Get FDA readyServicesSolutionsGuardian help
Ask or search…
K
Links
Comment on page

Version 2.65.11 release notes

Summary

  • Rescore all vulnerabilities in a product version via rescore profiles
  • Rescore individual vulnerabilities
  • Support for SPDX SBOMs
  • Enhanced SBOM export now includes CPE and PURL data
  • New exploits and threats info, including EPSS and CISA KEV
  • Bug fixes and other improvements

Rescore all vulnerabilities in a product version via rescore profiles

You can create and apply rescore profiles to a product version based on your product's particular environment and usage, ensuring you're focusing on the most exploitable and impactful vulnerabilities. Any newly detected vulnerabilities for that product version will be automatically rescored with that profile.

Rescore individual vulnerabilities

You can now rescore the CVSS v3 score of any individual vulnerability associated with a particular product version so that it reflects your product's particular environment and usage. This will override any rescore profile already applied to the associated product version.

Support for SPDX SBOM format

You can now upload SPDX SBOM files, including those generated using Yocto on Linux. You can take all of your generated SPDX files, zip them using WinZip or gzip, then upload that zipped file to Helm. We'll do the rest!

Enhanced SBOM export now includes CPE and PURL data

When you upload your SBOM, we'll attempt to find exact matches in the NVD, as well as in supported package managers. If we find an exact CPE or PURL match in a package manager or if you manually specify the CPE and/or PURL for a dependency component, you'll now be able to export an enhanced SBOM that includes CPE and PURL data.

Focus on the most exploitable vulnerabilities

You can now benefit from robust exploit and threat information from a variety of sources, including CISA KEV, ExploitDB, Metasploit, and Top 25 CWEs. You can also ensure that you're focusing on the most impactful and exploitable vulnerabilities via EPSS scores.

Bug fixes and other improvements

  • Improved performance when loading SBOM and vulnerability information
  • Improved onboarding to get you started or unstuck quickly. We now provide in-page guidance to help you upload an SBOM, view dependency components for a particular product version, or expand your search criteria when there are no results. You'll see these in our SBOM, Vulnerabilities and Discover (Global search) pages.
  • Numerous user interface improvements
Terminology - Previous
Cybersecurity terminology
Next - what's new
Helm 2.62.5 release notes
Last modified 1mo ago
© Copyright MedCrypt 2023, All rights reserved.