(Archived) Kenna Release Notes

Q4 2020 Release Notes

Audit Logs

Allows clients to pull down data regarding user-initiated events that happen in the client’s instance of the Kenna application and the Kenna API.

• Getting Started with Audit Logs
• API documentation

Prisma Cloud Compute Edition (formerly Twistlock)

Kenna released the Prisma Cloud Compute Edition connector on a limited basis.  Please note that this is an on prem connector that was formerly known as Twistlock and is not the cloud native offering known as Prisma Cloud Enterprise Edition. This initial connector release focuses on image vulnerabilities and the containers that run them.

Risk Meter Composition Labels

When you select a risk meter in Explore we've added labels to help you easily understand what data and filters are included in the risk meter group. If the risk meter has a custom string search a user will be able to click on it to see what the search entails. Other labels are not clickable. 

Custom Messaging at Login Screen

Customers can now add custom messaging to their login screen. Add the custom message in the admin settings section.

Q3 2020 Release Notes

Hierarchical Risk Meters

A Hierarchical Risk Meter enables more intelligent, intuitive visualization of data. Allows for a roll-up and a drill-down approach to your data in Kenna.VM.

Benefits include:

• Avoiding Risk Meter sprawl
• Improved visualization
• A more intuitive way to assign permissions
• Easier long-term maintenance

This release includes support for Hierarchical Risk Meters in the UI. Coming soon is the ability to export to CSV for Child Risk Meters. 

• Getting Started with Hierarchical Risk Meters
• Please contact your CS resource or Support to have this enabled.

Incremental Exports

Export your most recently updated data, as opposed to your entire data set. Incremental Exports are the recommended configuration for all customers. https://apidocs.kennasecurity.com/reference#request-data-export

Multiple Asset Inactivity Limits (expanding to a per connector basis)

Customer admin users can now set asset inactivity limit at a connector level, expanding asset inactivity from the previous global only setting.

Setting Asset Inactivity Limits

Roll out of Support for Multiple Identity Providers

Beneficial for any customer that does not have a single centralized platform for SAML.

New Filter for Manually Overridden Assets 

Users are now able to filter assets in Explore by those that have been manually overridden. This is related to earlier Q2 Asset Status Transparency release.

Tenable.SC Enhancements

Assets and vulnerabilities created from Tenable SC both use the fallback value of the connector’s run time for the last seen date. Customers also requested that we use the values that are listed in their instance of Tenable SC.

Tenable.IO now supports Incremental Runs

Please talk to your CS team or Support to enable this new capability for your Tenable.io connector.

Assigning Roles to Risk Meters with Duplicate Names

It is now possible to assign a role based on Risk Meter ID rather than just Risk Meter Name to help to differentiate between risk meters with duplicate names.

Turn off Groups in the Explore Sidebar

For customers with a large number of Risk Meters Groups, turn off groups to improve load time of the Explore page. Use the streamlined Risk Meter navigation (detailed in Q2 release notes) instead. Speak to your CS team or Support to disable Groups in the sidebar. Groups in the sidebar will eventually be sunset by Kenna.

AppSec Explore Enhancements

1. Findings filtering by Risk Score in AppSec Explore
   • AppSec explore enabled customers are now able to filter findings by Kenna Score. This filter option is available along with other “Findings Filters” on the right hand side of AppSec explore.
2. New Text Search Capability introduced in AppSec explore:
   • For those AppSec explore enabled customers you now have the ability to search for findings in a text search box on the individual findings view on AppSec explore. At this time the search criteria supports searching by specific CWE_ID, or CVE_IDs, or an exact findings name.

Export Findings in a CSV format in AppSec Explore

AppSec explore users can now export into a CSV their current view.

KDI Findings Due Date Field

For the KDI Findings model, it now permits a due date field in Explore and the details page.

 

Q2 2020 Release Notes

Enhanced Performance

Kenna is always looking at ways to optimize performance while continuing to innovate. We are regularly making performance enhancements which improve efficiency for our customers. The latest change increased data export speed from 2x to 5x the previous performance.  

Added support for the "Specifics" form within Cherwell ticketing integration

We are now able to add "Cherwell Specifics Field Names" within the Cherwell ticketing integration. This does require configuration by Kenna Support so please contact support or your CSE if you would like to set this up.

Incorporated Mitre’s CWE 4.1 update

MITRE released a new version (4.1) of their CWE data.  We now ingest the new data and update our CWE vulnerability definitions appropriately.

Improved the search Help Modal in Explore

We adapted the content from the Zendesk help docs into the help modal within the app. You no longer have to navigate away from the Kenna application in order to get help on search terms!

Added the connector name in failure notification

We used to provide a general failure warning when a connector had an issue, but now we specify which exact connector experienced the issue.

