[BESAdmin-Announcements] BigFix Insights for Vulnerability Remediation 3.0 and 2.0.3 is Available Now
Announcements for BES Administrators
besadmin-announcements at bigmail.bigfix.com
Thu Sep 7 12:24:17 PDT 2023
Release SummaryFeatures and Enhancements
- Brand new platform for IVR
- IVR Support of Rapid7
- Custom CSV data import directly into IVR
- WebUI Patch Policy support of Rocky Linux 9 and Oracle Linux 9
- Insights Live ETL Feed
Summary
We are happy to announce the release of BigFix Insights for Vulnerability
Remediation (IVR) 3.0 for Rapid 7 and the ability for customers to import
their data directly into IVR using a CSV file.
- Brand new framework for IVR 3.0 that supports Rapid7, .csv ingestion,
and introduces performance improvements.
- BigFix can take the vulnerability information from Rapid7, correlate
it to devices in BigFix, and then suggest remediation based on the CVEs
discovered in the environment.
- BigFix can report and export on the vulnerability exposed currently in
the environment, the severity of the vulnerabilities currently in the
environment, and dates of the various exposures.
- BigFix now supports importing .csv files that contain asset
information and corresponding CVEs and correlating them to existing BigFix
devices and fixlets. Devices and exposures are then able to be remediated
from the BigFix WebUI.
The goal of IVR remains the same, to help align Security and Operations
teams with intelligent patching prioritization and automated remediation,
reduce the time between vulnerability discovery and remediation, and
greatly reduce risk by reducing the vulnerable attack surface.
Defect Article Resolution
KB0106499 – All adapter CVSS values have been standardized to info, low,
medium, high and critical.
KB0102924 – NoneType object has no ‘cvss_base’ attribute
KB0103404 – BigFix IVR import fails with SQL errors
KB0103565 – Schedules for IVR not being honored
KB0104128 – IVR with Tenable.sc <http://tenable.sc/> integration fails
KB0104953 – Setup of BigFix IVR on Tenable.sc <http://tenable.sc/> failing
KB0104954 – Missing documentation for IVR Tenable Tableau reports
KB0104955 – False positive for task 156
KB0105003 – BFIVR setup fixlet not managing percent sign in the password
KB0105637 – Tenable.sc <http://tenable.sc/> install has a bug for install
on E drive
Security Vulnerability Resolution
CVE-2023-0842 – WebUI - xml2js at 0.4.23
CVE-2022-44758 – IVR 2.0.3 – Insecure Cryptography – Python URL
DataFlows.exe
CVE-2022-44757 – IVR 2.0.3 - Information Disclosure - Fixlet Interruption
/Monitoring URL/File IVR
IVR 3.0 - Customers using Rapid7 and/or Custom CSV Ingestion
IVR 3.0 is available natively in the WebUI and includes these new features:
- New platform for IVR, improved performance
- Support for IVR integration with Rapid7
- Ability to import .csv files for IVR correlation in BigFix
- WebUI Patch Policy support for Rocky Linux 9 and Oracle Linux 9
- Bugfixes
- Security Improvements
Support for IVR integration with Rapid7
- IVR now supports a native integration with Rapid7 in IVR 3.0, now
BigFix can take the vulnerability information from Rapid7, correlate it to
devices in BigFix, and then suggest remediation based on the CVEs
discovered in the environment.
- BigFix can report and export on the vulnerability exposed currently in
the environment, the severity of the vulnerabilities currently in the
environment, and dates of the various exposures
CSV Import
- BigFix now supports importing .csv files that contain asset
information and corresponding CVEs and correlating them to existing BigFix
devices and fixlets.
- Devices and exposures can be remediated easily be selected and
executed from the wizard
Insights Live ETL Feed
- Insights Live ETL Feed page is designed to display the stages and
various steps of an active BFE ETL process. Its primary purpose is to
assist in debugging ETL issues and monitoring the progress of ongoing ETL
operations.
- The Live ETL Feed page can only be accessed directly via URL and is
accessible after logging into Insights in the WebUI. There are no direct
links or buttons that will lead you to this page.
- To access the Live ETL Feed page, follow these steps, open your web
browser and enter the following URL: https://<webui_server>/insights/live
How to Update
WebUI will update automatically by default, unless configured otherwise.
Please note that updates for WebUI Insights and WebUI IVR must be done
manually via the Application Updates page on WebUI. Now, updating WebUI IVR
will also update WebUI Insights. For more information, please see:
https://help.hcltechsw.com/bigfix/11.0/webui/WebUI/Admin_Guide/c_manage_application_updates.html
.
Resources
- Demo Link (September 27th) -
https://www.brighttalk.com/webcast/17964/591770?utm_source=HCLBigFix&utm_medium=brighttalk&utm_campaign=591770
- Product Page - https://www.hcl-software.com/bigfix/ivr-home
- Documentation -
https://help.hcltechsw.com/bigfix/11.0/webui/WebUI/Users_Guide/c_get_started_with_IVR.html
IVR 2.0.3 - Customers using Tenable.sc <http://tenable.sc/>, Tenable.io
<http://tenable.io/>, or Qualys:
IVR 2.0.3 is still available in the native WebUI and includes the following
improvements:
- Security improvements
- Bugfixes
How to Update
Please find the ‘BigFix Insights for Vulnerability Remediation’ Fixlet Site
from the License Overview Dashboard under the Lifecycle or Compliance
Sections. For more information on enabling sites, please see:
https://help.hcltechsw.com/bigfix/10.0/platform/Platform/Console/c_license_overview_dashboard.html
Site Versions
*Site Type**Name**Version*
Fixlet Site BigFix Insights for Vulnerability Remediation 13
WebUI Site WebUI Insights 21
WebUI Site WebUI IVR 10
WebUI Site WebUI Common 80
WebUI Site WebUI TakeAction 29
WebUI Site API 18
WebUI Site Patch 41
WebUI Site Patch Policies 37
WebUI Site SCM 11
Web UI Site Datasync 25
WebUI Site Appadmin 32
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://bigmail.bigfix.com/pipermail/besadmin-announcements/attachments/20230907/453c70c6/attachment.html>
More information about the Besadmin-announcements
mailing list