- 2 Minutes to read
Release Notes - Mar 2023
- 2 Minutes to read
New Features and Enhancements
1. Integration with Tanium
SAFE now seamlessly integrates with Tanium, a top-tier endpoint security management platform, to get the assets and their security misconfigurations into SAFE.
SAFE administrators can configure this integration using the Tanium card available on the SAFE Hooks page.
Refer to the Tanium Integration Guide.
2. Enhancements to Qualys SCA Integration
Qualys CA integration has been improved to include more asset types and better asset matching capabilities that automatically add assets to default groups based on the Operating System (OS) information from Qualys. The list of supported asset types is as follows:
- RHEL 7.x
- RHEL 8.X
- CentOS 7.x
- CentOS 8.x
- Ubuntu 22.x
- Ubuntu 20.x
- Suse Linux 12.x
- Suse Linux 15.x
- Windows 8.1
- Windows 10
- Windows 11
- Windows Server 2012 R2
- Windows Server 2016
- Windows Server 2019
- Windows Server 2022
Refer to Qualys SCA Integration Guide.
3. Enhancements to Qualys VMDR Integration
Qualys VMDR integration has been improved with better asset matching capability that enables SAFE to automatically add assets that are discovered through Qualys VMDR to their corresponding default group based on their Operating System, streamlining the asset management process for users.
4. New Risk Scenarios based on Threat Groups
We have added 5 Risk scenarios based on the Threat Groups in SAFE. Risk scenarios based on the Threat Groups involve identifying potential risks that a specific threat group may pose to an organization’s assets or infrastructure. This includes analyzing the group’s past behavior, tactics, techniques, procedures (TTPs), and other characteristics to determine an attack’s potential breach likelihood. By understanding the unique risk posed by a particular threat group, an organization can better prioritize and allocate their security resources to defend against potential targeted attacks.
5. Industry selection made easy in SAFE
We have made changes to the industry selection process in SAFE to improve clarity and remove any confusion. Custom industry support has been removed, and we have updated our industry drop-down to include all possible options based on the North American Industry Classification System (NAICS).
To assist you in selecting the appropriate industry for your organization, we recommend referring to the industry description sheet available here.
If you are still unable to find the appropriate industry for your organization, you may select "Other" from the industry drop-down. However, please note that you will not be able to provide a custom name for the industry. We hope that these changes will make the industry selection process more straightforward and efficient for all users.
6. Enhancement in SAFE Scoring
We have made some adjustments and refinements to the SAFE Scoring model. As a result, you may notice changes in your organization's SAFE Scores and Breach Likelihood with this release. Here are the key points to be aware of:
- Based on current cyber risk trends and threat landscape, we have recalibrated the weights of techniques and prior probability in the model.
- The Third-party or Outside-in SAFE Score is now calculated using MITRE ATT&CK.
- We now support version 12 of the MITRE ATT&CK matrix.
- SAFE now maps over 140K vulnerabilities to MITRE ATT&CK, due to which SAFE scores will now account for those vulnerabilities.
- We have added coverage controls for Cyber Security Products that can affect the SAFE Scoring.
- To improve breach likelihood accuracy, only assessed signals will contribute to risk reduction. Not assessed signals will only be considered for confidence estimation.
- KnowBe4, Breach Exposure, and Proofpoint insights severity have been recalibrated.
7. Deprecation Notice
The assetId and assetTypeId filters for the GET /controls API have been deprecated and are no longer supported.