Streamlined Risk Meter navigation

Kenna introduced a new dropdown tool for searching Risk Meters/Groups! This tool can be found in the upper left of the Explore page. You are still be able to view groups in the right-hand panel in Explore but this new control will eventually replace the Groups section in the right-hand search panel.

To activate the search, click on "All Groups" or, if you are already viewing a group,  you can click the down arrow next to the group name at the the top left of the Explore page. By default, you will see your first 500 groups alphabetically. As soon as you type any search criteria, best matched groups will start to display.

 

Created triage workflow in AppSec

AppSec customers now have the ability to set multiple states in the platform as a part of executing a triaging workflow in AppSec explore. To set states, navigate to the finding detail view in AppSec and from the right side (shown below) you can choose from Open, Closed or Risk Accepted status.

Added option in AppSec to filter on Connector Name

AppSec customers have the ability to filter by Connector Name in AppSec Explore’s Individual findings view. This filter option (AppSec_Explore_Enabled) must be turned on in the back end by support or your CSE. 

Added option in AppSec to filter on OWASP top ten

Customers can now filter on OWASP Top Ten, located on the right side in the new AppSec Explore view. With this new feature, customers can pinpoint the most commonplace and highest priority application security risks plaguing organizations today! This filter option (AppSec_Explore_Enabled) must be turned on in the back end by support or your CSE. 

Added vulnerability “Chatter” to Kenna.VI+ API

Our Kenna.VI+ customers can now find statistics about when there is “chatter” or mention of an exploit somewhere on the Internet. We also provide high-level chatter statistics for a single vulnerability definition by CVE ID. You can find this feature on the Kenna.VI+ endpoint of our API docs page. 

Added transparency for manually set asset statuses

Users now have the ability to tell if an asset's status was overridden by a human and the ability to remove that override without contacting support. Prior to this enhancement, there was no way to know that an asset's status was set to inactive or active by a human and users couldn't remove that manual status override without contacting support. 

For more information, please see our Kenna Help document on this topic. 

Displayed connector name on vulnerability detail

For customers who give specific names to their connectors, on the vulnerability details page, if multiple connectors report on a vulnerability, we now show the connector name rather than the connector type. Being able to distinguish which connectors are reporting on a vulnerability should aid in troubleshooting and closing out those vulnerabilities. 

Updated CrowdStrike connector for agent detection regardless of Spotlight

With the updated CrowdStrike connector, we can now detect the presence of all CrowdStrike Falcon agents whether or not the customer is using CrowdStrike Spotlight to import vulnerabilities.  

IBM AppScan Renamed to HCL AppScan

Due to a change of company ownership, we've renamed the connector (on connectors page) to reflect the correct name.

Updated the Navigation Bar

We condensed our navigation into a more consistent hierarchy and sitemap structure that follows our product offerings.

Instead of seeing Home | Dashboard | Explore | Connectors | AppSec | Intel | Settings, you will only see VM l AppSec l VI l Connectors. This provides clearer organization and reduction of clutter in navigation. We also translated the navigation bar to updated brand colors. We made the changes so navigation is more concise, and aligns with our product offerings.

Added search capability to the User Roles page

Users are now able to search by user roles and Risk Meter names.

Updated the Nexpose Connector

When a reported vulnerability is present multiple times on a host in a Nexpose file, we now represent all instances of the vulnerability as tabs. There will be several tabs showing all instances (file locations) of vulnerabilities that need patching. 

Added threat actor to Kenna.VI+

We added a new field to the Kenna.VI+ (formerly known as the threat / vulnerability API) called “threat actor.” Please see image below. For CVEs where we have intelligence that a threat actor has been referencing the vulnerability we will report the threat actor name and how many times the references have occurred.  

Provided the ability to change the SLA Due Date Basis in the UI

SLA due dates can be based on found date, created date, or fix published date on the vulnerability. We moved the ability to change SLA Due Date Basis from a back-end setting to one that users can change themselves in the UI on the SLA Settings page. This removes the need for support or CSE to be involved. SLA due date basis defaults to found date. Changes will only apply to new vulnerabilities; we won’t change any previously set due dates. This is a global setting shared by all SLAs.

Displayed selected columns related to findings in AppSec Explore

We introduced a button to select relevant columns to be displayed in the AppSec Explore individual findings view. A drop down list appears when the “Display Button” on AppSec Explore is selected allowing the user to select necessary columns they want displayed for findings, similar to our VM Explore page. This feature is only available to customers who have the AppSec_Explore_Enabled set to true. This filter option must be turned on in the back end by support or your CSE. 

CrowdStrike Spotlight Connector

CrowdStrike Spotlight is the newest connector for 2020 added to our platform. Customers who have  Spotlight can now use it to import the vulnerabilities found on their assets. Moreover, we can use the connector to detect the presence of an agent on the asset. PLEASE NOTE: The customer must have Spotlight for this to work. Please see May release notes as well for the latest CrowdStrike update.

