Remediation Work Form - An Actionable Ticketing Experience
The updated Vulcan Remediation Work Form allows cross-functional IT security users to view vulnerability instances and related details through the remediation ticket and submit an exception request for some or all of the instances. This feature enhances collaboration across security teams, asset owners and IT operators responsible for vulnerability mitigation and remediation.
Easy access: The improved Remediation Work Form is now accessible to all users via a designated hyperlink sent by email.
Extensive information: The Work Form now offers comprehensive vulnerability information.
Added functionality: New features include a status filter, search capability by vulnerability or asset, detailed information views, and streamlined exception request processes.
Intuitive user interface: The interface boasts a top bar with ticket links, counts summary, and a progress bar, plus a landing page that serves as a simplified view for part-time Vulcan users.
Seamless transition: All enhancements are backward compatible, ensuring users with existing permissions will retain access to the form and its new features without any migration steps.
Full Asset Deduping
We are taking cyber asset management to the next level with the introduction of full asset deduping in this release. Historically limited to host data, Vulcan asset deduping now encompasses all asset types by default providing comprehensive support for hosts, websites, code repositories, projects, and more. This powerful feature enhances the clarity and usability of the platform's aggregated cybersecurity data by ensuring that assets ingested from various CMDBs (asset inventories) and scanners are dupe free.
Deduplication mechanism: Vulcan deduplication identifies and eliminates duplications across multiple data sources presenting a unified view of the cybersecurity attack surface.
Intelligent merging: Vulcan merging mechanism is thoughtfully designed to maintain the integrity of asset data by augmenting existing structures with new data when specific criteria are met rather than disassembling and reassembling asset data.
Customizable: Deduplication criteria are not one-size-fits-all; they can be tailored to individual user needs.
Flexibility and precision: Customers can define complex and nuanced merge strategies, including combinations and groupings of criteria, to ensure the deduplication aligns precisely with their operational requirements.
Enhanced Accessibility to Vulnerability Instance
Vulnerability Instance view is a significant enhancement to how Vulcan platform users interact with and access vulnerability data, significantly reducing the steps required to access vulnerability details.
Streamlined access to Vulnerability Instances: Previously, users had to navigate through multiple layers - assets, instances tabs, and charts - to reach a specific vulnerability instance. The new view provides simplified, direct access to instance data by enabling the Vulnerability Instance mode toggle.
Dedicated information card: Each Vulnerability Instance now has its own dedicated card, presenting all relevant information in one place. This enhancement eliminates the need for excessive clicks and navigational steps to find detailed instance data.
User-friendly toggle in Vulnerabilities Tab: The interface includes a toggle in the Vulnerabilities Tab that allows users to switch to a view where all instances in the system are displayed. This makes it easier to see and select specific instances for closer examination.
Monitor Data Integration with the Vulcan Connector Activity Log
The new Vulcan Connector activity log feature offers a significant advancement in data integration and monitoring for users. It provides insight into the data synchronization processes of Vulcan Connectors and introduces significant UI appearance and functionality updates. These changes are not just cosmetic but reflect Vulcan Connector current status.
Tabular UI for easy readability and differentiation between sync cycles, storing data for a 14-day period.
Filter sync listings by status and log level. Access detailed logs for in-depth insights into each sync stage including duration, type, progress, and error details.
With the new UI enhancements in the Vulcan Connector Activity Log, you receive comprehensive insights into the Connector sync operations, helping you maintain more accurate and seamless data integration.
Magic Search is Now Available in Vulcan Playbooks
Vulcan Playbooks are receiving a major enhancement with the full integration of Magic Search. This update delivers sophisticated, customizable Vulcan Playbook creation and management.
Full integration of Magic Search in Vulcan Playbooks: All Magic Search functionality is now available in the Vulcan Playbooks filter. This integration provides users with a wide range of options to create more precise and effective Playbooks.
Rich parameters and advanced operators: Users can leverage rich new parameters and operators including AND/OR clauses and group statements. This allows for the definition of complex and targeted Playbooks tailored to specific needs.
