[BESAdmin-Announcements] BigFix Insights for Vulnerability Remediation 3.0 and 2.0.3 is Available Now

[Announcements for BES Administrators]

Release SummaryFeatures and Enhancements

   - Brand new platform for IVR
   - IVR Support of Rapid7
   - Custom CSV data import directly into IVR
   - WebUI Patch Policy support of Rocky Linux 9 and Oracle Linux 9
   - Insights Live ETL Feed

Summary

We are happy to announce the release of BigFix Insights for Vulnerability
Remediation (IVR) 3.0 for Rapid 7 and the ability for customers to import
their data directly into IVR using a CSV file.

   - Brand new framework for IVR 3.0 that supports Rapid7, .csv ingestion,
   and introduces performance improvements.
   - BigFix can take the vulnerability information from Rapid7, correlate
   it to devices in BigFix, and then suggest remediation based on the CVEs
   discovered in the environment.
   - BigFix can report and export on the vulnerability exposed currently in
   the environment, the severity of the vulnerabilities currently in the
   environment, and dates of the various exposures.
   - BigFix now supports importing .csv files that contain asset
   information and corresponding CVEs and correlating them to existing BigFix
   devices and fixlets. Devices and exposures are then able to be remediated
   from the BigFix WebUI.

The goal of IVR remains the same, to help align Security and Operations
teams with intelligent patching prioritization and automated remediation,
reduce the time between vulnerability discovery and remediation, and
greatly reduce risk by reducing the vulnerable attack surface.
Defect Article Resolution

KB0106499 – All adapter CVSS values have been standardized to info, low,
medium, high and critical.
KB0102924 – NoneType object has no ‘cvss_base’ attribute
KB0103404 – BigFix IVR import fails with SQL errors
KB0103565 – Schedules for IVR not being honored
KB0104128 – IVR with Tenable.sc <http://tenable.sc/> integration fails
KB0104953 – Setup of BigFix IVR on Tenable.sc <http://tenable.sc/> failing
KB0104954 – Missing documentation for IVR Tenable Tableau reports
KB0104955 – False positive for task 156
KB0105003 – BFIVR setup fixlet not managing percent sign in the password
KB0105637 – Tenable.sc <http://tenable.sc/> install has a bug for install
on E drive
Security Vulnerability Resolution

CVE-2023-0842 – WebUI - xml2js at 0.4.23
CVE-2022-44758 – IVR 2.0.3 – Insecure Cryptography – Python URL
DataFlows.exe
CVE-2022-44757 – IVR 2.0.3 - Information Disclosure - Fixlet Interruption
/Monitoring URL/File IVR
IVR 3.0 - Customers using Rapid7 and/or Custom CSV Ingestion

IVR 3.0 is available natively in the WebUI and includes these new features:

   - New platform for IVR, improved performance
   - Support for IVR integration with Rapid7
   - Ability to import .csv files for IVR correlation in BigFix
   - WebUI Patch Policy support for Rocky Linux 9 and Oracle Linux 9
   - Bugfixes
   - Security Improvements

Support for IVR integration with Rapid7

   - IVR now supports a native integration with Rapid7 in IVR 3.0, now
   BigFix can take the vulnerability information from Rapid7, correlate it to
   devices in BigFix, and then suggest remediation based on the CVEs
   discovered in the environment.
   - BigFix can report and export on the vulnerability exposed currently in
   the environment, the severity of the vulnerabilities currently in the
   environment, and dates of the various exposures

CSV Import

   - BigFix now supports importing .csv files that contain asset
   information and corresponding CVEs and correlating them to existing BigFix
   devices and fixlets.
   - Devices and exposures can be remediated easily be selected and
   executed from the wizard

Insights Live ETL Feed

   - Insights Live ETL Feed page is designed to display the stages and
   various steps of an active BFE ETL process. Its primary purpose is to
   assist in debugging ETL issues and monitoring the progress of ongoing ETL
   operations.
   - The Live ETL Feed page can only be accessed directly via URL and is
   accessible after logging into Insights in the WebUI. There are no direct
   links or buttons that will lead you to this page.
   - To access the Live ETL Feed page, follow these steps, open your web
   browser and enter the following URL: https://<webui_server>/insights/live

How to Update

WebUI will update automatically by default, unless configured otherwise.
Please note that updates for WebUI Insights and WebUI IVR must be done
manually via the Application Updates page on WebUI. Now, updating WebUI IVR
will also update WebUI Insights. For more information, please see:
https://help.hcltechsw.com/bigfix/11.0/webui/WebUI/Admin_Guide/c_manage_application_updates.html
.
Resources

   - Demo Link (September 27th) -
   https://www.brighttalk.com/webcast/17964/591770?utm_source=HCLBigFix&utm_medium=brighttalk&utm_campaign=591770
   - Product Page - https://www.hcl-software.com/bigfix/ivr-home
   - Documentation -
   https://help.hcltechsw.com/bigfix/11.0/webui/WebUI/Users_Guide/c_get_started_with_IVR.html

IVR 2.0.3 - Customers using Tenable.sc <http://tenable.sc/>, Tenable.io
<http://tenable.io/>, or Qualys:

IVR 2.0.3 is still available in the native WebUI and includes the following
improvements:

   - Security improvements
   - Bugfixes

How to Update

Please find the ‘BigFix Insights for Vulnerability Remediation’ Fixlet Site
from the License Overview Dashboard under the Lifecycle or Compliance
Sections. For more information on enabling sites, please see:
https://help.hcltechsw.com/bigfix/10.0/platform/Platform/Console/c_license_overview_dashboard.html
Site Versions
*Site Type**Name**Version*
Fixlet Site BigFix Insights for Vulnerability Remediation 13
WebUI Site WebUI Insights 21
WebUI Site WebUI IVR 10
WebUI Site WebUI Common 80
WebUI Site WebUI TakeAction 29
WebUI Site API 18
WebUI Site Patch 41
WebUI Site Patch Policies 37
WebUI Site SCM 11
Web UI Site Datasync 25
WebUI Site Appadmin 32
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://bigmail.bigfix.com/pipermail/besadmin-announcements/attachments/20230907/453c70c6/attachment.html>