Kenna Release Notes – Kenna FAQ

Q4 2019 Release Notes

VRM now incorporates the ability to benchmark mean time to remediate vulnerabilities vs other companies in your industry.

Added total mean time to remediate for a given Risk Meter. It was added to the existing Mean Time To Remediate chart in risk meter reporting for additional context beyond severity breakdown.

Removed the Total Ticket Progress Over Time graph from the home page for clients with no ticketing integrations.

Changed 'Solution' field in the API & exports to have more specific data. Note: the file size will grow. This change will not impact the 'solution' field in the CSV export - that will continue to be the fix title + fix URL.

Adjusted Webinspect Connector scores to align with our scoring methodology.

Instituted a change in the Veracode Connector for AppSec. Previously we were only importing the latest findings field – at the behest of several customers we’ve now changed that to "all findings". As a result customers might see an increase in the number of vulnerabilities in their environment, it’s also possible that risk scores might change.

Improved usability of Dashboard Views:

Client admins can create a global dashboard view
Client admins can share a dashboard with a role or group of roles
Client admins can share a dashboard and create global dashboards via the API
Users are able to choose a default dashboard view

Q3 2019 Release Notes

VMware Partnership announced. Kenna's vulnerability risk intelligence is integrated with VMware AppDefense, a part of the VMware vSphere Platinum offering, to empower virtual administrators with vulnerability risk scoring, context, and prioritized patch recommendations.

Kenna made significant improvements to the underlying Dashboard code which resoluted in improved Dashboard Performance, decreasing page load times and increasing navigation speed for an overall improved customer experience.

Explore page containing a large number of groups will now have much faster load times.

Additional Connector Health Improvements: We’ve added increased specificity to the error message if the connector fails to help diagnose and remediate issues more quickly.

Incorporated underlying improvements to the Application Sort function permit rapid sorting of applications by Highest Risk Vulnerability.

Kenna App in the ServiceNow Store. It will display the Kenna Risk Score for CVEs pulled from Kenna into ServiceNow.

Admin now how the ability to set custom permissions via the API.

Enhancements to Veracode Connector:

Login with API key, instead of username and password
Create an asset for each unique URL, associate vulnerabilities to those unique assets

Added Support for JIRA Oauth Authentication.

Added support for IBM Security AppScan Enterprise Connector.

Q2 2019 Release Notes

What a busy quarter! Kenna engineering has been working really hard delivering upgrades all over the app and the API.

API Documentation has been improved and is now easier to navigate and interact with. Check it out here.

AppSec Reporting can be accessed from the AppSec menu, and includes your application risk summary scores and charts.

AppSec API Endpoints were also introduced, so you can add applications and manipulate them from our API.

Kenna Agent is a new alternative for on-prem installed connectors and is available for a limited number of products right now, including Nexpose and Sonatype. Also new is a helpful UI for setting up the Agent (found in the "Add Connectors" setup area). More information on setting up the Agent can be found here.

Connector Health is an addition to the Connectors page that shows whether the most recent connector run was a success or failure, and if it failed what the reason was.

True Risk is an indication of what a Risk Meter's score would be if it included vulnerabilities that have been Risk Accepted. This number will show on any Risk Meter Reporting pages where risk accepted vulnerabilities are present.

Cherwell connector has improved functionality and can now be configured exactly as desired. See this page for how to customize your Cherwell connector.

API Keys are now able to follow a user's permissions - so your read only users can access the API and have read only access. More details on this can be found on the API Keys help page.

Persistent Due Dates are now available as an option on your SLA Policy page. For customers in heavily containerized environments, this can be very useful to track vulnerabilities that are ongoing with spinning down and spinning up new containers.

Screen_Shot_2019-06-26_at_12.59.44_PM.png

Netsparker connector has been extended to pull the CWE or WASC identifier, if available.

Qualys connector was updated to distinguish between the Exploitable and Non Exploitable parameter that they have.

Threat Feed API has several additions - we have added the CVSS Temporal scores and now allow you to query it for multiple CVE details at once. It accepts comma separated CVEs (limit of 600 CVEs at a time).

Jira connector assignee list can now be configured to be set to a typeahead field. This is extremely useful for Jira setups with a large number of users. This can be configured at the connector level - reach out to Support if you want to turn this on for your instance!