Enhanced Playbook scope visibility: Now users can view the scope of each Playbook to clearly understand which assets and vulnerabilities a playbook targets offering greater insight and control over their cybersecurity strategies.
Seamless customer migration: Existing customers will be automatically receive the new Magic Search in Playbooks functionality.
Backward compatibility: The update maintains backward compatibility with existing parameters ensuring current Playbook configurations remain effective and relevant.
Use Assets Tags in Vulcan Analytics
Our newest update introduces asset tags in analytics to enhance Vulcan Platform reporting capabilities. This addition allows customers to tailor their reports more precisely to provide a more rich and relevant data analysis experience.
Custom filter selection: Users can designate an asset tag as a filter within analytics. This is done by flagging a tag with the option "Use as a Filter in Analytics."
Universal report availability: Filtering reports by Asset Tags is available across all reports in the Vulcan Platform, ensuring comprehensive applicability.
Efficient integration flow: Once a tag is marked for use in analytics, it will be integrated into the reporting system within the next analytics build cycle, which takes up to 24 hours. This ensures a seamless and timely addition of new filters into the system.
Enhanced dashboard interactivity: Both widgets and dashboards can be filtered by specific tags allowing users to see the impact of individual tags.
Real-time impact analysis: By filtering dashboards and widgets with specific asset tags, users can gain immediate insights into how particular tags influence their security posture. This feature helps users make more-accurate decisions based on the specific characteristics and implications of each tag.
Enhanced Asset Management with “Proactive Detach”
In our continuous efforts to refine the asset management process, we're proud to introduce the “proactive detach” feature. This new capability is part of the full asset deduping mechanism, ensuring that merged assets remain accurate and relevant.
Dynamic merge criteria compliance: The system now re-evaluates merged assets against updated merge criteria with each merger run. If assets no longer align with the current criteria, they are proactively detached, maintaining the integrity of asset grouping.
Reduced need for manual intervention: This automated check minimizes the scenarios where users need to escalate issues for manual detachment, fostering a more self-sustaining asset management system.
Out-of-the-box integration: 'Proactive detach' is a built-in feature accompanying the asset deduplication process. Your assets are constantly evaluated and adjusted to reflect the most up-to-date criteria without additional configuration.
Vulcan Connector Updates
The following Vulcan Connectors are now available and supported:
Vulcan Connector for CyCognito
Vulcan Connector for GitHub Code and Secret Scanning
Depreciation notice of Tenable WAS Connector
After careful consideration and review we have decided to deprecate the Vulcan Connector for Tenable WAS. The primary reason for deprecating this Connector is the lack of an official Tenable API. The data pulled via the current API does not accurately reflect the information displayed in the Tenable WAS user interface. This discrepancy leads to challenges in ensuring the reliability and accuracy of the data within our platform.
Workaround: In the meantime, we recommend utilizing the Vulcan Report Mapping Guide as an alternative solution.
The Vulnerability Watch for Q4 2023
These are the top CVEs from the last three months that had us talking, with remediation intelligence to help you mitigate associated vulnerability risk.
Vulcan Cyber named a Leader in the Omdia Universe: Risk-Based Vulnerability Management, 2023
Vulcan Cyber was named the leader in “Capability” in the new analyst evaluation from Omdia.
WHAT’S IN THE REPORT?
The Omdia Universe: Risk-Based Vulnerability Management Solutions, 2023 report presents the findings of an exhaustive research and evaluation project and ranking seven vendors based on capability and customer experience.
Read this report to learn about the leading vulnerability risk management solutions and see how the latest RBVM tools can help you aggregate cyber risk data from asset inventory and vulnerability scanners, prioritize vulnerability risk, effectively remediate and mitigate risk, and efficiently operate a full vulnerability management lifecycle.
Learn how Vulcan Cyber earned the highest scores for product capability.
Find out how the Vulcan Cyber risk-based vulnerability management platform can help you own your vulnerability risk at scale.