ObjectSecurity OT.AI Platform | v2.1.1 Release Notes

Modified on Wed, 03 Jan 2024 at 09:10 AM

Previous versions of Release Notes can be accessed here.



ObjectSecurity OT.AI Platform v2.1.1 release adds a number of new features to organize CWE information. Existing features have been optimized and improved. The account creation and management process has been simplified.



TABLE OF CONTENTS


What's Changed with This Release:

What's New:

  1. The CWEs tab is now organized according to the parent-child CWE hierarchy defined by MITRE.

  2. [On-prem Offline VM Only] New deployments now allow the user to set the initial SUPERADMIN account credentials.

What's Updated:

  1. The asset vendor, product, and version text inputs have been turned into dropdowns.

  2. The speed and performance of CPE/CVE detection has been improved.

  3. ThreatAI assessment results now map to CWEs.

  4. Weak Pointer assessment results now map to CWEs.

  5. Various other new detectable CWEs have been added.

  6. The 3D embedded system graph has been replaced with a colored Critical/Vulnerable/Safe grid component.



Feature details

New Feature: CWE Tab Organized by Parent-Child Hierarchy

The CWE tab within the binary analysis page is now organized in a way that allows the user to follow the hierarchy of the CWE from parent to child relationships. Hierarchical organization provides a structured and systematic representation of different types of weaknesses, allowing for a clear and organized view of the relationships between them.
This helps in categorizing and classifying weaknesses based on common traits and characteristics. At higher levels, weaknesses can be broadly categorized, providing an overview. At lower levels, more specific and detailed information about each weakness is available. Users can drill down into specific categories or climb up to see broader classifications.
Users can quickly locate and understand the context of a particular weakness within a broader category. This organizing strategy facilitates the identification of common patterns, root causes, and related weaknesses, aiding in the development of effective countermeasures.



New Feature: [On-Prem Offline VM] New Deployments Allow User to Set Initial SUPERADMIN Account Credentials

When users start up their On-Prem Offline VM for the first time, they are prompted to set their SUPERADMIN login credentials before running analyses. Allowing users to set their login credentials, such as usernames and passwords, promotes user autonomy and security.



Updated Feature: The Asset Vendor, Product, and Version CPE Inputs Have Been Turned Into Dropdowns

This has been updated for ease of use and to improve the user experience when entering CPE information. The user’s entry will auto-complete if ObjectSecurity OT.AI Platform contains CPE data associated with the entry.



Updated Feature: Speed and Performance of CPE/CVE Detection Has Been Improved

The CPE and CVE detection mechanisms have been improved, and the results now return faster, improving the overall analysis completion speeds.


Updated Feature: ThreatAI Assessment Results Now Map to CWEs

ThreatAI assessment results now map to related CWEs, helping the user understand how the different analysis results are connected to the weaknesses of the binary overall.



Updated Feature: Weak Pointer Assessment Results Now Map to CWEs

Weak Pointer assessment results now map to related CWEs, helping the user understand how the different analysis results are connected to the weaknesses of the binary overall.



Updated Feature: Various Other New Detectable CWEs Have Been Added

CWE mappings have been improved upon and the CWEs that are detected are now more specifically mapped to the problems that are present.


Updated Feature: 3D Embedded System Graph Replaced with Colored Critical/Vulnerable/Safe Grid Component

The 3D Embedded System Graph has been replaced with a more readable numerical component. This change was made because the 3D embedded system graph did not provide much utility and was ultimately only there for visual purposes. It has been removed and replaced with a more utilizable graph to avoid confusion.



Was this article helpful?

That’s Great!

Thank you for your feedback

Sorry! We couldn't be helpful

Thank you for your feedback

Let us know how can we improve this article!

Select atleast one of the reasons
CAPTCHA verification is required.

Feedback sent

We appreciate your effort and will try to fix the article