New "Software composition" dimension and updates to package SBOM data ingestion
Improved visibility into imported package SBOM files and the associated risk through the
Software composition dimension. Learn more.
Ability to highlight risks and view recommendations related to package licenses. Learn more.
Ability to create tickets manually related to package SBOM recommendations in your third-party
ticketing system (Jira, GitHub, or ServiceNow) from the Concert UI. Learn more.
Ability to use the IBM Key Protect Service, IBM Red Hat Openshift Kubernetes Service (IBM
ROKS) on, and Red Hat® OpenShift® Service on AWS for data ingestion. Learn more.
Support for CycloneDX version 1.6 for software
bill of materials (SBOM) data formatting. Learn
more.
Improvements to Evidence store
Ability to provide evidence of compliance from the Evidence store or
Compliance page to monitor and audit reports on SBOM at application level and
configuration at environment level. Learn more.
Added new evidence tab under Compliance to show the evidence that is
associated to compliance assessments. Learn more.
Improved visibility and tracking of expiring certificates
Ability to import certificate data in JSON format. Learn more.
Ability to link certificates with access points and environments through ingesting information
about access points. Learn more.
Identify expiring certificates and prioritize renewals by automating ticket creation or manually
creating tickets in your third-party tracking tool from the Concert UI. Learn more.
Enhancements to vulnerability data ingestion and remediation
Enhanced recommendations and mitigation details related to CVEs (based on wastonx.ai). Learn more.
Ability to generate tickets based on image and packages to create CVE groups, reducing the
number of tickets created in your third-party tracking tool. Learn more.