Leen Changelog

• Released the Rapid7 integration within the VMS model

• Released the Semgrep integration within the AppSec model

• Added  additional fields to the Qualys connector- device tags and CVSS data

• Added an option to override the timestamp for the initial load for the Qualys connector. This feature enables customers to define exactly how much data to pull in from this connector on the initial connection

• Added vendor_data to the VMS and device models as a field to passthrough vendor specific values

• Record when the state of a vulnerability changes and enable filtering on stateUpdatedSince to help track the state of specific vulnerabilities over time

• Added a provisioning endpoint to test credentials for a given connection to ensure that the provided credentials are valid before setting a connection live

‍

• Leen's AppSec model is now live with our first integration in this category- Snyk! We support both SAST and SCA issues via this model. We'll be adding a Semgrep integration to this model soon

• Our EDR model is live too! The first integration two integrations we're releasing in this category are with CrowdStrike and SentinelOne. The integration with  MS Defender for Endpoint is coming very soon

• Added an updatedSince filter on the AppSec, EDR, and VMS models so it's easier to fetch relevant data in smaller batches from customer environments with a lot of data

• Expanded our lab so we can offer more robust sandboxes for each one of our supported connectors. You no longer need to rely on end customer data to test connectors!

• Added monitoring and logging capabilities to detect issues with upstream APIs so we can inform customers when specific vendor APIs are down

‍

• A new Quick Start guide has been added to our docs to help explain concepts like organization and connection within Leen's platform
• Released endpoints to:
  • Poll the status of new data refreshes- Connection Job endpoint. Use this endpoint to ensure the data you're pulling from Leen is as up to date as possible
  • Delete organizations and connections. This is our latest management API to help clean up inactive organizations and associated connections
• Added support for pulling user access data per connection. This endpoint can be used to fetch a list of users with access to a given tool and their level of access
• Added docs on how to create credentials and permissions for Tenable and Qualys. This guide ensures that credentials for these tools are setup with the proper permissions for Leen to fetch data

‍

• Our first unified data model for Vulnerability Management is live!
• The first 2 Vulnerability Management connectors we're supporting are Qualys and Tenable. Both of these connectors are now available and are populated with sandbox data. Reach out to our team to request API keys to access this sample data
• The devices endpoint is now available to allow you to pull a list of devices associated with vulnerabilities
• Onboard all of your customers and their connections to various security vendors via our provisioning APIs‍
• Our API now supports filters so you can choose which data points to pull and which ones to ignore. You can filter vulnerabilities by severity, device ID, CVE, protocol, etc and devices by IP, status, hostname, etc.