This Rapid7® ControlsInsight® 3.1 release includes user interface enhancements, threat model updates, and application performance improvements.
User interface enhancements
Several enhancements have been made to the user interface:
- The reason data for the Obsolete services disabled control in the server threat model has been enhanced to include a listing of each obsolete service that was detected on a particular asset.
- The last scanned date for an asset is now included in the CSV export file and available through the API.
- The currently applied asset filters are listed in the appendix section of the Executive Report.
- When the current scope of a particular threat model contains no assets, no defense grade will be shown. Previously this scenario would have resulted in a score of 10.
Threat model updates
The desktop and server threat models have been updated to reflect the latest changes to the Top 20 Critical Security Controls, developed and maintained by the Council on CyberSecurity, and the Top 35 Strategies to Mitigate Targeted Cyber Intrusion, published by the Australian Signals Directorate (ASD). This release also includes improvements to the overall calculation methodology that may affect defense grade scoring.