Q1 2019 Release Notes

Kenna released a major UI update for our Application Risk Module, as well as some smaller improvements for Remedy ticketing users and API users.

Application Risk Module UI Update was launched in January and creates a completely new and custom experience for ARM customers. It allows you to see your applications in a more logical manner and accommodates free text metadata, in addition to reports for each of your applications. More detailed information is available on the ARM help page.

Remedy Ticketing was updated with improvements to templates and ticket creation.

CSV Export now has a column for the associated service ticket number and the service ticket status.

Asset Detail View can now be sorted by Application name.

CVSS v3 scores were added to the UI and can be seen on some vulnerabilities in the Explore view.

Screen_Shot_2019-04-04_at_2.24.24_PM.png

API Keys are now contained on a page accessible by Kenna Admins. From Settings page, Kenna Admins can access the API Keys page and see which of their users have API keys and interact with those keys.

Screen_Shot_2019-04-04_at_2.52.56_PM.png

There is now the ability to generate a key or revoke a key from a user's User Detail page as well.

Screen_Shot_2019-04-04_at_2.50.31_PM.png

Sonatype Connector was extended to allow for customization for which field Kenna pulls in as the Application Name.

Q4 2018 Release Notes

As we close out the year, Kenna pushed some big, exciting features! Thanks for being a customer this year, we hope you enjoy these enhancements to the Kenna experience!

Home Tab was launched to provide you with a more robust at a glance. For more detailed information, see the help page here.

Benchmarking your total risk score is now available for comparing your score with your industries (and other industries in our database). For more detailed information, see the help page here.

API Keys were migrated from one-per-company to a per-user basis. That means that a unique API key can be generated for every individual user that needs one.

Tenable Performance Improvements were made to speed up Tenable connector runs.

New Connectors:

Kenna Data Importer
Hackerone (in beta test phase)
Checkmarx (in beta test phase)
InsightVM (in beta test phase)

Q3 2018 Release Notes

Q3 saw some exciting improvements to the platform, as well as a new Threat Feed and several new and improved Connectors.

Role Based Access Controls are now available to administrators to create custom permissions for their users from a list of present permission groups. These can be found under User Roles from the Settings menu when selecting "Custom Access".

Microsoft Superseded Patches are now supported in Kenna. Any fixes that are superseded by another patch will be rolled up to the most recent patch.

Custom Field Sort is available now on the Explore page.

Updated Connectors:

Bugcrowd - now importing remediation advice in the Scanner Fixes field
WhiteHat - now displaying the Severity field
OWASP ZAP - improved data import quality
Qualys - improved data import quality

New Connectors:

Tanium Comply (in beta test phase)
Cherwell Ticketing (in beta test phase)
Acunetix

As always, if you're interested in beta'ing a connector, just contact your Customer Success Engineer or other Kenna Security support person!

New Threat Feed - Proofpoint Emerging Threats Intelligence has been added as a threat feed to Kenna's Predictive Modeling Technology. Your vuln scoring now includes data points from Proofpoint, among other best in class threat feeds.

Q2 2018 Release Notes

Several API enhancements. See API changelog.
Application Risk Module launched.
Exploit Predictions launched.
AppSec Top Fixes added.

Q1 2018 Release Notes

Several API enhancements. See API changelog.
Filter vulnerabilities by running kernel via Qualys connector.
Custom vulnerability risk score override.
New BugCrowd connector launched.
Customize SLA Policies based on found dates, creation dates, or published dates.
Imperva WAF connector launched.
WhiteHat Source connector launched.
OWASP ZAP connector launched.
BlackHat exploit kits now monitored and tracked.
Proofpoint Emerging Threats intelligence added.
New Risk Accepted Over Time chart.
New False Positive Over Time chart.

Q3/4 2017 Release Notes

Several API enhancements. See API changelog.
New CSV Uploader
Asset details page now filters vulnerabilities by status

Summer 2017 Release Notes

Several API enhancements. See API changelog.
Bulk editing of Asset owners in Home.
Support for Fortify On Demand formats via the Fortify connector.
New BlackDuck connector launched.
New Outpost24 Outscan connector in beta.
Support for custom values in ServiceNow ticketing connector.
Support for ServiceNow CI ID as an asset identifier in Kenna.
Support for multiple IP's per asset in ServiceNow CMDB connector.
Support for new WebInspect format.
New Malware Exploitable filtering and info on vulnerabilities.
Support for multiple templates in ServiceNow Ticketing connector.
Asset operating systems updated by OpenVAS connector.
Support the tracking of vulnerability statuses of the same vulnerability on multiple ports of a single asset.

