detected, integrations, fixes

Website v2.60.0

Enhancements

  • SEC-4257 : Add http proxy support for AWS node scans
    • AWS nodes may now be scanned via an HTTP proxy rather than via direct connection
  • SEC-4251 : Allow users to edit their email address when LDAP is enabled
    • Users may now edit the email address associated with their UpGuard account when LDAP is enabled
  • SEC-4249 : Change default login role for new LDAP accounts from ‘member’ to ‘analyst’
    • Users created by simply logging in to an LDAP-enabled appliance are now added as analysts rather than members
  • SEC-4243 : Add logging to the various two-way integrations
    • The Integrations page now has an option to view detailed logs for certain integrations. Please speak to your FDE before using this feature
  • SEC-4241 : Add node group and environment filtering to the policy report
    • Those using the new policy report may now filter results by node group and environment
  • SEC-4230 : Get diffs endpoint to pull directly from NodeScanItemDiffs table
    • The api/v2/diffs endpoint has had its behaviour modified to that of the visualisation and change reports, and thus should produce more sensible results
  • SEC-4210 : Do not load all changes on node index
    • Dramatically improved the performance of the Monitored page when a large number of changes have occurred recently
  • SEC-4200 : Detected index
    • The detected page and associated workflows have been overhauled. Please speak to your FDE before using this feature
  • SEC-4178 : Update Authy 2FA for current use
    • Authy 2FA has been updated to fix compatibility problems
  • SEC-4176 : Integrations>Name values for Slack and Jira not forming correctly when integrations added
    • Allow users to specify names for JIRA and Slack integrations, rather than just auto-naming them
  • SEC-4166 : ‘Variable Name’ field while creating variable override is empty
    • Fixed an issue during variable override creation that caused the source variable’s name to disappear
  • SEC-4026 : Allow “Write to log” action to be attached to the “All” events view
    • All events may now be emitted to the syslog forwarder. Please contact your FDE if you want to use this feature
  • SEC-2598 : Improve Display of Raw File Checks
    • Raw file checks now present much better in the new policy report
  • SEC-1953 : Remove ancient warning message when adding website as first node
    • If you were very lucky, you would occassionally get a message instructing you to install an agent after adding a node, regardless of type. This will no longer happen
  • CHAN-68 : Implement details slideout: Long CI values are truncated with no ability to show more
    • Those running the new change report may now click on change records to view the data in much greater detail
  • CHAN-67 : Change Type filtering causes counts to equal zero
    • Previously, filtering to a certain change type would cause the count boxes for the other change types to go to zero. These boxes will now vanish instead
  • HAN-66 : Add very basic date range selection to home page
    • Graphs on the homepage are now capable of filtering to 10, 30 or 90 day ranges, up from the previously locked 7

Fixed Issues

  • SEC-4258 : Syntax incorrect for Nessus scan present check
    • Fixed a bug where Nessus scans would not be initiated correctly if the supplied Nessus user had no pre-existing scans
  • SEC-4246 : The “Export Search” route is throwing a 404
    • Fixed a bug where the export button on the Search page would lead to a maintenance page instead of doing what it’s supposed to
  • SEC-4228 : Edit Node page broken
    • Fixed various bugs afflicting the node edit and bulk edit pages
  • SEC-4165 : Changes in “Github API Token” field on a github org node is not updated on the edit page
    • Fixed a problem where Github nodes could not be edited successfully due to a field misalignment
  • CHAN-60 : Change report date filter’s month and year selector does not work
    • Fixed an issue where updating the month/year values in the change report filter via the calendar slide out would not work

Windows Connection Manager/Agent 4.13.0

Enhancements

  • WIN-193 : CIS benchmarks for Oracle Database 12c
    • The CIS benchmarks for Oracle 12c Databases running on Windows hosts may now be executed. Please contact your FDE if you need assistance in setting this up

Fixed Issues

  • WIN-342 : Current IIS scan does not work for PS 2.0 / IIS 7 / Win 2008
    • Fixed an issue where IIS scan would fail when working in legacy environments

SSH Connection Manager/Agent 4.13.0

Enhancements

  • GOAT-484 : CIS Level 1 and Level 2 Benchmarks for AWS Linux
    • The CIS Level 1 and Level 2 benchmarks may now be executed against AWS Linux nodes. Please contact your FDE if you need assistance in setting this up
  • GOAT-476 : Surface S3 Bucket Policies as CIs
    • The structure of S3 Bucket nodes has changed slightly to allow for easier application of policies
  • GOAT-481 : Add AWS IAM Node
    • The GOAT is now able to scan AWS IAM services as a node