Major Release: Greenbone Enterprise Appliance 24.10 with Hot New Features

We’re excited to announce the coming release of Greenbone Enterprise Appliance (GEA) version 24.10, with new front-end features to enhance your vulnerability management activities, and performance enhancing back-end features. Our GEA product line includes a wide range of enterprise vulnerability management solutions including dedicated hardware appliances and virtual machine (VM) configurations suitable for enterprises of all sizes.

This newest release of GEA reflects Greenbone’s commitment empowering fundamental cybersecurity best practices, allowing organizations to close security gaps before threat actors can exploit them. With improved performance, enhanced scanning capabilities, and refined user experience, GEA 24.10 offers a robust solution for proactive, comprehensive cybersecurity. In this post, we’ll delve into the latest features and improvements that make GEA 24.10 a vital upgrade for enterprise exposure management and cybersecurity compliance.

What’s New in GEA Version 24.10?

From a high-level vantage, the Greenbone Security Assistant (GSA) web-interface has a totally new look. GSA is the IT administrator’s doorway into security visibility, and GEA 24.10 features a modern minimalist look and feel, emphasizing utility and keeping Greenbone’s capabilities within reach. But the new look is just scratching the surface. Let’s review some deeper changes on the horizon.

The New Compliance Audit Report View

Cybersecurity compliance is increasingly important. New regulations across the EU such as Digital Operational Resilience Act (DORA), Network and Information Security Directive 2 (NIS2)  and the Cyber Resilience Act (CRA) require organizations to take more actions. Other forces such as cybersecurity insurance and the need for stronger third party oversight are impacting how companies oversee their cybersecurity operations.

GEA 24.10 includes a brand new compliance-focused view designed to enhance insight into regulatory and policy alignment. The new compliance view allows greater visibility into cybersecurity risks, supporting alignment with IT governance goals. It hosts compliance audit reports, new dashboard displays and filtering options. This helps keep compliance-focused data distinct from regular scan reports. Delta audit reports also highlight compliance progress with visual indicators and tooltips for easy identification.

EPSS Support Adds AI-Based Prioritization

As the number of CVEs (Common Vulnerabilities and Exposures) continues to increase, prioritizing vulnerabilities to focus on the most high-impact threats is critical. The Exploit Prediction Scoring System (EPSS) is an AI-driven metric that estimates the likelihood of a vulnerability being exploited in the wild using historical data to predict which new CVEs are highest risk.

EPSS data is now integrated into GEA 24.10 directly, bringing current exploitation probabilities for every currently active CVE into the Greenbone platform. This enables administrators to leverage up-to-date exploit probability scores and percentiles, in addition to the traditional CVSS Common Vulnerability Scoring System) severity, empowering them to focus on vulnerabilities that are most likely to be actively targeted by attackers.

More Adaptable CSV and JSON Report Exporting Capabilities

Greenbone’s approach has always centered on simplicity and flexibility, making it easy to fit unique organizational needs. With GEA 24.10, we’ve introduced JSON formatted report exporting capabilities. Users can also customize the fields to be included in exported CSV or JSON reports. Reports can now be configured to match requirements more precisely, to focus on what’s essential for analysis, compliance, or decision-making.

Additional Backend Optimizations

To enhance the flexibility and accuracy of vulnerability matching, GEA 24.10 introduces several backend optimizations focused on CPE (Common Platform Enumeration) handling and feed management. Here is a look at what’s new:

  • The GEA 24.10 backend can convert CPEv2.3 strings to CPEv2.2 URIs, storing both versions for more reliable affected product matching. Future development may include advanced, on-the-fly matching, bringing even more precision to vulnerability assessments.
  • GEA now supports JSON-based CVE, CPE, EPSS and CERT feeds and gzip data compression.

Summary

With the coming release of GEA 24.10, Greenbone takes its leading vulnerability management solution to the next level. Get ready for a modernized, user-friendly GSA web interface and a compliance-focused audit report view that brings even greater transparency. Enhanced CSV and JSON export features give you complete control over your report data. New to this version: AI-based EPSS for intelligent vulnerability risk prioritization. Powerful backend optimizations also ensure seamless compatibility with new CPE formats and JSON-based feeds. With these new features, Greenbone offers a robust, flexible solution that empowers organizations to stay proactive against threats and strengthen their cybersecurity strategy.

Webinar on the Major Release

Find out everything you need to know about the new release 24.10. in the webinar. In just 30 minutes, our experts will show you how to keep an even better eye on security requirements with the new functions. Experience the next generation of IT security with Greenbone!

Dates:
Tuesday, November 26, 2024, 9:00 AM – 9:30 AM CET
Tuesday, November 26, 2024, 4:00 PM – 4:30 PM CET

Register now