This release is a content update.
- Content updates include new checks for vulnerabilities, patch verification, and compliance with security policies.
- Product updates include performance improvements, bug fixes, and new features.
New PCI severity scores in vulnerability checks
- The Payment Card Industry (PCI) has mandated a new severity level grading system in the PCI ASV Program Guide v1.2. This system replaces the legacy five-point scoring system for PCI scans. The product incorporates this system in vulnerability checks that are relevant to PCI scans.
o High severity corresponds to CVSS scores ranging between 7.0 and 10.0.
o Medium severity corresponds to CVSS scores ranging between 4.0 and 6.9.
o Low severity corresponds to CVSS scores ranging between 0.0 and 3.9.
Bi-monthly vulnerability check update
- New vulnerability and patch checks bring coverage up to date for the following operating systems and applications:
o Red Hat Enterprise Linux
o Cisco devices
o Adobe Reader
o Adobe Flash
These checks help prevent security breaches that could allow hostile parties to take control of affected systems, gain access to confidential data, disrupt business operations, or cause other problems.
New Vulnerability Checks
- This release contains over 100 new vulnerability checks.