Spring 2017 Release Notes

Several API enhancements. See API changelog.
Scanner scores are now available in the Vulnerabilities tab on the Home page.
Dashboard 2.0 is here!
ServiceNow CMDB Connector beta release. Contact your Customer Success Manager for access.
Asset IDs added to Top Fixes exports
New "Include All Assets" filter on the Home page.

Winter 2017 Release Notes

Number of Fixes added to Risk Meter summaries in dashboard & reports
Remedy Connector launched for Remedy On Demand and on-premise
Jira connector now supports Jira 7 and Jira Cloud
Checkmarx connector launched
New Alert: Connector Failure
Notes field now included in CSV exports

Fall 2016 Release Notes

ServiceNow connector now supports custom tables
Kenna now supports CWE identifiers in addition to WASC-TC and CVE
Nexpose and Qualys connectors now create individual entries for "informational" vulnerabilities
Subscribe to reports
All file based connectors now support .zip uploads
SAML support is here!
Several API enhancements. See API changelog

Summer 2016 Release Notes

Launched new SLA Settings to automatically set due dates for vulnerabilities.
Launched new Alerting feature!
Added separate connector for Qualys WAS
Auto-tag assets with application name from Qualys WAS
Search on "vulnerability_found" dates in Home. More search syntax here.
Link to vulnerabilities list in Home from both Top Fixes Vulns Affected and Fixes tab Vulns Affected
Added current Risk Meter score, risk reduction score, operating system to Top Fixes CSV
Display alternative Fixes for a vulnerability from Fixes tab or Top Fixes
Added ip address restrictions on access of Kenna instances
Added ability to perform a negative search on fix published date
Changed Top Fixes CSV export format to one asset/fix per line
Several API enhancements. See API changelog
Added D2 Elliot exploits to platform and Easily Exploitable filter

Spring 2016 Release Notes

Edit Risk Meter Groups criteria using the pencil icon from the Home page
Several API enhancements. See API changelog
Edit Risk Meter Group names from the Dashboard using the pencil icon
Added "Send via Email" to Top Fix Groups
Added ability to sort Fixes by number of vulnerabilities addressed in Fixes tab
Added ServiceNow & Jira integrations to Top Fix Groups
Top Fix Groups: We've added a list of top fixes by risk reduction for each Risk Meter
Support for Auto-Close of vulnerabilities imported from McAfee VM
Added a Consequence tab for Fixes to display the potential risk of not fixing a vulnerability
Support for Qualys hierarchal tags
Added ability to search on Fix Published dates. Example: fix_published:<2015-11-01
Accept .fpr file uploads with the Fortify connector
Display Qualys protocol information along with ports in Asset details page
CVE description added to the Vulnerabilities API end point
Include Solution information in ServiceNow tickets
Re-activate inactive assets that are found by a scanner
Increased password complexity requirements

Winter 2016 Release Notes

"grey out" Risk Accepted and False Positives in vulnerability grid on Home
Vulnerability grid on Home is now sorted by Score (high to low)
Added several new search functions including: scanner_id, absence of service ticket, and leading wildcards. See doc for more details.
Added Risk Meter score to Vulnerabilities tab in Home.
ServiceNow Connector Updates:

Support for ServiceNow templates
Populate tickets with Scanner IDs

Tenable SecurityCenter tags now imported by connector.
Several API enhancements. See API changelog.
Role Based Access Control - Details here.
Reporting 2.0 - Details here.
Automatically inactivate assets based on "last seen" date using Asset Settings menu.
New Nessus Importer connector to import scan info without running a new scan.
Vulnerability due dates associated with individual vulnerabilities.
Filter for Remote Code Execution vulnerabilities in Home page.
Added ability to perform a re-scan of a vulnerability using Nexpose connector.
Added support for Qualys EC2 asset tracking method.
Added support for Qualys Canadian platform.

Summer 2015 Release Notes

API Updates

There were several updates made to our RESTful API. See API doc for changelog.

Qualys Connector Updates

Ability to pull in PCI flag value of Qualys vulnerabilities and filter on it.