Added ability to add User Roles at the time of Risk Meter creation

You can now add user roles at the time of Risk Meter creation rather than having to swivel to the settings page to add permission after the fact.

Added back-end setting to configure page size

Related to paginating, Kenna introduced a back-end client setting to make the page size configurable for Users, User roles, Custom fields, API Keys and Report Subscriptions. Limits are 1 - 10,000.

Displayed additional details on findings detail page

With the introduction of the findings detail page under AppSec Explore, customers have the ability to get the following details: Name, Unique identifier and description of the finding, severity, file name, line of code, project name, and source of the vulnerability amongst others fields sourced from AppSec Scanners. This view is available to only customers who have the AppSec_Explore_Enabled feature set to true. This filter option must be turned on in the back end by support or your CSE. 

Added a filter by Status in AppSec Explore 

AppSec customers have the ability to filter by the status of a finding in our AppSec Explore views. This is available on the right hand side of the AppSec Explore page.

This is available to customers who have the feature AppSec_Explore_Enabled set to true. This filter option must be turned on in the back end by support or your CSE. 

 

Q1 2020 Release Notes

Launched Risk Based SLAs. Kenna continues to partner with you in your vulnerability management maturity journey.  There is crushing demand to patch everything. Set fewer SLAs, but achieve the appropriate level of risk. Remove friction by grounding the conversation in actual data. Get to an acceptable level of risk and hold by using intelligent data driven SLAs.

Introduced list view on the dashboard. A  new way to browse your dashboard in a more compact and linear fashion. Use the toggle in the top right to switch your view.

 

Added CVE score history in the API.  API documentation: https://apidocs.kennasecurity. com/reference#show-cve-history

Pre-NVD chatter was added to the Threat API. Augments our ability to score threats that are not yet published in NVD or scored in CVSS.

Find connector run detail in the API. Rather than go through support, customers can use the connector run ID to query the API for connector run detail. API documentation: https://apidocs.kennasecurity. com/reference#show-connector- run

Improved the readability of service ticket description. More to come on this topic.

Added support for reset_tags in the Kenna Data Importer (KDI) connector

Kenna Agent Updates:

• Support for the BlackDuck connector
• Support for a local directory connector
• A single instance of the agent can now handle multiple connectors

Added a new bulk export option for fixes 

Introduced a better way to edit custom string searches in Explore

Q4 2019 Release Notes

VRM now incorporates the ability to benchmark mean time to remediate vulnerabilities vs other companies in your industry.

Added total mean time to remediate for a given Risk Meter. It was added to the existing Mean Time To Remediate chart in risk meter reporting for additional context beyond severity breakdown.

Removed the Total Ticket Progress Over Time graph from the home page for clients with no ticketing integrations.

Changed 'Solution' field in the API & exports to have more specific data. Note: the file size will grow. This change will not impact the 'solution' field in the CSV export - that will continue to be the fix title + fix URL. 

Adjusted Webinspect Connector scores to align with our scoring methodology.

Instituted a change in the Veracode Connector for AppSec. Previously we were only importing the latest findings field – at the behest of several customers we’ve now changed that to "all findings". As a result customers might see an increase in the number of vulnerabilities in their environment, it’s also possible that risk scores might change.  

Improved usability of Dashboard Views:

1. Client admins can create a global dashboard view
2. Client admins can share a dashboard with a role or group of roles
3. Client admins can share a dashboard and create global dashboards via the API
4. Users are able to choose a default dashboard view

Q3 2019 Release Notes

VMware Partnership announced. Kenna's vulnerability risk intelligence is integrated with VMware AppDefense, a part of the VMware vSphere Platinum offering, to empower virtual administrators with vulnerability risk scoring, context, and prioritized patch recommendations. 

Kenna made significant improvements to the underlying Dashboard code which resoluted in improved Dashboard Performance, decreasing page load times and increasing navigation speed for an overall improved customer experience.

Explore page containing a large number of groups will now have much faster load times.

Additional Connector Health Improvements: We’ve added increased specificity to the error message if the connector fails to help diagnose and remediate issues more quickly.

Incorporated underlying improvements to the Application Sort function permit rapid sorting of applications by Highest Risk Vulnerability.

Kenna App in the ServiceNow Store. It will display the Kenna Risk Score for CVEs pulled from Kenna into ServiceNow. 

Admin now how the ability to set custom permissions via the API.

Enhancements to Veracode Connector:

1. Login with API key, instead of username and password
2. Create an asset for each unique URL, associate vulnerabilities to those unique assets

Added Support for JIRA Oauth Authentication.

