ControlsInsight 2.0.1 release announcement

Document created by mglinski Employee on Oct 14, 2013
Version 1Show Document
  • View in full screen mode

  Release Announcement
product updates

This Rapid7® ControlsInsight®  2.0.1 release includes  bug fixes and improvements related to assessment, guidance, and general display and formatting.


Assessment improvements


A number of improvements make assessments more accurate so that you can prioritize control deployment better:

  • ControlsInsight now only assesses coverage for enabled UAC on assets running Windows XP SP3 or later. Earlier service packs are no longer included in the assessment because UAC is not applicable to them.
  • Within the control category Assets with antivirus optimized, the individual controls are displayed in a chronologically meaningful order: 1) Assets with antivirus installed, 2) Assets with antivirus enabled, and 3) Assets with antivirus up to date.
  • For control categories with multiple individual controls, the overall coverage assessment of the category is mathematically consistent with the percentages for the controls within the category. For example, the category Assets with high-risk applications up to date includes four controls, one each for a specific application. The overall percentage of the category now reflects the cumulative percentage of coverage for each of these applications.
  • The priority order for the control Assets with passwords hardened has been has adjusted to make the assessment more accurate.
  • When assessing assets for applied updates, ControlsInsight now correctly reports multiple installed versions versions of affected software.

Guidance improvements

Improvements to how  procedures are presented make it easier for you to learn how to deploy security controls:

  • Deployment procedures that reference external Web pages for Australian Defense Signals Directorate (DSD), NIST, and SANS security controls have been updated and corrected as necessary.
  • Typos have been corrected for various control deployment procedures.

Display improvements


Corrections to text formatting, pagination, and graphics improve the appearance and navigation of the Web interface:

  • Deployment procedure pages now display three primary references more prominently, and feature improvements for better readability.
  • Colors of bars that show percentage of coverage for control categories have been adjusted for consistency with the bars that show percentage of coverage for controls within those categories.
  • Scrolling issues related to dialog boxes have been corrected.
  • The pagination for assets on the deployment procedures pages now displays correctly.
  • A new tooltip on the Threats panel helps to convey more clearly that taking certain steps will improve the coverage assessment grade.
  • Font  display issues have been corrected in Firefox 23.
  • Text formatting for deployment procedures is now consistent between the Web interface and the print-formatted pages and PDFs.

Logging improvement


Nexpose logging errors related to anti-virus coverage assessments have been corrected.

Rapid7 Corporate Headquarters800 Boylston Street, Prudential Tower, 29th Floor, Boston, MA