BigFix Insights for Vulnerability Remediation 1.3 is now available

Release Announcements CyberFOCUS (Release Announcements)
1

The BigFix team is pleased to announce the release of version 1.3 of the BigFix Insights for Vulnerability Remediation application (included in the BigFix Lifecycle and Compliance suites)! This application will enable IT Security and Operations teams to collaborate much more effectively by automatically correlating discovered vulnerabilities to their proper remediations, while providing prioritization data to focus remediation efforts.

The main features of this release are as follows:

  • Introduced support for Tenable.sc version 5.20.x

Additional information about this release:

Published site version: 9

Useful links

1 Like
2

Hi @Aram - I see that the Schedule attribute is not yet documented. I have a Case opened asking for the details of the pattern’s use to establish custom schedules. Could you chime in both here and with support as to what each element represents?

As it is currently configured in v1.2, the ETL runs every hour on the hour using the pattern: schedule="*/60 * * * *".

3

Thank you for bringing this to my attention! We’ll certainly work to update the documentation.

In the meantime, the schedule format for Insights for Vulnerability Remediation is the same as that for ServiceNow Data Flow (documented here: https://help.hcltechsw.com/bigfix/10.0/integrations/Ecosystem/Install_Config/c_refs_cfile.html)

It is essentially a cron time format (https://en.wikipedia.org/wiki/Cron). The first character denotes the minute, the second the hour, the third the day of month, the fourth the month, and the fifth the day of week. There are a few websites that I’m sure you can find that help generate cron strings/expressions as well as validate and translate existing strings into friendly descriptions.

1 Like
4

Thanks for the pointer to the ServiceNow Data Flow documentation; that is exactly the level of detail that I was looking for.

-Boyd

5

Hi @Aram, is there any more detailed release notes for this version? Are there any big fixes, performance improvements, etc. In another words, we need to understand whether if we are running v1.2 for example and above-mentioned Tenable.sc version support is not of interest, is there benefit to upgrading to latest version?

6

Hi Aram,

We upgraded IVR to 1.3 but still getting error message “Login Denied” When we use same access key and Secret key in Postman. We able to get request from Tenable.SC

Do we have any specific format to define Access Key and Security key in IVR configuration.

Thanks
Sagar Deshpande.

7

Hello! And fair question…however, the only change in this release was the introduction of support for the newer versions of Tenable SC. Note that we do have other releases coming, so, stay tuned!

8

Hi Sagar,

There is not a specific format required, no (it should be exactly as it is from Tenable). I’d recommend opening a support case to troubleshoot. When opening the case, do please provide details about the permissions associated with the key, and what type of API requests you’ve been able to make via Postman with the given credentials.

9

Hi Aram,

We have reinstalled and configured the IVR with access key and secret in IVR 1.3 version, still we are unable to fetch the vulnerability data in insight and its throwing the “login denied” error while validating the configuration, and we are able to fetch the data from tenable using CURL command and its giving data from tenable.sc by using access key and secret.

IVR loggin error
IVR loggin error1436×263 86.3 KB

I have also raised the support Case for the same.
Case: CS0308230

Kindly help us to resolve the issue.

Thanks,
Arjit

10

Does this discussion in the tenable community shed any light on your situation?

https://community.tenable.com/s/question/0D53a00007zy0E3CAI/error-code-74-while-using-tenable-sc-api

12

Thanks @Aram for your support, by putting useranme and passsword combination works to dataflow happened from tenable.sc instead of the access key and secret key.