Release v1.3.13 - IBM/ServiceNow-Guardium-Vulnerability-Assessment GitHub Wiki

Issues addressed in this release

  • GRD-70437 | Performance Issue with Guardium - ServiceNow connector
  • GRD-69648 | ServiceNow: There are Discovered items with empty Configuration item
  • GRD-69662 | ServiceNow: There are same named Data sources (from same Guardium CM) in ServiceNow side
  • GRD-70777 | Filter Test Results in IBM Guardium
  • GRD-70466 | Guardium/ServiceNow Connector: Duplicate entries in Discovered Item table
  • GRD-70964 | Do not delete data sources after integration completes
  • GRD-71385 | Continue processing central manager list even if one has an error
  • issue-46 | First Seen, Actual Value, Expected Value update
  • issue-30 | Partial fix by copying existing NVD data to Guardium
  • issue-45 | Amend CI Lookup Rule to match Database Catalog related to, as well as reference to, Database Instance

Miscellaneous fixes:

  • Guardium-12345 ID for all test definitions
  • Index on x_ibmrt_gdpva_datasource.name
  • Index on x_ibmrt_gdpva_datasource.datasource_id
  • Index on x_ibmrt_gdpva_test_definition.test_id
  • Index on x_ibmrt_gdpva_test_definition.test_description
  • Disable auto-export of Database Instances and Catalogs
  • Disable auto-export of Data sources
  • Disable auto-export of Data source groups
  • Disable auto-export of Test exceptions
  • Disable auto-export of Test assessments
  • Disable auto-import of Groups and Exceptions
  • Hide test exceptions and data source group tables
  • Simplify SN navigation
  • Demote MariaDB to make sure MySQL has preference
  • Do not cause unnecessary update to data source and test definition records
  • Recommend 60 second glide.http.outbound.max_timeout
  • Allow asynchronous REST-API transactions
  • ServiceNow recommendation: Run CI Lookup after every data source import
  • GDP recommendation: Do not use NOW or NOW -7 DAY or any other variable time when running reports
  • sys_properties - with correct data type and ignore_cache=true
  • sys_store_app - log version from sys_store_app first, and if failed, use sys_app
  • sn_sec_int_integration - is_reapply_ci_lookup_supported=false
  • On first import of vulnerability tests, Third-party entries are empty. This is fixed in v1.3.13.