Security Center Connector Updates

Ability to pull in “Risk Accepted” vulnerabilities from Security Center and store them with a Risk Accepted status in Kenna.

UX Updates

Persistent setting preferences in datagrid display (Home page). Ability to hide asset tags when viewing assets and vulnerabilities tabs in Home page.

New Integration

We launched our ServiceNow integration allowing Kenna users to generate and track service tickets directly from Kenna.

Winter 2015 Release Notes

Added Massive Bulk Edit Operations on Vulnerabilities.
Added Risk Accepted vulnerability state.
Added False Positive vulnerability state.
Discovered dates now displayed in the vulnerabilities table in Home.
Closed dates now displayed in the vulnerabilities table in Home.
Ability to filter on vulnerable ports in Home.
Support for Nessus 6.
New Dashboard Compare tab displays vulnerabilities trending by operating systems and tags.
API Updates: There were several updates made to our RESTful API. See API doc for changelog.

Q4 2014 Release Notes

Add Massive Bulk Edit Operations on Assets.
New OpenVAS Connector.
New McAfee Vulnerability Manager Connector.
Display and sort assets by Risk Meter score.
Add ability to send Fixes via email.
New Type Ahead searching of asset tags.
Zero Day Vulnerability flagging of assets.
Ability to download fixes to csv.

Summer 2014 Release Notes

New Simplified Changelog Format

Filter vulnerabilities by locator type.
Add color scales to Risk Meter hover: Hovering over a Risk Meter exposes the green, yellow, red color scale.
Beyond Security connector: Kenna now integrates with BeyondSecurity vulnerability scanner.
Qualys certificate authentication: Qualys connector now works with Qualys certificate authentication.
Expose references, CVE's and assets for each “fix” in Fixes tab.
Dell CTU threat data now included and correlated with vulnerabilities.
Threat Trends: Dashboard now includes ThreatTrends pane including successful exploit and attack data across all of our threat sources.
Qualys WAS connector: Kenna Qualys connector now pulls associated Web Application Scan data from Qualys.
Fine grained scan scheduling: When scheduling Nessus scans through Kenna you can specify exact time of scan.
Individual RM asset scores displayed in asset table: Each asset in asset table includes color coded risk meter score for that asset.
Filtering of Fixes view: When filtering vulnerabilities or assets, only the Fixes for those vulnerabilities and assets are displayed in Fixes tab.
Include scanner ID’s in Omniview vulnerability table: ID's from scanner vulnerabilities can be displayed in Vulnerabilities tab.
TypeAhead suggestions for tags.
API Updates: There were several updates made to our RESTful API. See API doc for changelog.

March & April '14 Release Notes

Dell SecureWorks Integration

Kenna now offers full integration with Dell SecureWorks. SecureWorks customers have Single Sign On between the Counter Threat Platform and their Kenna instance. All asset information synched in Kenna can be imported into the SecureWorks Counter Threat Platform.

Web Application Attack Correlation

Kenna now tracks web application attacks from over 50,000 web sites and correlates those attacks with your open vulnerabilities in order to prioritize remediation on those that are under a large volume of attack.

Additional Fields Included in Data Exports

We've added additional fields to vulnerability exports. The additional attributes include custom fields, active internet breaches, and easily exploitable vulnerabilities.

API Updates

We continue to add more functionality to our RESTful API. The latest updates allow for automating your vulnerability management program with file upload and connector run capabilities. The majority of API updates were to the Connectors end point. You can find a list of our API updates here.

January & February '14 Release Notes

Deactivate Assets

Kenna now has the ability to deactivate assets within your account. This allows users to filter these deactivated assets out of their asset and vulnerability views and not include any of these stats within your dashboard metrics. Just like tagging and prioritizing, you can deactivate assets in bulk using our bulk editing menu that appears after selecting multiple assets.

IP Address Range Searching

A common operation requested by our users has been searching assets by IP ranges. With this newly added search syntax you can now look for groups of assets by IP range. The search syntax is specific, for example, to search a range from 192.168.1.1. - 192.168.100.100 use the following search: ip_address_locator:[192.168.1.1 TO 192.168.100.100]

User Interface Redesign

Our New User Interface Provides All Data in a Single View.

