallel processing to improve consolidation time after DLM.

• Separated data integration syncing from data orchestration. See Multi-sync configurations for more information.

• Enabled the dashboard sidebar navigation. This removes the dashboard list from the top bar and allows users to navigate dashboards via the sidebar. See Dashboards Overview for more information.

  • Added access control to dashboards, which allows the platform to only show assets and risks to which the user has been granted permissions.

  • Allowed users to select a category for a dashboard so that these can be properly organized in the sidebar navigation.

  • Updated access control to work with the updated dashboard permissions, so that dashboards only show the permitted data.

  • Updated pre-built dashboards for the new Category property.

• Displayed report inputs at the top of a report as filters, which allows users to easily understand how they’ve filtered a report. See documentation on adding inputs to reports.

• Added guardrails to drill-downs to make these more descriptive and enabling users to properly select inputs. See documentation on report drill-downs to find out how it works.

• Improved the data source options on a visualization. This streamlining provides relevant data to understand how a visualization is populated.

• Added a tooltip for Graph stacked bar chart to more accurately describe the individual metric.

• Added an option to hide the top labels for stacked bar charts.

• The platform now filters visualizations by the current dataset that is displayed.

• Added a link to edit the visualization when adding it on a report since visualizations are managed on a separate page.

• Updated the INFO icon on visualizations and charts to use the new icon.

• Updated list visualizations so "total" is not listed on the first visualization twice.

• Added the ability to allow tickets-without-sprints to add new findings to existing tickets.

• Created the configuration required to push Remediation Campaigns to an external tool. This allows Brinqa to push remediation campaigns to ticketing solutions.

• Improved the BQL relationship's guardrail message to indicate when the maximum number of relationships have been exceeded.

• Added app event logs when Exception Requests automation expires to provide more context for these events.

• Updated the brinqa-core YAML to set the number of persistent threads.

Data model changes

• Added some new data models to support Brinqa Risk Intelligence:

  • Attack Mitigation

  • Attack Pattern

  • Attack Tactic

  • Attack Technique

  • EOL Advisory

• Added the riskOwner, remediationOwner and informedUsers attributes to the Assessment data model. This allows better enforcement of access control.

• Updated the CVE Record data model as follows:

  • Added new attributes and a new option to support status configuration.

  • Added new attributes to support Brinqa Risk Intelligence.

  • Renamed the cvssV2AttackVector attribute to cvssV2AccessVector.

• Added a cisaDueDateExpired attribute to the Finding data model.

• Updated the Finding Definition data model as follows:

  • Added the exploitExists and exploitedInTheWild attributes.

  • Renamed the cvssV2AttackVector attribute to cvssV2AccessVector.

• Added a cpeRecord attribute to the Package data model.

• Added some CVE Record-related attributes such as affected, cveIds, vendor and url , and removed the cpeRecords attribute from the Security Advisory data model.

• Added the recommendation and sourceCreatedDate attributes to the Threat Intelligence data model.

• Added the abstraction, structure, sourceStatus and weightedScore attributes to the Weakness data model.

Addressed issues

• Fixed the BCL query failure when using the OR operator.

• Added a cleanup of the primitive channels for compute.

• Fixed the issue that using OR statements in Visualization filters incorrectly adds OPTIONALLY on relationships.

• Fixed the CAASM update failure with Optimistic locks on CachedGeneralRepository.

• Fixed the acquireDuration discrepancy.

• Fixed an issue in Reports with multiple tabs where charts created in the last tab were placed in the first tab.

• Removed the extra Clone button for reports.

• Researched risk factors for Brinqa Risk Intelligence.

• Fixed the issue that caused risk and remediation owners not seeing ticket sources.

• Fixed the issue that free-text search didn’t work when trying to add a visualization to a report.

• Added the missing tabs in the Compliance status input filter for reports.

• Fixed the “Show more” button in Edit filters when creating visualizations.

• Improved the look and feel of the Add attribute section in the View editor.

• Fixed the text overflowing issue in report filters.

• Fixed the size and alignment of the 'open lookup view' button in the ownership cluster form view.

• Removed the Create button from list views for read-only users.

• Fixed the dashboard where changing through tabs would display a square highlight when it should not.

• Fixed the markdown rendering so it displays long text correctly.

• Fixed the Analytics Source trend chart so that switching from trend line to trend bar doesn’t break when the time range is set.

• Fixed the issue that the Matrix table didn't show all the data that it contains.

• Fixed the chart overlapping issue when using the Rendering > Sparkline option in the Matrix table.

• Improved the backend to return the whole BQL query in the bql endpoint.

• Fixed the drill-down in reports that changed True/False to Yes/No upon editing the report.

• Re-activated the affected technologies cluster.

• Fixed the CAASM installation failure with caasm-11.27.9.zip.

• Fixed the issue that using shortcut to open Edit mode in a view and closing it in the same way didn't return to the same size.

• Increase the spacing between Input options in automations.

• Fixed the 11.28.P0 install failure due to a dependency issue with BCL.

• Removed the Delete option for tickets since users should not be allowed to delete them.

• Fixed some broken list views.

• Fixed the charts on Clusters > Assets > Environments.

• Added the Duration column on the orchestration history page.

• Fixed the IN operator translation to SQL on multi-valued attributes.

• Removed the Security Controls and Security Control Framework DMs from the navigation menu.

• Added the ui.dataintegration.testconnection.success translation.

• Ensured that the left hand dashboard navigation uses the "Order" field on dashboards.

• Removed empty values from the results when using the BQL "IN" operator on multi-valued attributes.

• Opened the 'Learn more' link in Sync Configuration in a new tab.

• Removed the blue message about not synced data sources after the sync had run.

• Changed the default order for the vulnerability definition severity score risk scoring model to 9999.

• Fixed the positioning of new risk factor icons.

• Fixed the ACLs for the Risk Analyst role.

• Fixed the error seen in the console when adding any chart with source type ‘data model’ to a report.

• Set the order on built-in views to 99 to avoid collision (should not have customer impact).

• Added a banner to explain that integration configurations are ignored if they are present in application.yml (on the server).

• Added a Category drop-down for creating/updating dashboards.

• Ensured that the Create button on the Users list page doesn’t change after doing a search.

• Added a type check to ensure that the Exception request date is saved as Long in Neo4j.

• Fixed the delay and added an Uncategorized category to the dashboard navigation menu.

• Allowed the Configurator role to see/edit/share the dashboards that they created.

• Fixed the issue that changing the Category of a custom dashboard would erase all visuals.

• Refrained from referencing statuses of assets or findings in the built-in UDLs.

• Set the attributes for BCL correctly in the DLM advanced settings.

• Fixed the reports so graphs display when the data source is 'Data Model'.

• Updated the Analytics Source charts on the All findings page.

• Fixed the issue that selecting SAML as the authentication method didn't redirect user to the SSO page and allowed their password to be reset.

• Added calculation optimization on the Vulnerability data model (affected by the new attributes from Brinqa Risk Intelligence).

• Fixed the HTTP 500 server error on the Analytics > Indicators page.

Known issues

• Received an HTTP 500 server error when manually editing a Pentest finding.

• Dashboards don't render and are uneditable.

• Filters from Analytics Source are not being applied in report drill downs.

• The pre-built risk factors do not account for all Finding models.

• Complex queries cannot be stored as Dimensions for visualizations.

• Remediation campaign push action throws an exception.

• Not all risk factors are exporting from the LIST view.

• The cidr attribute in the Subnet data model isn’t a multi-value field, causing calculation to fail.