Added support for IBM Security AppScan Enterprise Connector.

 

Q2 2019 Release Notes

What a busy quarter!  Kenna engineering has been working really hard delivering upgrades all over the app and the API.

API Documentation has been improved and is now easier to navigate and interact with.  Check it out here.

AppSec Reporting can be accessed from the AppSec menu, and includes your application risk summary scores and charts.

AppSec API Endpoints were also introduced, so you can add applications and manipulate them from our API.

Kenna Agent is a new alternative for on-prem installed connectors and is available for a limited number of products right now, including Nexpose and Sonatype. Also new is a helpful UI for setting up the Agent (found in the "Add Connectors" setup area).  More information on setting up the Agent can be found here.

Connector Health is an addition to the Connectors page that shows whether the most recent connector run was a success or failure, and if it failed what the reason was.

True Risk is an indication of what a Risk Meter's score would be if it included vulnerabilities that have been Risk Accepted.  This number will show on any Risk Meter Reporting pages where risk accepted vulnerabilities are present.

Cherwell connector has improved functionality and can now be configured exactly as desired. See this page for how to customize your Cherwell connector.

API Keys are now able to follow a user's permissions - so your read only users can access the API and have read only access.  More details on this can be found on the API Keys help page.

Persistent Due Dates are now available as an option on your SLA Policy page.  For customers in heavily containerized environments, this can be very useful to track vulnerabilities that are ongoing with spinning down and spinning up new containers.

Netsparker connector has been extended to pull the CWE or WASC identifier, if available.

Qualys connector was updated to distinguish between the Exploitable and Non Exploitable parameter that they have.

Threat Feed API has several additions - we have added the CVSS Temporal scores and now allow you to query it for multiple CVE details at once. It accepts comma separated CVEs (limit of 600 CVEs at a time).

Jira connector assignee list can now be configured to be set to a typeahead field. This is extremely useful for Jira setups with a large number of users.  This can be configured at the connector level - reach out to Support if you want to turn this on for your instance!

 

Q1 2019 Release Notes

Kenna released a major UI update for our Application Risk Module, as well as some smaller improvements for Remedy ticketing users and API users.

Application Risk Module UI Update was launched in January and creates a completely new and custom experience for ARM customers. It allows you to see your applications in a more logical manner and accommodates free text metadata, in addition to reports for each of your applications.  More detailed information is available on the ARM help page.

Remedy Ticketing was updated with improvements to templates and ticket creation.

CSV Export now has a column for the associated service ticket number and the service ticket status.

Asset Detail View can now be sorted by Application name.

CVSS v3 scores were added to the UI and can be seen on some vulnerabilities in the Explore view.  

API Keys are now contained on a page accessible by Kenna Admins.  From Settings page, Kenna Admins can access the API Keys page and see which of their users have API keys and interact with those keys. 

There is now the ability to generate a key or revoke a key from a user's User Detail page as well.  

Sonatype Connector was extended to allow for customization for which field Kenna pulls in as the Application Name.

 

Q4 2018 Release Notes

As we close out the year, Kenna pushed some big, exciting features!  Thanks for being a customer this year, we hope you enjoy these enhancements to the Kenna experience!

Home Tab was launched to provide you with a more robust at a glance.  For more detailed information, see the help page here.

Benchmarking your total risk score is now available for comparing your score with your industries (and other industries in our database).  For more detailed information, see the help page here.

API Keys were migrated from one-per-company to a per-user basis.  That means that a unique API key can be generated for every individual user that needs one.

Tenable Performance Improvements were made to speed up Tenable connector runs.

New Connectors:

• Kenna Data Importer
• Hackerone (in beta test phase)
• Checkmarx (in beta test phase)
• InsightVM (in beta test phase)

Q3 2018 Release Notes

Q3 saw some exciting improvements to the platform, as well as a new Threat Feed and several new and improved Connectors.

Role Based Access Controls are now available to administrators to create custom permissions for their users from a list of present permission groups.  These can be found under User Roles from the Settings menu when selecting "Custom Access".

Custom Field Sort is available now on the Explore page. 

Updated Connectors:

• Bugcrowd - now importing remediation advice in the Scanner Fixes field
• WhiteHat - now displaying the Severity field
• OWASP ZAP - improved data import quality
• Qualys - improved data import quality

New Connectors:

• Tanium Comply (in beta test phase)
• Cherwell Ticketing (in beta test phase)
• Acunetix

As always, if you're interested in beta'ing a connector, just contact your Customer Success Engineer or other Kenna Security support person!

New Threat Feed - Proofpoint Emerging Threats Intelligence has been added as a threat feed to Kenna's Predictive Modeling Technology.  Your vuln scoring now includes data points from Proofpoint, among other best in class threat feeds.