You've probably noticed this one but we have completely overhauled the user experience. With our new interface we have combined assets, vulnerabilities, and patches into a single, filterable and searchable view. All of the filters in the right hand sidebar will filter your view against all of these and include a Risk Meter score. Creating asset groups and Risk Meters for the dashboard are all within a click of this new omni-view. You can read the full details here.

Perimeter Scanning

With the help of our partners at Qualys, Kenna now offers perimeter vulnerability scanning that is fully integrated within the application. You can kick off perimeters directly from our sign up process or by creating a perimeter scanning connector using the Connectors tab.

December '13 Release Notes

Vulnerable Ports

For several connectors including Nessus and Qualys, Kenna now tracks vulnerable ports. Once a connector run is complete, you can filter your vulnerabilities by vulnerable ports from within the Vulnerabilities tab. This can be helpful in several use cases. One example: If you have multiple web services running on an asset and receive an SSL vulnerability, you can track this vulnerability to the vulnerable service running.

If a vulnerable port is detected, that port will also be added to the asset in the Assets tab as an open port.

Qualys Dynamic Asset Tags

In addition to Qualys Asset groups, Kenna will now automatically create new asset tags when a dynamic asset tag is discovered within Qualys. This will allow users to filter and report on these dynamic asset tags within Kenna, as well as create Asset Groups and associated Risk Meters for their dashboard.

Nexpose Site Tags

Our Rapid7 Nexpose connector will now automatically tag assets with their Nexpose Site Name as they are synched into Kenna. This will allow users to filter and report on these site tags within Kenna, as well as create Asset Groups and associated Risk Meters for their dashboard.

Performance Improvements

We've deployed tremendous performance improvements largely due to our new search and indexing infrastructure. In December we migrated our search and indexing over to Elastic Search primarily for performance reasons. With Elastic Search the Vulnerabilities tab loads on average 50+ times faster than previously and the Assets tab loads on average 30+ times faster than before. The differences are obvious and we think you'll be pleased. We're not done though, watch for more performance increases coming soon to a production environment near you.

Nexpose Auto-Close

On the heels of launching auto-close for Nessus, Kenna now supports auto-close for Nexpose as well. This works for both the Nexpose XML and Nexpose API connectors. Kenna will now monitor the differences in your scan outputs from Nexpose and automatically close vulnerabilities that are no longer detected, making it much easier to track state of your vulnerabilities over time.

Expanded Port Filtering

Last month we began tracking vulnerable ports and allowing users to filter on the top 10 vulnerable ports and top 10 open ports across their environment. This month we expanded the filtering and reporting capabilities to include all vulnerable and open ports.

On-Premise Jira Support

Through our virtual tunnel appliance, we now support on-premise Jira integration with Kenna. You'll need to deploy your virtual tunnel appliance on your network where it will have access to your Jira server and make sure you check the "use Virtual Tunnel" option within your Jira connector configuration. For more information on our Virtual Tunnel appliance please contact support@kennasecurity.com.

More API Improvements

We continue to make enhancements to the API. Some of the recent improvement include a partner API for managing client accounts and SSO integration. For a full least of API features and changes please see our API documentation: https://api.kennasecurity.com.

November '13 Release Notes

Nessus Auto-Close

The latest versions of the Nessus XML and API connectors produce deltas and auto-close vulnerabilities no longer found. The connector analyzes which assets were scanned with which plug-ins to determine whether or not the asset is still vulnerable to specific vulnerabilities. If they are found to have gone away, our connector will now auto-close them in Kenna for centralized tracking throughout the vulnerability lifecycle.

To learn more, see our blog post on Nessus Auto-Close.

October '13 Release Notes

Risk Meter Dashboard

The Risk Meter dashboard provides an at-a-glance view of security risk across organizational assets. With the new dashboard, you can now save a Risk Meter based on asset groups to view at any time within your dashboard page. New asset groups are automatically saved to the dashboard for later viewing. You can also create asset groups directly from the dashboard just by clicking on the New Risk Meter button.

The Risk Meter Dashboard provides this view of security risk across any group of assets.

Asset and Vulnerability Groups

Saved search has been modified to allow for the creation of asset and vulnerability groups. These groups can be created through any of the filters, tags, and searches used in the assets and vulnerabilities tab. All Asset Groups are automatically saved to the Risk Meter Dashboard as noted above.

