v1.0.2

The following new capabilities and improvements are available with IBM® Concert version 1.0.2.

Release date: 11 October 2024

  • Vulnerability dimension enhancements
    • Support for CVE scans from images generated by Sysdig and Aqua Security tools.
    • Support for CVE scans from source code repositories in Aqua Security (VDR) format.
    • Support for CVE scans from virtual machines (VMs) generated using Qualys scanning tools.
    • Support for Dynamic Application Security Testing (DAST) exposure scans generated using the Zed Attack Proxy (ZAP) tool.
    • Support for Static Application Security Testing (SAST) exposure scans in SARIF (JSON) format.
    • Ability to view and filter by highlights related to prioritized CVEs and exposures, as well as the blast radius (impact) of an individual vulnerability (CVE).
  • Compliance dimension enhancements
    • New Compliance catalog library allows you to search, filter, and select catalogs from a library of compliance catalogs.
    • Ability to upload a custom compliance catalog.
    • Ability to view Remarks for each control in the compliance scan results to better understand why an environment was deemed compliant or non-compliant.
    • Ability to create a compliance profile using controls from multiple catalogs.
    • Ability to import CIS catalog from the catalog library and perform benchmark assessments.
    • Ability to view and filter by highlights related to the compliance assessments, profiles, and catalogs.
  • Automation rules and ticket creation enhancements
    • Ability to configure automation rules to create tickets grouped by non-compliant controls within a profile for an environment
    • Ability to configure automation rules in the Software composition dimension to open tickets that are grouped by recommended actions such as package license review, package upgrade, or replace package.
    • Ability to open tickets manually to address environment compliance issues.
    • New integration with Salesforce as a third-party ticketing system.
    • Automatic update to tickets status or closure of tickets when renewed certificates are uploaded.
  • Certificate dimension enhancements
    • Ability to view highlights related to expiring certificates, as well as the blast radius (impact) of an individual certificate.
    • Ability to delete certificates and edit a subset of attributes.
  • Software composition enhancements
    • Ability to view and filter by highlights related to package risk and recommendations and view the blast radius (impact) for a single package.
  • Deployment management improvements
    • Ability to upgrade and uninstall Concert on an Red Hat® OpenShift® Container Platform.
  • User management enhancements
    • Support for user authentication via enterprise identity providers (IdPs) for a Concert instance deployed on a virtual machine (VM) or Red Hat OpenShift Container Platform.
    • Support for user groups defined in IBM Cloud Pak® foundational services for Concert instances deployed on Red Hat OpenShift Container Platform.
  • Inventory UI/UX enhancements
    • Ability to view details about the blast radius (dependencies, impacting CVEs, etc.) of an application or environment.
  • New instance configuration settings
    • Ability to control allowed and denied licenses for packages that align with your organization policies.
    • Ability to select whether to use IBM Risk Score or CVSS to prioritize vulnerabilities.
    • Ability to customize the risk score range to determine each priority level.
    • Ability to delete sample data loaded from the welcome tour.
  • Updates an improvements to the Concert toolkit and API
    • When creating an API key in the Concert UI, you can view your unique instance ID and hostname which are required to invoke the Concert API.
    • New data types supported for continuous ingestion and other updates to the Concert toolkit.
  • Miscellaneous bug fixes and enhancements