 

Q2 2018 Release Notes

• Several API enhancements. See API changelog.
• Application Risk Module launched.
• Exploit Predictions launched.
• AppSec Top Fixes added.

Q1 2018 Release Notes

• Several API enhancements. See API changelog.
• Filter vulnerabilities by running kernel via Qualys connector.
• Custom vulnerability risk score override.
• New BugCrowd connector launched.
• Customize SLA Policies based on found dates, creation dates, or published dates.
• Imperva WAF connector launched.
• WhiteHat Source connector launched.
• OWASP ZAP connector launched.
• BlackHat exploit kits now monitored and tracked.
• Proofpoint Emerging Threats intelligence added.
• New Risk Accepted Over Time chart.
• New False Positive Over Time chart.

Q3/4 2017 Release Notes

• Several API enhancements. See API changelog.
• New CSV Uploader
• Asset details page now filters vulnerabilities by status

Summer 2017 Release Notes

• Several API enhancements. See API changelog.
• Bulk editing of Asset owners in Home.
• Support for Fortify On Demand formats via the Fortify connector.
• New BlackDuck connector launched.
• New Outpost24 Outscan connector in beta.
• Support for custom values in ServiceNow ticketing connector.
• Support for ServiceNow CI ID as an asset identifier in Kenna.
• Support for multiple IP's per asset in ServiceNow CMDB connector.
• Support for new WebInspect format.
• New Malware Exploitable filtering and info on vulnerabilities.
• Support for multiple templates in ServiceNow Ticketing connector.
• Asset operating systems updated by OpenVAS connector.
• Support the tracking of vulnerability statuses of the same vulnerability on multiple ports of a single asset.

Spring 2017 Release Notes

• Several API enhancements. See API changelog.
• Scanner scores are now available in the Vulnerabilities tab on the Home page.
• Dashboard 2.0 is here! 
• ServiceNow CMDB Connector beta release. Contact your Customer Success Manager for access.
• Asset IDs added to Top Fixes exports
• New "Include All Assets" filter on the Home page.

Winter 2017 Release Notes

• Number of Fixes added to Risk Meter summaries in dashboard & reports
• Remedy Connector launched for Remedy On Demand and on-premise
• Jira connector now supports Jira 7 and Jira Cloud
• Checkmarx connector launched
• New Alert: Connector Failure
• Notes field now included in CSV exports

Fall 2016 Release Notes

• ServiceNow connector now supports custom tables
• Kenna now supports CWE identifiers in addition to WASC-TC and CVE
• Nexpose and Qualys connectors now create individual entries for "informational" vulnerabilities
• Subscribe to reports
• All file based connectors now support .zip uploads
• SAML support is here!
• Several API enhancements. See API changelog

Summer 2016 Release Notes

• Launched new SLA Settings to automatically set due dates for vulnerabilities.
• Launched new Alerting feature!
• Added separate connector for Qualys WAS 
• Auto-tag assets with application name from Qualys WAS
• Search on "vulnerability_found" dates in Home. More search syntax here.
• Link to vulnerabilities list in Home from both Top Fixes Vulns Affected and Fixes tab Vulns Affected
• Added current Risk Meter score, risk reduction score, operating system to Top Fixes CSV
• Display alternative Fixes for a vulnerability from Fixes tab or Top Fixes
• Added ip address restrictions on access of Kenna instances
• Added ability to perform a negative search on fix published date
• Changed Top Fixes CSV export format to one asset/fix per line
• Several API enhancements. See API changelog
• Added D2 Elliot exploits to platform and Easily Exploitable filter

Spring 2016 Release Notes

• Edit Risk Meter Groups criteria using the pencil icon from the Home page
• Several API enhancements. See API changelog
• Edit Risk Meter Group names from the Dashboard using the pencil icon
• Added "Send via Email" to Top Fix Groups
• Added ability to sort Fixes by number of vulnerabilities addressed in Fixes tab
• Added ServiceNow & Jira integrations to Top Fix Groups
• Top Fix Groups: We've added a list of top fixes by risk reduction for each Risk Meter
• Support for Auto-Close of vulnerabilities imported from McAfee VM
• Added a Consequence tab for Fixes to display the potential risk of not fixing a vulnerability
• Support for Qualys hierarchal tags
• Added ability to search on Fix Published dates. Example: fix_published:<2015-11-01
• Accept .fpr file uploads with the Fortify connector
• Display Qualys protocol information along with ports in Asset details page
• CVE description added to the Vulnerabilities API end point
• Include Solution information in ServiceNow tickets
• Re-activate inactive assets that are found by a scanner
• Increased password complexity requirements

