Vulnerability Management

Currently a scan job (local probes and external scanner) can be hung up and fail for literal months, and there's no automated action or alerting. You're forced to manually dig through job logs in multiple places to manually validate scanning consistency.

I ran the validate credentials scan to check on the Firewall configs I have just added. Issue is, the results do not define which Credentials were tested. I do understand what the error message says (issue with port etc), it just doesn’t let me know which device / credentials. The log should show the Name of the credentials tried from the credentials page

The current ConnectSecure Vulnerability Scanner supports TCP-only port scanning for external devices. This limitation was identified when the scanner failed to detect weak cipher configurations on a Cisco Meraki appliance, as IKE/IPsec operates over UDP port 500 rather than TCP. To improve detection accuracy and coverage, please consider enhancing the External Port Scanner to support both TCP and UDP scanning where feasible. This would allow proper assessment of services that rely on UDP-based protocols and reduce false negatives in cryptographic and configuration checks.

I am trying to streamline the onboarding of a new company into the CS portal. When creating a new company, the system will automatically apply any of the Global scheduler settings (Scan, Patch, and Report options). The ask: Is there a way to have an option like a checkbox to 'exclude Global schedules' from a newly added company automatically at creation? What I am finding is the experience is very manual when creating a new company and needing to remove them from the Global schedulers. Each of the setups have to be clicked into one a time to 'deny' the newly added company. Example here > I have to manually go in and edit each of the lines. It would be nice to have a simple checkbox or toggle indicator that allows us to 'exclude from Global' or something alike.

Bulk Unsuppress Remediations from the Global View

OpenSCAP is a dependency used only on specific operating systems, and it is currently not included in the portal’s standard dependency check. We will evaluate the feasibility of adding this to the Agent Dependency Status view and will keep you informed on our progress.

An asset is shown with the OS name “Ubuntu,” and clarification is needed on whether the system can differentiate between Ubuntu used as a workstation versus a server. The query is whether there are specific indicators or features used to distinguish the OS role and machine type, or if all Ubuntu/Linux systems are currently treated the same.

Give the ability to Add/Remove a TAG from an Asset using age/days as a trigger. Example: Add/Remove a tag to any new asset that has been discovered in the last [X] days.

It would be nice to be able to scan IPv6 ranges.