To save an Asset or Vulnerability group just perform a filter or search against your assets or vulnerabilities and then click Save. You will be prompted to name the asset or vulnerability group. You can then view the group at any time with the link provided in the upper right of the sidebar.

Filter Assets by Connector

You can now filter your assets by connectors. This can be used to quickly tag all assets coming in from a given connector or creating asset groups by connector. You'll find the connector filter in the sidebar of the Assets tab.

Qualys Tag Importing

In addition to Qualys asset groups, Kenna now automatically imports Qualys asset tags and tags those same assets. This allows for greater continuity between your Kenna and Qualys asset structure. This update does not yet include Qualys dynamic tags which will be added in a later release.

More API Improvements

September '13 Release Notes

Risk Meter

The Risk Meter is an asset-based measure of the security risk a group of assets poses to an organization. Our proprietary algorithm is based on the following signals:

Adjusted CVSS: We adjust the scores with an algorithm which ensures that CVSS is a better indicator of the probability of a breach.
Exploit Analytics: Does a vulnerability have known exploits or breaches and are they being observed in the wild? Is this vulnerability a popular target?
Asset Priority: How critical is the asset to your infrastructure? You can modify this priority in bulk or individually.

The Risk Meter will give you an at-a-glance look at your risk across a select group of assets. As you filter your assets your Risk Meter score is dynamically updated. To view the Risk Meter just navigate to the Assets tab.

Dynamic Patch Reports

As part of the launch of the Risk Meter, we now have a dynamically updated patch report to match each Risk Meter. As you filter or search against your assets, the Risk Meter score will update to reflect those assets and the patch report will include the patches and advisories related to the assets within the current view. The patch report itself is sorted in order of risk reduction prioritizing the patches that will have the greatest effect on your environment.

You can view the new dynamic patch reports within the Assets tab located directly under the Risk Meter.

More API Improvements

We continue to make enhancements to the API. Some of the recent improvement include primary_locator's to asset responses, asset id's to vulnerability responses, definition data to vulnerability responses and much more. For a full least of API features and changes please see: https://api.kennasecurity.com.

Qualys Asset Tag Import

In addition to Qualys asset groups, we now automatically import Qualys asset tags and tag your new assets with those tags. This allows users to maintain a structure they have established within Qualys and then expand on it with additional tags and meta data. The QualysGuard connector will automatically pull in these tags with your new assets.

August '13 Release Notes

Nessus API Connector - Command & Control
We added a connector for Tenable Nessus that takes advantage of the Nessus API. This connector is in addition to both our Nessus XML connector and the Security Center connector.

With this newest connector Kenna users can schedule the importing of vulnerabilities and assets on a daily, weekly or monthly basis. Our Nessus users can also schedule and kick off scans with their Nessus scanner directly from Kenna. By combining this new functionality with our virtual tunnel, you can ensure all of your on-premise scan reports are loaded automatically into your instance of Kenna.

New Asset Filtering & Searching

New facets have been added to the Assets tab. You can now filter your assets by Service Names, Open Ports, Service Protocols, Service Products, Connector Names, and Connector Types.

We recently wrote a blog post on some examples of using the service and port filtering in combination with nmap scans. Check it out and let us know what you think.

Multi-Tag Roles
We received a lot of requests from our users in expanding our role-based access controls to allow for multiple tags to be assigned to a role. Well you asked and we delivered.

With multi-tag roles, you can take advantage of existing structure setup in your scanners to grant access to specific assets as they show up in Kenna to only those who need it. This gives our users the ability slice up their reporting and dashboards by many tags while still managing a smaller amount of roles by grouping tags within them.

Qualys EU Platform Support
Our Qualys connector integration has been extended to support the Qualys EU platform. The connector works just as before but now gives you the option to authenticate to both the US and EU Qualys platforms.

API Improvements
In addition to several performance improvements made to our API we have also added new data such as returning all tags associated with an asset when pulling asset data via the API. You can find more details about these changes and all of our API functionality at api.kennasecurity.com.

Expanded Virtual Tunnel Capabilities
We expanded the connectors our Virtual Tunnel works with to include the new Nessus API connector, the Nexpose API connector, the Jira connector, and the Qualys connector.

Our virtual tunnel is a virtual appliance that allows for connectivity between your Kenna instance and your on premise tools.