Winter 2016 Release Notes

• "grey out" Risk Accepted and False Positives in vulnerability grid on Home
• Vulnerability grid on Home is now sorted by Score (high to low)
• Added several new search functions including: scanner_id, absence of service ticket, and leading wildcards. See doc for more details.
• Added Risk Meter score to Vulnerabilities tab in Home.
• ServiceNow Connector Updates: 
• Support for ServiceNow templates
• Populate tickets with Scanner IDs
• Tenable SecurityCenter tags now imported by connector.
• Several API enhancements. See API changelog.
• Role Based Access Control - Details here.
• Reporting 2.0 - Details here.
• Automatically inactivate assets based on "last seen" date using Asset Settings menu.
• New Nessus Importer connector to import scan info without running a new scan.
• Vulnerability due dates associated with individual vulnerabilities.
• Filter for Remote Code Execution vulnerabilities in Home page.
• Added ability to perform a re-scan of a vulnerability using Nexpose connector.
• Added support for Qualys EC2 asset tracking method.
• Added support for Qualys Canadian platform.

Summer 2015 Release Notes

API Updates

There were several updates made to our RESTful API. See API doc for changelog.

Qualys Connector Updates

Ability to pull in PCI flag value of Qualys vulnerabilities and filter on it.

Security Center Connector Updates

Ability to pull in “Risk Accepted” vulnerabilities from Security Center and store them with a Risk Accepted status in Kenna.

UX Updates

Persistent setting preferences in datagrid display (Home page).
Ability to hide asset tags when viewing assets and vulnerabilities tabs in Home page.

New Integration

We launched our ServiceNow integration allowing Kenna users to generate and track service tickets directly from Kenna.

 

Winter 2015 Release Notes

• Added Massive Bulk Edit Operations on Vulnerabilities.
• Added Risk Accepted vulnerability state.
• Added False Positive vulnerability state.
• Discovered dates now displayed in the vulnerabilities table in Home.
• Closed dates now displayed in the vulnerabilities table in Home.
• Ability to filter on vulnerable ports in Home.
• Support for Nessus 6.
• New Dashboard Compare tab displays vulnerabilities trending by operating systems and tags.
• API Updates: There were several updates made to our RESTful API. See API doc for changelog.

 

Q4 2014 Release Notes

• Add Massive Bulk Edit Operations on Assets.
• New OpenVAS Connector.
• New McAfee Vulnerability Manager Connector.
• Display and sort assets by Risk Meter score.
• Add ability to send Fixes via email.
• New Type Ahead searching of asset tags.
• Zero Day Vulnerability flagging of assets.
• Ability to download fixes to csv.

 

Summer 2014 Release Notes

New Simplified Changelog Format

• Filter vulnerabilities by locator type.
• Add color scales to Risk Meter hover: Hovering over a Risk Meter exposes the green, yellow, red color scale.
• Beyond Security connector: Kenna now integrates with BeyondSecurity vulnerability scanner.
• Qualys certificate authentication: Qualys connector now works with Qualys certificate authentication.
• Expose references, CVE's and assets for each “fix” in Fixes tab.
• Dell CTU threat data now included and correlated with vulnerabilities.
• Threat Trends: Dashboard now includes ThreatTrends pane including successful exploit and attack data across all of our threat sources.
• Qualys WAS connector: Kenna Qualys connector now pulls associated Web Application Scan data from Qualys.
• Fine grained scan scheduling: When scheduling Nessus scans through Kenna you can specify exact time of scan.
• Individual RM asset scores displayed in asset table: Each asset in asset table includes color coded risk meter score for that asset.
• Filtering of Fixes view: When filtering vulnerabilities or assets, only the Fixes for those vulnerabilities and assets are displayed in Fixes tab.
• Include scanner ID’s in Omniview vulnerability table: ID's from scanner vulnerabilities can be displayed in Vulnerabilities tab.
• TypeAhead suggestions for tags.
• API Updates: There were several updates made to our RESTful API. See API doc for changelog.

 

March & April '14 Release Notes

Dell SecureWorks Integration

Kenna now offers full integration with Dell SecureWorks. SecureWorks customers have Single Sign On between the Counter Threat Platform and their Kenna instance. All asset information synched in Kenna can be imported into the SecureWorks Counter Threat Platform.

Web Application Attack Correlation

Kenna now tracks web application attacks from over 50,000 web sites and correlates those attacks with your open vulnerabilities in order to prioritize remediation on those that are under a large volume of attack.

Additional Fields Included in Data Exports

We've added additional fields to vulnerability exports. The additional attributes include custom fields, active internet breaches, and easily exploitable vulnerabilities.

API Updates

We continue to add more functionality to our RESTful API. The latest updates allow for automating your vulnerability management program with file upload and connector run capabilities. The majority of API updates were to the Connectors end point. You can find a list of our API updates here.

