2012-12-10 product and content updates
This Rapid7® Nexpose® 5.5 release includes new features and improvements in reporting, configuration assessment, coverage, performance, usability, and documentation.
These release notes document what's new in this Nexpose release. Your Nexpose installation will automatically download and install content updates. If you have enabled Nexpose to install product updates, it will do so as well. For more information about updates, see the release announcements FAQ page.
Remember to clear your browser cache after applying this update!
If you have made any changes to your Nexpose license, such as adding new features, restart your Security Console after applying this update.
Reporting | product
New workflow simplifies running and designing reports
With a streamlined interface, you can build and run reports, and create report templates more quickly. The Reports configuration panel now features a clean layout and a three-tab navigation that simplifies all report-related tasks. Using a new carousel feature, you can scroll through template previews and enlarge views to see them in better detail. This helps you decide at a glance what kind of report template will serve your needs best. Advanced report configuration features are more intuitive, so that you can handle tasks like creating risk trends and distributing reports more easily.
"Top 10" reports provide a quick look at threatened assets
Two new report templates isolate assets with high numbers of threats so that you can prioritize remediation tasks accordingly:
- Top 10 Assets by Vulnerabilities lists 10 assets with the most vulnerabilities. It displays total vulnerabilities and malware and exploit exposures for those vulnerabilities.
- Top 10 Assets by Vulnerability Risk lists 10 assets with the highest risk scores. It displays risk scores, total vulnerabilities, and malware and exploit exposures for those assets.
Bug fixes correct report issues
- Site importance is now displayed correctly in the remediation plan report.
- Baseline comparisons for certain data sets are now generated correctly.
Configuration assessment | product & content
Coverage expands with CIS benchmarks and USGCB 2.0 policies
Configuration assessment coverage now includes checks for CIS benchmarks and USGCB 2.0 policies, expanding support for U.S. government agencies and entities that do business with them. As of this release, the following platforms are supported with this content:
- Microsoft Windows 7
- Microsoft Windows XP
- Microsoft Windows 2003 and 2008
USGCB 2.0 policies:
- Microsoft Windows XP
- Microsoft Windows Vista
A scan template specifically for CIS benchmarks is now available, in addition to the USGCB 2.0 template.
Upload feature supports SCAP policy customization
You can now upload certain custom SCAP content for use in policy scans. This unlocks your ability to create policy checks that reflect the specific needs of your environment and to include these checks with other policy and vulnerability checks in the same scan window. Global Administrators can access the easy-to-use upload feature on the Policies page. Documentation provides guidelines for how archives should be prepared for upload.
NOTE: USGCB, CIS scanning, and policy uploads are part of the Policy Manager Module available at no additional charge with Enterprise Edition and Consultant Edition and require the Policy Manager feature to be enabled. To discuss upgrade options or how to turn on the Policy Manager, contact your account representative.
Advanced Policy Engine feature renamed Policy Manager
The Advanced Policy Engine feature has been renamed Policy Manager throughout the Web interface and documentation. References to Advanced Policy Engine remain in the Help glossary and Search for easy reference.
Disk usage, capacity, and performance | product
Database-related improvements result in better performance and use of resources:
- Improvements to storage of scan results reduce your overall disk usage and capacity needs over time. After the upgrade to this release, all current and future scan results will consume less disk space. Beyond freeing up resources, this change also significantly improves report performance and scan times. In addition, a new console command called show host provides detailed configuration information about your installation environment, including disk usage.
- The process for deleting a site is now more fault tolerant and can recover if interrupted. This improves disk space usage and data integrity. The change also ensures that if a site deletion is interrupted by an event such as a power outage and then resumed, assets related to the site will no longer be counted against your license.
Scan results and configuration | product
- When resuming a paused scan, you can now view data about assets for which the scan has completed.
- You can now set the Web spider to avoid scanning Web-connected printers, print servers, and multi-use devices to speed up scan times and prevent disruption to printing services. This is a new scan template configuration setting.
- The following deprecated Web spider settings have been removed from the Scan Template Configuration panel:
- spider file regular expression
- resolving DNS names while spidering
Scanning improvements | product
A number of improvements enhance coverage and correct past scanning issues:
- SNMP fingerprinting now gathers more information about scanned assets from accessible SNMP communities.
- SNMP community strings discovered during authenticated scans no longer have the potential to cause account lockouts on other services.
- A bug fix corrects Telnet authentication issues on CISCO IOS targets.
- Proper fingerprinting of PJL-enabled printers prevents disruption to your printing services.
Usability and other improvements | product
A number of improvements make it easier to use the Web interface for better productivity:
- Support for Firefox 17 expands the number of browsers with which you can use the Security Console Web interface.
- The Logon window that appears when Web interface sessions time out now accepts passwords with the characters %, &, and +.
Help and documentation | product
The Help site has been improved to make information easier to find:
- Help is now organized according to major tasks, making it simpler for you to find information via the contents navigation pane. A new landing page informs you about new features and information and provides links that address your tasks and questions for using the application.
- The Help Search has been refined to return only the most relevant pages for key words and phrases. You can use the new Help Search tips page to maximize search results.
Product Update IDs
- Linux 32 | Update ID: 1158343878
- Linux 64 | Update ID: 2276595095
- Windows 32 | Update ID: 3295940256
- Windows 64 | Update ID: 2457987570
Content Update IDs
Released on December 10, 2012
Download the appropriate md5sum file to ensure that the installer was not corrupted during download: