This is the  2nd UPDATE   to the Class 1 Content Change Notification - Technopedia and ARL Eligibility and Coverage Updates published on December 23, 2020 posted here. The 1st UPDATE (posted here) has been completed with removal of the initial set of ARL applications took place as part of the January 24 ARL release.  This 2nd UPDATE proposes the next set of ARL applications to be cleaned up and deleted (see the attached list). Evidence linked to these applications will be marked "Ignored" in the ARL. We plan to begin removal of these applications as part of the February 26 ARL release.    We will be publishing additional cleanup lists and schedules as this activity continues.  As a reminder, you can find the updated Technopedia Software Eligibility knowledge base document in this KB Article. ... View more

Data Platform's User Console is built upon Pentaho’s Business Intelligence platform. It has a built-in capability to schedule reports generation along with the option to email them to users within the organization. We have just posted the detail instructions on how to use the scheduler in the following documentation: Data Platform 5.5.x Report Scheduler in User Console. This document  can be found in  Product Documentation  section of Data Platform.   Feel free to reach out to us if you have any questions! ... View more

Data Platform introduced folders management capability in User Console with the 5.5.36 update (end of December 2020). This capability allows users to organize reports in folders, which includes: create and customize folders and/or sub-folders pin/unpin reports into folders and/or sub-folders sort reports within the folders, including manual sorting share and/or set permissions on the folders across users in the organization customize the home page to show any reports of choice Please find the details in this documentation: Data Platform 5.5.36 Folders Management for User Console Reports. You can find it in the Product Documentation section of Data Platform. Feel free to reach out to us if you have any questions! ... View more

Change Title Major Changes in Technopedia - ARL Crosswalk Class 1 Customers should be prepared and take action Change Summary The Technopedia – ARL Crosswalk provides a means to associate Technopedia software products and/or releases to ARL applications for joint Data Platform and FNMS customers. The original crosswalk was based on analyzing title-to-title comparisons. We have enhanced the crosswalk methodology to link titles based on the underlying evidence, providing a higher quality of match. We plan to deploy the first set of these changes beginning March 8, 2021. Impact These changes will impact all customers who use both Data Platform and FNMS and take advantage of either the crosswalk table in Data Platform or the crosswalk report in FNMS. The crosswalk table in Data Platform (CAT_FLEXERA_ARL) will see the following changes: Crosswalk records today: 230,713 Crosswalk records will be marked ‘To be deleted’: 30,171 Inaccurate crosswalk: 13,340 Crosswalk to product-level only: 12,535 Crosswalk on Tier 10 (Inactive) publishers: 4,296 Crosswalk records after March 8, 2021: 200,542 Evidence-based crosswalk: 74,112 Legacy crosswalk: 126,430 The crosswalk report in FNMS will see changes depending on how many titles in your inventory have crosswalk relationships to Technopedia. Additional crosswalk table updates to enhance crosswalk relationships with evidence are planned in the near future. Next Steps: You should review the proposed changes and be prepared for potential impact in your inventory. Several additional releases will be announced in the future with a minimum of ten business days notice, linked to this original announcement. We will not publish the list of actual records above in the Community Portal. If you are entitled to the crosswalk and would like to obtain the list, please contact us so we can arrange to have the list provided to you before the March 8, 2021 date. We welcome your feedback on these changes! ... View more

Change Title Major Changes in Technopedia - ARL Crosswalk Class 1 Customers should be prepared and take action Change Summary The Technopedia – ARL Crosswalk provides a means to associate Technopedia software products and/or releases to ARL applications for joint Data Platform and FNMS customers. The original crosswalk was based on analyzing title-to-title comparisons. We have enhanced the crosswalk methodology to link titles based on the underlying evidence, providing a higher quality of match. We plan to deploy the first set of these changes beginning March 8, 2021. Impact These changes will impact all customers who use both Data Platform and FNMS and take advantage of either the crosswalk table in Data Platform or the crosswalk report in FNMS. The crosswalk table in Data Platform (CAT_FLEXERA_ARL) will see the following changes: Crosswalk records today: 230,713 Crosswalk records will be marked ‘To be deleted’: 40,795 Inaccurate crosswalk: 23,962 Crosswalk to product-level only: 12,534 Crosswalk on Tier 10 (Inactive) publishers: 4,299 Crosswalk records after March 8, 2021: 200,542 Evidence-based crosswalk: 74,112 Legacy crosswalk: 126,430 The crosswalk report in FNMS will see changes depending on how many titles in your inventory have crosswalk relationships to Technopedia. Additional crosswalk table updates to enhance crosswalk relationships with evidence are planned in the near future. Next Steps: You should review the proposed changes and be prepared for potential impact in your inventory. Several additional releases will be announced in the future with a minimum of ten business days notice, linked to this original announcement. We will not publish the list of actual records above in the Community Portal. If you are entitled to the crosswalk and would like to obtain the list, please contact us so we can arrange to have the list provided to you before the March 8, 2021 date. We welcome your feedback on these changes! ... View more

Editorial notes: This is a crosspost from the original posts which can be found on Data Platform Blog or Software Vulnerability Management Blog.   Notes: this article is about a current event which is still highly evolving. We encourage customers to revisit as we update the article as things continue to change.  Recently, the world received notice of a far-reaching intrusion campaign, potentially affecting thousands of companies and organizations—some of which are government organizations. The malicious code, referred to as "SUNBURST", is aiming at heavily obfuscating its presence (Trojan Horse) to allow lateral movement further into the infrastructure and the gathering of data to be transferred to third-parties. Such a breach has far reaching consequences, requiring quick action and a sophisticated response to ensure that breached networks and systems become secure once again. More details will still reach the surface in the weeks and months ahead, but so far, we know that certain updates of the SolarWinds Orion Platform, which is the current base for many further products like the SolarWinds Network Performance Monitor, had been tainted to distribute a back door through a certain library. This library is usually an inconspicuous plugin used in the Orion Platform product, however, in this case it carried a malicious payload introduced through a so-called supply-chain attack. Various teams across different Flexera solutions, namely Data Platform (DP) and Software Vulnerability Management (SVM), have been working overtime to ensure that our customers get immediate visibility on the impact of this and other vulnerabilities.   Data Platform and/or Technopedia As of December 16, 2020, customers can expect to see: all impacted SolarWinds products and/or releases are captured in Technopedia any existing discovered data (a.k.a. evidence) that maps to the impacted products and/or release are recognized. Note that any new evidence that customers bring in their inventory may still need to go through the gap-fill process. if the entitlement to InfoSec Content Pack is active: impacted products will be identified any CPE’s associated with the impacted products and/or releases are linked up-to-date Secunia Advisory information linked to the available CPE’s is provided  In the future, customers can expect to see: CVE references associated with the vulnerabilities. The publication is dependent upon review/approval by the National Vulnerability Database (NVD). The CVE’s are currently in the ‘’reserved” status, Technopedia updates the CVE content on a daily basis. threat intelligence associated with the advisory (as provided by Flexera’s Secunia Research) The score associated with our security advisory today is lower than expected due to a missing CVE reference which we anticipate will be addressed shortly IT Visibility IT Visibility customers can expect to see any detected installations of impacted SolarWinds products and/or releases in their inventory, providing the evidence already exists in our recognition library. Any net new evidence may still need to go through the gap-fill process. The capability to show the vulnerability information, however, is not currently available in IT Visibility. This is something that we’re actively working on to make available in the first half of 2021.   FlexNet Manager Suite (FNMS) Similar to IT Visibility, FNMS customers can also expect to see SolarWinds applications which are potentially impacted by this attack. Given the fact that applications granularity in FNMS is captured only at the major.minor version, further investigation may be needed to identify the subset of installations in their inventory with the exact build and/or patch levels.    Software Vulnerability Management (SVM), including Software Vulnerability Research (SVR) As of December 16, 2020, SVR customers can expect to see: up-to-date Secunia Advisory which contains detail information on the vulnerabilities, including the solutions/patches and available CPEs highlight of the Secunia Advisory as part of the 0-day (Zero Day) module In the future, SVM customers can expect to see: impacted software products and/or versions being detected in their inventory. We are working to obtain the vulnerable products required to create file signatures. If you are aware of a customer that is impacted and is seeking detection, please have them submit a request through the normal software suggestion process which will help us to get the details necessary. CVE’s associated with the vulnerabilities as they are being published by a trusted source (for example, the vendor SolarWinds or MITRE) threat intelligence information associated with the vulnerabilities (as they are being released by our resources) The score associated with our Secunia Advisory today is lower than expected due to a missing CVE reference which we anticipate will be addressed shortly   Appendix List of impacted SolarWinds products and/or releases: SolarWinds Network Performance Monitor 2019.x SolarWinds Network Performance Monitor 2020.x SolarWinds Orion Platform 2019.x SolarWinds Orion Platform 2020.x   List of associated Secunia Advisories: SA99447: SolarWinds Orion Platform / Network Performance Monitor Multiple Vulnerabilities SA99535: SolarWinds N-Central / Multiple Vulnerabilities (not related to SUNBURST)   List of available, impacted CPEs: cpe:/a:solarwinds:orion_network_performance_monitor:2019.4:hotfix2 cpe:/a:solarwinds:orion_platform:2019.4:- cpe:/a:solarwinds:orion_platform:2020.2:- cpe:/a:solarwinds:orion_platform:2020.2.1:-   List of associated CVEs: (will be updated as soon as we received data from trusted resources. Please check back for any future updates.) ... View more

Note: this article is about a current event which is still highly evolving. We encourage customers to revisit as we update the article as things continue to change. Recently, the world received notice of a far-reaching intrusion campaign, potentially affecting thousands of companies and organizations—some of which are government organizations. The malicious code, referred to as "SUNBURST", is aiming at heavily obfuscating its presence (Trojan Horse) to allow lateral movement further into the infrastructure and the gathering of data to be transferred to third-parties. Such a breach has far reaching consequences, requiring quick action and a sophisticated response to ensure that breached networks and systems become secure once again. More details will still reach the surface in the weeks and months ahead, but so far, we know that certain updates of the SolarWinds Orion Platform, which is the current base for many further products like the SolarWinds Network Performance Monitor, had been tainted to distribute a back door through a certain library. This library is usually an inconspicuous plugin used in the Orion Platform product, however, in this case it carried a malicious payload introduced through a so-called supply-chain attack. Various teams across different Flexera solutions, namely Data Platform (DP) and Software Vulnerability Management (SVM), have been working overtime to ensure that our customers get immediate visibility on the impact of this and other vulnerabilities.   Data Platform and/or Technopedia As of December 16, 2020, customers can expect to see: all impacted SolarWinds products and/or releases are captured in Technopedia any existing discovered data (a.k.a. evidence) that maps to the impacted products and/or release are recognized. Note that any new evidence that customers bring in their inventory may still need to go through the gap-fill process. if the entitlement to InfoSec Content Pack is active: impacted products will be identified any CPE’s associated with the impacted products and/or releases are linked up-to-date Secunia Advisory information linked to the available CPE’s is provided  In the future, customers can expect to see: CVE references associated with the vulnerabilities. The publication is dependent upon review/approval by the National Vulnerability Database (NVD). The CVE’s are currently in the ‘’reserved” status, Technopedia updates the CVE content on a daily basis. threat intelligence associated with the advisory (as provided by Flexera’s Secunia Research) The score associated with our security advisory today is lower than expected due to a missing CVE reference which we anticipate will be addressed shortly IT Visibility IT Visibility customers can expect to see any detected installations of impacted SolarWinds products and/or releases in their inventory, providing the evidence already exists in our recognition library. Any net new evidence may still need to go through the gap-fill process. The capability to show the vulnerability information, however, is not currently available in IT Visibility. This is something that we’re actively working on to make available in the first half of 2021.   FlexNet Manager Suite (FNMS) Similar to IT Visibility, FNMS customers can also expect to see SolarWinds applications which are potentially impacted by this attack. Given the fact that applications granularity in FNMS is captured only at the major.minor version, further investigation may be needed to identify the subset of installations in their inventory with the exact build and/or patch levels.    Software Vulnerability Management (SVM), including Software Vulnerability Research (SVR) As of December 16, 2020, SVR customers can expect to see: up-to-date Secunia Advisory which contains detail information on the vulnerabilities, including the solutions/patches and available CPEs highlight of the Secunia Advisory as part of the 0-day (Zero Day) module In the future, SVM customers can expect to see: impacted software products and/or versions being detected in their inventory. We are working to obtain the vulnerable products required to create file signatures. If you are aware of a customer that is impacted and is seeking detection, please have them submit a request through the normal software suggestion process which will help us to get the details necessary. CVE’s associated with the vulnerabilities as they are being published by a trusted source (for example, the vendor SolarWinds or MITRE) threat intelligence information associated with the vulnerabilities (as they are being released by our resources) The score associated with our Secunia Advisory today is lower than expected due to a missing CVE reference which we anticipate will be addressed shortly   Appendix List of impacted SolarWinds products and/or releases: SolarWinds Network Performance Monitor 2019.x SolarWinds Network Performance Monitor 2020.x SolarWinds Orion Platform 2019.x SolarWinds Orion Platform 2020.x   List of associated Secunia Advisories: SA99447: SolarWinds Orion Platform / Network Performance Monitor Multiple Vulnerabilities SA99535: SolarWinds N-Central / Multiple Vulnerabilities (not related to SUNBURST)   List of available, impacted CPEs: cpe:/a:solarwinds:orion_network_performance_monitor:2019.4:hotfix2 cpe:/a:solarwinds:orion_platform:2019.4:- cpe:/a:solarwinds:orion_platform:2020.2:- cpe:/a:solarwinds:orion_platform:2020.2.1:-   List of associated CVEs: (will be updated as soon as we received data from trusted resources. Please check back for any future updates.) ... View more

We just pushed an update to IT Visibility which provides full visibility on all active hardware instances that were brought into the inventory. Users can now see these instances, regardless of whether they are 'normalized' (i.e. mapped to Technopedia) or not.   This information is presented in the Hardware dashboard via three different visualizations: a new Hardware count on the left-hand side pane showing total count of all active instances a new Hardware pie chart in the bottom half of the main pane showing the breakdown of normalized vs. unnormalized instances a new drill-down Hardware report -- can be brought up by clicking either the Hardware count, the Hardware chart's title, or the Hardware chart's slices -- which allows user to see all the instances, filtered by the normalization Status, Category/Subcategory, Manufacturer, Product, and Model This is a first step in the wider effort of providing full visibility and transparency into hardware normalization process in IT Visibility. ... View more