 

January & February '14 Release Notes

Deactivate Assets

Kenna now has the ability to deactivate assets within your account. This allows users to filter these deactivated assets out of their asset and vulnerability views and not include any of these stats within your dashboard metrics. Just like tagging and prioritizing, you can deactivate assets in bulk using our bulk editing menu that appears after selecting multiple assets.

IP Address Range Searching

A common operation requested by our users has been searching assets by IP ranges. With this newly added search syntax you can now look for groups of assets by IP range. The search syntax is specific, for example, to search a range from 192.168.1.1. - 192.168.100.100 use the following search: ip_address_locator:[192.168.1.1 TO 192.168.100.100]

User Interface Redesign

Our New User Interface Provides All Data in a Single View.

You've probably noticed this one but we have completely overhauled the user experience. With our new interface we have combined assets, vulnerabilities, and patches into a single, filterable and searchable view. All of the filters in the right hand sidebar will filter your view against all of these and include a Risk Meter score. Creating asset groups and Risk Meters for the dashboard are all within a click of this new omni-view. You can read the full details here.

Perimeter Scanning

With the help of our partners at Qualys, Kenna now offers perimeter vulnerability scanning that is fully integrated within the application. You can kick off perimeters directly from our sign up process or by creating a perimeter scanning connector using the Connectors tab.

 

December '13 Release Notes

Vulnerable Ports

For several connectors including Nessus and Qualys, Kenna now tracks vulnerable ports. Once a connector run is complete, you can filter your vulnerabilities by vulnerable ports from within the Vulnerabilities tab. This can be helpful in several use cases. One example: If you have multiple web services running on an asset and receive an SSL vulnerability, you can track this vulnerability to the vulnerable service running.

If a vulnerable port is detected, that port will also be added to the asset in the Assets tab as an open port.

Qualys Dynamic Asset Tags

In addition to Qualys Asset groups, Kenna will now automatically create new asset tags when a dynamic asset tag is discovered within Qualys. This will allow users to filter and report on these dynamic asset tags within Kenna, as well as create Asset Groups and associated Risk Meters for their dashboard.

Nexpose Site Tags

Our Rapid7 Nexpose connector will now automatically tag assets with their Nexpose Site Name as they are synched into Kenna. This will allow users to filter and report on these site tags within Kenna, as well as create Asset Groups and associated Risk Meters for their dashboard.

Performance Improvements

We've deployed tremendous performance improvements largely due to our new search and indexing infrastructure. In December we migrated our search and indexing over to Elastic Search primarily for performance reasons. With Elastic Search the Vulnerabilities tab loads on average 50+ times faster than previously and the Assets tab loads on average 30+ times faster than before. The differences are obvious and we think you'll be pleased. We're not done though, watch for more performance increases coming soon to a production environment near you.

Nexpose Auto-Close

On the heels of launching auto-close for Nessus, Kenna now supports auto-close for Nexpose as well. This works for both the Nexpose XML and Nexpose API connectors. Kenna will now monitor the differences in your scan outputs from Nexpose and automatically close vulnerabilities that are no longer detected, making it much easier to track state of your vulnerabilities over time.

Expanded Port Filtering

Last month we began tracking vulnerable ports and allowing users to filter on the top 10 vulnerable ports and top 10 open ports across their environment. This month we expanded the filtering and reporting capabilities to include all vulnerable and open ports.

On-Premise Jira Support

Through our virtual tunnel appliance, we now support on-premise Jira integration with Kenna. You'll need to deploy your virtual tunnel appliance on your network where it will have access to your Jira server and make sure you check the "use Virtual Tunnel" option within your Jira connector configuration. For more information on our Virtual Tunnel appliance please contact support@kennasecurity.com.

More API Improvements

We continue to make enhancements to the API. Some of the recent improvement include a partner API for managing client accounts and SSO integration. For a full least of API features and changes please see our API documentation: https://api.kennasecurity.com.

 

November '13 Release Notes

Nessus Auto-Close

The latest versions of the Nessus XML and API connectors produce deltas and auto-close vulnerabilities no longer found. The connector analyzes which assets were scanned with which plug-ins to determine whether or not the asset is still vulnerable to specific vulnerabilities. If they are found to have gone away, our connector will now auto-close them in Kenna for centralized tracking throughout the vulnerability lifecycle.

To learn more, see our blog post on Nessus Auto-Close.

 

October '13 Release Notes

Risk Meter Dashboard 

The Risk Meter dashboard provides an at-a-glance view of security risk across organizational assets. With the new dashboard, you can now save a Risk Meter based on asset groups to view at any time within your dashboard page. New asset groups are automatically saved to the dashboard for later viewing. You can also create asset groups directly from the dashboard just by clicking on the New Risk Meter button.

The Risk Meter Dashboard provides this view of security risk across any group of assets.

