Release 3.17.1

April 01, 2024

What's New?

CA pill

Cloud Agent

Updated Maximum Scan Delay and Scan Randomize Interval

With this release, you can delay the first Cloud Agent scan or interval scan up to 24 hours. The maximum value of the Scan Delay and Scan Randomize is updated to 1440 minutes from 720 minutes. The change is also applicable to the VM and PC interval scans. 

Currently, the Cloud Agent performs the first scan between 0 to 720 minutes after the Cloud Agent is installed. An increase in the Scan Delay value helps eliminate temporary and short-lived cloud instances that are created and deployed throughout the day from the scan. 

 This feature will be available only when the Windows and Linux Agent binaries with delay interval scan support are available. For supported agent versions, refer to the Features by Agent Version section in the Cloud Agent Platform Availability Matrix.

To define or update the Scan Delay and Scan Randomize values, navigate to VM Scan Interval and PC Scan Interval tabs in the Configuration Profile.

For example, updating VM Scan interval:

Update VM Scan interval.

You can configure the new Scan Delay and Scan Randomize values for the existing profiles or for a new profile with the require Cloud Agent versions.

VMDR pill

Vulnerability Detection and Response

Introduced EPSS Score in QDS

The Exploit Prediction Scoring System (EPSS) is the newly added attribute in the QDS Technical Attributes factors. EPSS is one of the supporting factors that enhances the prioritization of the vulnerability and its remediation efforts. It provides the probability of a vulnerability that can be exploited over the next 30 days.

The EPSS score will only be available for the QIDs that have a CVE associated. 

The following screenshot of the Vulnerability Details, displays EPSS Score in the QDS Details section:

EPSS Score.

For more information about other fields and sections in the Vulnerability Details, refer to VMDR Online Help.

Display Result as Tags for Table Widget

We have added Tags as the new option to display results for the Table Widget. This option helps to generate your query results based on Tags. You can use this option to generate a collated data for Asset Count, TruRisk Score and Vuln Count. You are required to have Add Tag or Remove Tag permissions enabled from the Administration application to access this option.

The following screenshot is an example of the Display results as Tags option that displays the Asset Count and TruRisk Score data for the Tags attached to the Windows asset:

Tags option in the Table widget.

For more information about Tags in Table widget, refer to Unified Dashboard Online Help.

Introduced Vulnerability Detection Searches and Dynamic Tags

Vulnerabilities tagging provides a flexible and scalable way to manage various workflows. You can create tags based on the scope, available remediation, actionable activity, or pending remediation. Dynamic Tag allows you to define Tag Rules. You can now apply dynamic tags using the Add Tags option in the Actions drop-down menu of the Vulnerabilities tab. The following screenshot displays the Add Tag option:

Add Tags drop-down option in the Actions menu of Vulnerabilities tab.

To apply any asset tag rules you need to have VMDR (Trial/Purchase) + GAV/CSAM (Trial/Full) and Non-VMDR/VM + CSAM (Trial/Full) subscription. This requirement is not applicable for Vulnerability Detection Searches type of Tag Rule. 

For information about steps to add tags, refer to VMDR Online Help

New Tokens

Token Name Description
vulnerabilities.riskFactor.cisaKnownExploits This token lists the QIDs that are impacted due to CISA Known Exploits. 
vulnerabilities.riskFactor.threatActorName Use this token to identify the QIDs that are affected by the threat actors such as Labyrinth Chollima.
vulnerabilities.riskFactor.malwareName This token lists the QIDs that are impacted by the malwares. 
vulnerabilities.riskFactor.exploitCodeMaturity This token list the QIDs that can be exploited basis the existing state of exploit techniques and code availability.
vulnerabilities.riskFactor.trending Use this token to get the list of QIDs that are trending within a specific date range. You can select the date range from the drop-down.
vulnerabilities.tags.name Use this token to help you find the vulnerabilities tag. 

For more information about Vulnerabilities token, refer to VMDR Online Help.

Issues Addressed

The following reported and notable issues have been fixed with this release.

Category/Component Application Description
CA-UI Cloud Agent UI Fixed an issue where customers could not download a complete list of Cloud Agents from Cloud Agent UI.
CA-UI Cloud Agent UI Fixed an issue where performance setting values for a configuration profile failed to match the standard performance level settings.
Portal-Administration UI Administration We fixed an issue where Admin Role Management user was unable to see the list of all users assigned with a scanner role.
Portal API  GAV/CSAM With this release, the issue of degraded API performance is fixed by clearing the Indexing Flow.
VM-Assets Vulnerability Detection and Response This release fixed an issue where the customer was getting an error while launching a scan for tagged assets as the Asset Group tags were not applied to the scanners added to the asset group.
AM&T API Vulnerability Detection and Response This release fixed an issue where Administration UI and search API response had discrepancy in user details as deleted user details were displayed by API when user tried to search with user name.
Shared-Portal Administration We have updated the Activity Logs error messages to remove occurrences of unwanted characters.
AV-UI  GAV/CSAM We fixed an issue where the user with tag-based scoping could see out-of-scope assets that were not present in the tags.
VM - Scan Schedule GAV/CSAM We fixed an issue where the customer saw 'null' in the OS field of the Asset Summary after running a scheduled scan.
ATS, Shared Portal  GAV/CSAM We fixed an issue where changes to the tag tree structure resulted in the tag rule of a tagset not getting updated. This led to missing asset data. The complete list of assets was not identified unless the customer performed a manual reevaluation after changing the tag structure.
CSAM+GAV-UI, Shared - Portal GAV/CSAM We fixed an issue where applying tags to a large number of assets had a long response time or resulted in errors.