Nucleus customers have a need for speed at scale! Our laser-like focus on accelerating vulnerability management and response with streamlined workflows and process automation is how we fulfill that need. In this month’s product updates, we stayed true to this focus with multiple speedups and added efficiencies.
Nucleus processes and analyzes mountains of vulnerability and asset data for customers. It’s been a big challenge to get all that data to load quickly in certain views when there’s lots of it. The Active Vulnerabilities page is one of the most frequently used pages in Nucleus and it wasn’t loading fast enough, causing delays and frustrations. With no small amount of engineering wizardry, we made it a lot faster and are going to continue making it faster in the future.
A few months ago, GitHub for code scanning was a high-demand addition to Nucleus’s already substantial portfolio of prebuilt integrations. A couple of weeks ago we released an initial round of speedups to ensure you can get your GitHub code scan data synced with Nucleus faster. But we didn’t stop there! This week we released round two of speedups designed to make GitHub imports even faster. Now you can ingest all the code repositories you have in GitHub with Nucleus on an hourly basis for near real-time sync. Please let us know how it’s working for you at firstname.lastname@example.org.
Compliance is hard and time-consuming. Nucleus saves you tons of time on it with purpose-built automation and reports. The next time you log in to Nucleus and navigate to the Automation view, you’ll notice that “Vulnerability Processing” rules have been relabeled to “Finding Processing”. This is because we’ve made it easy to match compliance findings with vulnerabilities from other sources and automate arduous compliance workflows using the existing actions available in Nucleus such as changing statuses, upgrading severities, etc.
Other changes and improvements
Enabling customers to get the answers that matter to them fast and in the format they want is a driving force for product decisions here at Nucleus.
Numerous enterprise customers that are using Nucleus’s asset grouping feature to represent organizational taxonomy and ownership, requested the ability to report on how assets in an asset group performed in a given time period in contrast to other asset groups for top-level reporting and performance benchmarking purposes.
So we added the ability to report on metrics at the asset group level. This new Executive Group Comparison Report includes a comparison between asset groups in a specific timeframe and the unique and total vulnerabilities on the assets in the group.
The Executive Group Comparison Report is highly customizable, allowing you to optionally include vulnerability severity counts as different sections amongst other features:Read More
We’re delighted to announce an integration with Tanium! Tanium is a popular platform for endpoint security at enterprise scale and Nucleus now supports several Tanium products: Tanium Comply for vulnerability and compliance findings on infrastructure, and Tanium Asset for asset inventory.
The integration allows customers to post data from Tanium to Nucleus on a recurring schedule. Tanium generates huge volumes of data, so it was important to streamline the ingestion of extremely large files in a performant way.
Now customers of Tanium and Nucleus can enjoy the benefits of syncing hardware and software assets, as well as ingesting vulnerabilities and configuration compliance findings discovered in infrastructure assets by Tanium, with data from other tools for an enhanced global view of all assets and vulnerabilities across the organization.
Not only that, but customers can also leverage asset metadata from Tanium to create fine-grained automation rules that make it easy to abstract away many of the manual and time-consuming tasks like grouping assets, assigning assets and vulnerabilities to individuals and teams, and setting due dates to enforce SLAs.
If you’re interested in learning more about the Tanium connector, please reach out to your friendly customer success representative!Read More
We’re excited to announce that the Nucleus asset model now has in-depth support for both the OCI and Docker image and registry specifications.
These specifications define how container images are represented and passed around by servers and container registries, as well as how the uniqueness of a container image is calculated.
In this latest release, we’ve updated the container image asset model in Nucleus to implement all of the features of these specifications, setting the groundwork for ingestion and correlation from many different container image scanning tools as well as future features.
Viewing Container Images in Nucleus
We’ve updated the Nucleus user interface to give you a better understanding of your container images and the information on them.
The asset management page’s grid now shows you all of the relevant and available information relating to a container image, with expanded information when you hover over a particular image.
Viewing a specific container image now also shows you all of the extended details about that image, including the primary registry that it is stored in and the platform it was compiled for.
Secondary registries can be added by editing the asset, or by updating it via the API or with a custom Nucleus scan file.
Speaking of API and custom Nucleus scan files, both have been updated to include full support for this new container image model. Find out about the available fields here.Read More
When you think of speed, many things may come to mind:
In vulnerability management, using many of the common tools you may feel like you’re working in slow motion, and driving a prius instead of a race car. At Nucleus, we’re constantly striving to improve your experience and the speed of your vulnerability management process with features that actually make a difference in how you work at any size or scale. That’s why we’re so excited to announce improvements to two of the most heavily used pages in your Nucleus console.
Like a shot of adrenaline straight to the heart, the Asset Management page has been injected with something special to make it lightning fast. Until now, if your project was exceptionally large, with tens of thousands of assets or groups, the Asset Management page took longer than we’d have liked to load and perform actions. Now you too can feel like the mighty cheetah chasing down your gazelle of critical vulnerabilities on the rump.