Asset and Vulnerability Groups

Saved search has been modified to allow for the creation of asset and vulnerability groups. These groups can be created through any of the filters, tags, and searches used in the assets and vulnerabilities tab. All Asset Groups are automatically saved to the Risk Meter Dashboard as noted above.

To save an Asset or Vulnerability group just perform a filter or search against your assets or vulnerabilities and then click Save. You will be prompted to name the asset or vulnerability group. You can then view the group at any time with the link provided in the upper right of the sidebar.

Filter Assets by Connector

You can now filter your assets by connectors. This can be used to quickly tag all assets coming in from a given connector or creating asset groups by connector. You'll find the connector filter in the sidebar of the Assets tab.

Qualys Tag Importing

In addition to Qualys asset groups, Kenna now automatically imports Qualys asset tags and tags those same assets. This allows for greater continuity between your Kenna and Qualys asset structure. This update does not yet include Qualys dynamic tags which will be added in a later release.

More API Improvements

We continue to make enhancements to the API. Some of the recent improvement include a partner API for managing client accounts and SSO integration. For a full least of API features and changes please see our API documentation: https://api.kennasecurity.com.

 

September '13 Release Notes

Risk Meter 

The Risk Meter is an asset-based measure of the security risk a group of assets poses to an organization. Our proprietary algorithm is based on the following signals:

1. Adjusted CVSS: We adjust the scores with an algorithm which ensures that CVSS is a better indicator of the probability of a breach.
2. Exploit Analytics: Does a vulnerability have known exploits or breaches and are they being observed in the wild? Is this vulnerability a popular target?
3. Asset Priority: How critical is the asset to your infrastructure? You can modify this priority in bulk or individually.

The Risk Meter will give you an at-a-glance look at your risk across a select group of assets. As you filter your assets your Risk Meter score is dynamically updated. To view the Risk Meter just navigate to the Assets tab.

Dynamic Patch Reports

As part of the launch of the Risk Meter, we now have a dynamically updated patch report to match each Risk Meter. As you filter or search against your assets, the Risk Meter score will update to reflect those assets and the patch report will include the patches and advisories related to the assets within the current view. The patch report itself is sorted in order of risk reduction prioritizing the patches that will have the greatest effect on your environment.

You can view the new dynamic patch reports within the Assets tab located directly under the Risk Meter.

More API Improvements

We continue to make enhancements to the API. Some of the recent improvement include primary_locator's to asset responses, asset id's to vulnerability responses, definition data to vulnerability responses and much more. For a full least of API features and changes please see: https://api.kennasecurity.com.

Qualys Asset Tag Import

In addition to Qualys asset groups, we now automatically import Qualys asset tags and tag your new assets with those tags. This allows users to maintain a structure they have established within Qualys and then expand on it with additional tags and meta data. The QualysGuard connector will automatically pull in these tags with your new assets.

 

August '13 Release Notes

Nessus API Connector - Command & Control
We added a connector for Tenable Nessus that takes advantage of the Nessus API. This connector is in addition to both our Nessus XML connector and the Security Center connector.

With this newest connector Kenna users can schedule the importing of vulnerabilities and assets on a daily, weekly or monthly basis. Our Nessus users can also schedule and kick off scans with their Nessus scanner directly from Kenna. By combining this new functionality with our virtual tunnel, you can ensure all of your on-premise scan reports are loaded automatically into your instance of Kenna.

New Asset Filtering & Searching

New facets have been added to the Assets tab. You can now filter your assets by Service Names, Open Ports, Service Protocols, Service Products, Connector Names, and Connector Types.

We recently wrote a blog post on some examples of using the service and port filtering in combination with nmap scans. Check it out and let us know what you think.

Multi-Tag Roles
We received a lot of requests from our users in expanding our role-based access controls to allow for multiple tags to be assigned to a role. Well you asked and we delivered.

With multi-tag roles, you can take advantage of existing structure setup in your scanners to grant access to specific assets as they show up in Kenna to only those who need it. This gives our users the ability slice up their reporting and dashboards by many tags while still managing a smaller amount of roles by grouping tags within them.

Qualys EU Platform Support
Our Qualys connector integration has been extended to support the Qualys EU platform. The connector works just as before but now gives you the option to authenticate to both the US and EU Qualys platforms.

API Improvements
In addition to several performance improvements made to our API we have also added new data such as returning all tags associated with an asset when pulling asset data via the API. You can find more details about these changes and all of our API functionality at api.kennasecurity.com.

Expanded Virtual Tunnel Capabilities
We expanded the connectors our Virtual Tunnel works with to include the new Nessus API connector, the Nexpose API connector, the Jira connector, and the Qualys connector.

Our virtual tunnel is a virtual appliance that allows for connectivity between your Kenna instance and your on premise tools.