Release Summary
Features and Enhancements of the new IVR v. 4.3
- Native Qualys Integration on IVR v. 4 Architecture
- NiFi-Powered Data Orchestration
- Superseded Vulnerability Filtering
- Qualys File-Based Import Support
- Bug Fixing
Summary
We are happy to announce the release of BigFix Insights for Vulnerability Remediation (IVR) 4.3.0. This release brings full Qualys support to the IVR v. 4 architecture, offering significant performance gains and granular control over data ingestion.
- High-Performance Architecture with Apache NiFi:
The Qualys integration now leverages Apache NiFi to optimize the data ingestion pipeline. This ensures faster, more reliable processing of vulnerability data, significantly improving performance when importing large datasets and reducing the overall synchronization window. - Configurable Superseded Vulnerabilities:
IVR v. 4.3 provides customers with greater control over their data footprint. A new setting within the IVR console allows users to toggle whether superseded Qualys vulnerabilities should be imported. This allows teams to focus exclusively on active, actionable risks or maintain a historical record based on their specific compliance needs. - Unified IVR v. 4 Benefits:
Qualys users can now take full advantage of the modern IVR framework, including:- Pre-correlated Content: Leverage pre-mapped vulnerability-to-fixlet data for faster remediation.
- Device and Vulnerability Views: Switch between asset-centric and vulnerability-centric dashboards in the WebUI for better visibility.
- Streamlined Remediation: Initiate patching directly from the Device Details or Vulnerability pages.
- Flexible File Import Options:
In addition to the native connector, IVR v. 4.3 supports the import of vulnerabilities via files exported from Qualys. This provides a critical fallback and flexibility for air-gapped environments or specific reporting workflows, all while maintaining the correlation accuracy of the v. 4 engine.
The goal of IVR remains the same: to help align Security and Operations teams with intelligent patching prioritization and automated remediation, reduce the time between vulnerability discovery and remediation, and greatly reduce risk by reducing the vulnerable attack surface.
Important Notice for IVR v. 2 Users:
Customers currently using IVR v. 2 with the Qualys connector should plan their migration to IVR 4.3 immediately. IVR v. 2 utilizes legacy Qualys APIs that will reach end-of-support starting in June. Transitioning to IVR 4.3 ensures continued service and leverages the modern, supported API framework for more robust data integration.
Resources
- Documentation - BigFix Insights for Vulnerability Remediation (IVR) v.4
- Documentation - Get started with IVR
Site Versions
| Site Type | Name | Version |
|---|---|---|
| Fixlet Site | BigFix Insights for Vulnerability Remediation | 203 |
| WebUI Site | WebUI IVR | 22 |