Phew. It’s been a great start to the year here at Nucleus Security with another release jam packed full of new functionality. See below to find out more!
In this release we have turbo-charged our ticketing automation functionality so you can get more out of ticket workflow management.
Tickets that have been raised using one of our ticketing connectors are now responsive to changes in the vulnerability source tool. For example, when a new instance of a vulnerability that has been previously raised in an open ticket is found, that existing ticket will be automatically updated with new information. What’s more, you can optionally have a ticket close in the downstream system when it’s been identified as remediated in Nucleus!
It’s now also easier to retrospectively run ticketing rules over existing data sets. This means that if you decide to turn on ticketing in a Nucleus project later down the line, you can raise tickets against existing vulnerabilities that match your ticketing rule at the tap of a button.
Finally, where supported within the ticketing system, Nucleus will automatically upload a csv file containing all of the affected assets for easier data export and parsing by support teams. We hope that this change will make it simpler to remediating vulnerabilities for technical teams.
We’ve made a change to our notifications section which we hope you’ll agree, make a lot more sense: we’ve moved the automation rule configuration for chat connectors to the Notifications section within Automation, rather than Ticketing & Issue Tracking.
We’ve also released a brand new connector for Microsoft Teams. This one has been asked for by a lot of customers, so if you haven’t yet had a chance to check it out, do so today!
There are a few improvements to the Nucleus Custom File Schema, making it easier to get asset and finding data in to Nucleus:
The API has also been updated to return a container image’s tag, repository URL, digest and distro when querying for assets.
This release we’ve introduced improved support for Multi Factor Authentication (MFA) by enabling the use of TOTP tokens for users. User can now configure a TOTP token by navigating to their User Profile, selecting the 2-Factor Auth tab and following the steps to set it up with their app of choice (e.g. Google Authenticator).
The Tenable.io connector now supports ingesting by asset tag and network in addition to the existing ingestion by scan functionality. This update makes the connector far more flexible, as you can now ingest large volumes of data across different scan types using a single tag.
The Tenable.sc connector has similarly been updated to also be a host-based connector. In addition to importing by asset, this connector can now leverage Queries to import vulnerabilities in to a Nucleus project using custom logic that is defined in your instance of Tenable.sc.
Both connectors have also been updated to improve the speed of vulnerability ingestion, and to ingest any additional asset information as Additional Metadata, which can be used as asset criteria in Automation rules.
Note: Tenable has decommissioned the API’s which are used for ingesting by scan in both Tenable.io and Tenable.sc. Nucleus will continue to support ingesting by scan until these scan API’s have been removed. Consequently we highly encourage customers to migrate existing vulnerability ingestion automation rules to leverage one of the new ingestion methods.
The SonarQube and SonarCloud connectors have both been updated to allow for more configurability on import. Now when setting up the connector, you can choose which types of findings (vulnerabilities, security hotspots, bugs and/or code smells) to import in to Nucleus.
We’ve also updated the connectors to ingest far more data in to Nucleus:
We’ve made some minor updates to the Qualys WAS connector to improve the speed of import. The connector now also ingests CVSSv3 scores for each vulnerability where available.