Delve Product Update - June 2020
June 22, 2020
It is a pleasure to bring you today's edition of our product features update. The last weeks have kept us very busy working on some important roadmap items. We have welcomed many new clients and users, so whether you are a seasoned Delve veteran or a newcomer, we're confident that the changes we've brought to the platform will add even more value to your vulnerability management operations. Let's check them out!
Prioritization of Third-Party Scanners
We believe that both the prioritization and discovery/scanning elements of our solution can contribute significantly to the vulnerability risk reduction of our customers, and simultaneously minimize the manpower burden on their teams. However, feedback from customers and others interested in our solution has consistently demonstrated that our contextual prioritization is exceptionally valuable compared with other products on the market. Moreover, many customers have invested substantially in existing scanning products, and replacing those with Delve, however desirable it may be to some, is often impractical or cost prohibitive. Thus, we have begun a development effort to apply our exclusive contextual prioritization to scan data from other VA products. Our first integration from that effort is now complete, and our Delve contextual prioritization engine can now consume scan data from Qualys. Please reach out to me at any time to schedule a demonstration of our new Qualys data integration, or to review how this new capability may be able to help improve your VM operations.
Prediction Factors Scoring
Delve now uses more than 40 factors to influence prioritization. However, as discussed in our webinar on AI in Cyber Security, a problem that any real AI-based solution faces in the industry is trust & explainability. Our machine learning algorithms are using big data under the hood to weigh the importance of each of these factors. During the last month, we've decided to open up that hood to show which factors are relevant, and also expose actual numbers on why they were seen as important. Our R&D team is working continuously to improve the transparency on how our ML models work, and this is one of the many new elements we'll be adding to the platform to help our customers understand "how our AI thinks".
Advanced Software/Port Listing
Identifying the list of software and open ports for every asset is one of the key sources of information that our agentless solution uses to identify what vulnerabilities exist on a machine. Both the software and port listing has been improved to provide a more detailed view on what is installed on the machine, with a full search function and a listing of direct installation paths, when available. To fully take advantage of this feature, we recommend running authenticated scans through the use of credentials in order to provide the scanner with a more thorough view of the scanned system.
As Delve's user base grows, we must ensure that onboarding stays consistent and effective for all. The user-friendliness of our interface is a key aspect of the product, and our objective to minimize configuration helps new users get up and running with Delve quickly. However, we thought it would be helpful to have our own tutorials right within the product, in addition to the documentation. We added tours in Delve that can help new users understand the main sections of the product and the first steps required to get Delve running. We are expecting to add more sections to the tour to help our new users in the coming releases.
Other New Features
- When adding users to a team, the list of users can be searched rather than scrolling it.
- Removing team selection for organizations with a single team.
- Improved integration with PowerBI for reporting.
This is it for today! As usual, if you would like to see something in Delve to help your vulnerability management process, feel free to contact me! We're always on the lookout for exciting new ideas to make Delve even better.