With this latest update, we’ve improved page load and action performance by as much as 6000% (yes, really). This will stay true for a project of any size.
This update also includes the introduction of paging (view up to 5000 assets per page) for simpler table organization, and re-imagined group actions for easily adding or removing assets to/from groups at scale.
Import History Page
This page also needed a little bit of sprint training to load fast with tens of thousands of scan results, and now also loads extremely quickly regardless of the number of historical scans you’ve done (bring on the continuous monitoring!). We’ve also made some exciting changes to make it easier to navigate and investigate any previously imported scans.
Filters have been introduced for each column, enabling you to narrow down on the scan that you’re interested by source, scan date, description and filename, with a total scan number dynamically updated after a filter has been applied. Paging has also been introduced so that you can easily navigate to the scan that you’re looking for.Read More
At Nucleus, we strive to continuously level up our attention to detail and quality of implementation with each new release. One customer recently noticed and told us that our approach is “refreshing compared to many other security vendors”. We thrive on feedback like this so please, don’t hold back! We’re continuing to upgrade our application across the board in all areas, so expect to see continued improvements over the coming months and years.
In this release, we’re very excited to announce Nucleus Teams! This is a completely new set of features across the platform for managing vulnerabilities and assets across groups of users. With Teams, you can solve one of the most challenging issues in vulnerability programs, how to represent ownership of assets and vulnerabilities on those assets. Within Nucleus, Teams can now own and support assets, as well as be assigned vulnerabilities intelligently, either using the Nucleus Automation Engine or manually. Using the Vulnerabilities Assigned To My Team page, users within your organization are now a core participant in your vulnerability management program and will have all the context and information they need to drive faster remediation activities at scale. You can find out more about the Nucleus Teams release here!
We’ve also released a much-anticipated power feature for managing vulnerabilities at scale - the ability to bulk edit vulnerabilities. Now you can use the UI to make sweeping changes to the vulnerability data you manage, such as updating a vulnerability attribute (e.g. changing the severity) or completing a workflow task. Click here to read more about this new feature!
No release is complete without some connector news! We are pleased to announce the beta release of our new GitHub Connector for Code Scanning, enabling you to easily import CodeQL scanning results for source code repositories into your Nucleus project.
Finally, we also released some significant speed improvements for viewing vulnerability data in the platform. Both the vulnerabilities trends page and the resolved page should now load almost instantaneously, representing (in some cases) up to a 3000% increase in speed.
Check out the full release notes below for a complete list of changes!
Complete list of changes and bug fixes
NEW You can now create and manage Teams in a Nucleus project.
NEW Assets can now be owned and supported by Teams. This can be applied manually and via automation.
NEW Vulnerabilities can now be assigned to Teams manually and via automation.
NEW The Nucleus Custom File Schema now supports setting the business owner team and support team.
NEW Asset filters have been updated to be able to filter by business owner team and support team.
NEW Vulnerability filters have been updated to be able to filter by assigned team.
NEW There is a new Assigned To My Teams page for viewing vulnerabilities assigned to your team.
NEW There is a new GitHub Connector for Code Scanning. This connector is in beta and supports ingesting CodeQL analyses from organisations on GitHub.com.
NEW The Active Vulnerabilities page now has a bulk edit feature for making changes to vulnerabilities at scale.
NEW The Vulnerabilities Trends and Resolved pages now load significantly more quickly.
UPDATE The Rapid7 InsightVM connector now imports agent-based scans.
UPDATE Microsoft Defender for Endpoint vulnerabilities with a None severity is now set to Informational in Nucleus.
UPDATE Processing of Microsoft Defender for Endpoint scans is now more performant.
BUG FIX Fixed an issue where the AWS ECR Connector was scheduling the same rule more than once.
BUG FIX Fixed an issue where some container images from AWS ECR were not being imported.
BUG FIX Fixed an issue where the scan description for Nessus scans was updated incorrectly.
BUG FIX Fixed an issue where filtering on the trends page was not correctly rending all dates.
BUG FIX Fixed an issue where vulnerabilities in specific situations would not open from the asset vulnerabilities tab.
BUG FIX Fixed an issue where email addresses were not being shown for users in a project.
BUG FIX Fixed an issue where assets with vulnerabilities from both Tenable.io and Tenable.sc were not persisting as resolved.
BUG FIX Fixed an issue where manually mitigated findings were not marked as manual when opened and resolved on the same day.
BUG FIX Fixed an issue where manually mitigated findings were not included in the total mitigated findings count.
BUG FIX Fixed an issue where API logins were not counted towards the last login date.
BUG FIX Fixed an issue where scheduled report criteria was being reset while updating the report settings.Read More