GPO fixes, Kubernetes scanning, Website fixes

Website v2.59.2

Fixed Issues

  • SEC-4186 : Nessus integration scheduled jobs are being created incorrectly
    • Fixed an issue where new Nessus integrations would fail to create their associated scheduled jobs
  • SEC-4221 : Nessus accounts without policies cannot retrieve templates
    • Fixed an issue where freshly created Nessus accounts could not retrieve templates for use in the “Scan Template” action dropdown
  • SEC-4215 : Certain event queries take too long to run
    • Event views without actions should not longer timeout while retrieving the event list when their query contains a “variables” reference
  • SEC-4182 : Include policy checks on listified attributes fail incorrectly
    • Include checks are now consistent and correct between target data types. Actual values that are arrays may be tested with a comma-separated Expected value, while Actual values that are lines may be tested with a newline-separated Expected value
  • SEC-4177 : Scheduled change report CSVs have different columns to ad hoc change report CSVs
    • The scheduled change report CSV now matches the ad-hoc change report CSV with regards to included columns
  • SEC-3010 : Data Archiving/Deletion
    • Select records may now be exported from the appliance. Please contact your FDE for more information

Website v2.59.1

Enhancements

  • SEC-4139 : Policy Report Overhaul
    • The policy report has been completely overhauled. This includes the policy reports index (also affectionately known as the pie charts page), and achieves parity with existing functionality in a more performant and effective manner. Please contact your FDE to enable this feature.

Website v2.59.0

Enhancements

  • SEC-4174 : Gem vulnerabilities
    • Updated gems to address the following vulnerabilities: CVE‌-2018-8048, CVE‌-2018-3740 and CVE‌-2018-3741
  • SEC-4170 : Scan only a directory
    • You may now create a node that scans only the contents of a specific directory (Linux only)
  • SEC-4159 : K8s scanning
    • Add support for scanning of K8s clusters as nodes
  • SEC-4137 : Add a “Don’t run scheduled jobs if interval missed” setting
    • You may now use the Only start jobs at scheduled time setting on the Organisation settings page to indicate that if a scheduled job misses it’s original start time, it should not start until it is next scheduled to do so
  • SEC-4053 : Remove Cyber Risk from Core
    • All Cyber Risk components have now been moved to cyber-risk.upguard.com, and the corresponding navigation item will now redirect to this address. If you have any questions about Cyber Risk, please visit https://www.upguard.com/product/cyberrisk
  • SEC-3847 : Create “Connection Manager Offline” event
    • Connection managers that are offline for more than 2 minutes will now generate a “Connection Manager Offline” event. In the event that the connection manager is the last online in its group, then a “Connection Manager Group Offline” event will be generate as well

Fixed Issues

  • SEC-4158 : Bulk editing a group with the new skin results in editing just the node with the same ID
    • Fixed an issue where on extremely new appliances it was possible to bulk edits against a node group apply the changes to only one node, matching the ID of that group
  • SEC-4155 : Nav Bar>Org dropdown pushed to front on /home & /features page
    • Fixed an issue where the Organisation navigation dropdown would hide a number of entries on certain pages
  • SEC-4154 : Have the policy version ID included in the Versions API Endpoint
    • Fixed a regression causing the policy version ID not to be included in the /policies{id}/versions API endpoint output
  • SEC-4147 : Right-click add file to scan options broken
    • Fixed issue where using the context menu to add a specific file as a scan option would not fail to do so
  • SEC-4136 : Network Device>File diffing Scan dates are not correct
    • Fixed an issue where the files underlying Cisco device scans would display a date incongruent with the scan they are associated with
  • SEC-4135 : Add unique constraint to node name and organisation columns
    • Putting an appliance under extreme load will no longer allow the creation of nodes with duplicate names
  • SEC-4129 : Node index>”More Nodes” button disappears if you delete a node
    • Deleting a node in a group that requires pagination will no longer cause the More Nodes button to disappear
  • SEC-4112 : compare_to_previous compares the currently viewed scan to the second-to-last scan done, not the scan previous to the one being looked at
    • The compare_to_previous functionality for node scans now correctly compares a node scan to it’s immediate ancestor, not the second-most-recent scan done against its parent node
  • SEC-4072 : Group diff - can’t ignore CI attributes
    • Group diff ignore functionality now has parity with that provided by single-node ignores
  • SEC-4061 : 500 errors on fleet appliances for password reset emails
    • Fixed an issue where certain appliances were unable to send password reset emails after upgrading to v2.54+

Windows Connection Manager/Agent 4.12.0

Enhancements

  • WIN-343 : CIS benchmarks for Windows 10 build 1703
    • The CIS benchmarks for Windows 10 may now be executed by the Windows Connection Manager. If you don’t have this option available in your instance, please contact support
  • WIN-340 : Add option to scan all group policy objects
    • You may now scan all GPO on a target node by specifying a * as a Group Policy scan option

Fixed Issues

  • WIN-329 : Oracle table scanning uses empty service user schema by default
    • Fixed an issue where the “Tables” section of an Oracle scan would initially return nothing due to an incorrect default schema
  • WIN-138 : Active directory scanning for group policy objects should check for duplicate keys
    • Fixed an issue where scanning for GPO would fail in certain AD configuration due to duplicate object names

SSH Connection Manager/Agent 4.12.0

Enhancements

  • SEC-4170 : Scan only a directory
    • CM/Agent work corresponding to SEC-4170
  • GOAT-486 : Create GCE node
    • Added support for scanning GCE accounts. Please refer to https://support.upguard.com/upguard/gce-node.html for more information