Version | 2.4.0. | ||||||
|---|---|---|---|---|---|---|---|
Release date | 06 | ||||||
Build number | xxx10115 | ||||||
Next scheduled release | 04 | ||||||
Status |
| ||||||
Upgrading instructions | Upgrading the Nanitor Server | ||||||
Nanitor Collector Server | 2.4.xxx10115 | ||||||
Nanitor Agent | 2.x4.x10115 |
Key objectives
New Features
You can now customize certain benchmark rule checks for the WIndows 10 and 2016 benchmark
New and better possibilities to filter on issues. A couple of filtering options have been added
...
Filter on issue that are within a started or not within a project (NAN-1664)
...
Filter on P0, P1 and P2 issues (NAN-1665)
...
Filter issues on Platforms and Benchmarks (NAN-1666)
Improvements
...
Software inventory status colour coding
...
Filter dropdown changes (NAN-1528)
...
Add "save/cancel" bottom bar instead of save/cancel buttons next to the range inputs (NAN-1584)
...
Dashboard should auto arrange boxes in columns when changing number of columns (NAN-1661)
...
New icon for "upgrade agent" (NAN-1696)
...
Dropdown list UI correction (NAN-1700)
...
Dashboard widgets height - just 2 sizes (NAN-1705)
...
The Nanitor release 2.4. has focused lot of improvements on Project, like applying filter for issues based on projects, benchmarks, platforms, priorities and so on. Making ease on usability of the projects. Now one can also see the RISC score of the project which gives clarity on how importance is the project. Also it gives clear understanding of which issue is associated to what project.
A new Health status dashboard is implemented. It displays complete organization health data in a different colour codes and with some weighing factors.
Collector- The Nanitor collector is process to collect configuration information from network devices, Cloud infrastructure platforms and databases. From this release onwards the Nanitor collector is bundled with the Nanitor Server so it does no longer need to be deployed separately. It will access devices outbound and then feed the devices into the Nanitor server.
New Features
A new dashboard is implemented that is “health status” (NAN-1770). It will be another dropdown menu item under the “Overview” menu. The Health status dashboard shows the below details with the colour coding:
Organisation health
Organisation health broken down by issue type.
Health over time (organisation)
Health over time (broken down by issue type). One graph where individual lines can be activated/deactivated. Dropdown to select time period (1Y, 6M, 3M, 1M, 1W)
As for now we have implemented this as a dark feature which means you can access the new dashboard by adding “health_overview” to the url of your Nanitor instance. E.g.
https://relbuild.nanitor.net/container/nanqa/health_overview
(where “https://relbuild.nanitor.net” is the url to your Nanitor instance and “nanqa” the name of your tenant/container)For further information refer to our documentation for the IT security health overview
...
Improvements
Project status filtering(NAN-1853) |
Nanitor agents needs to output silently(NAN-1827) |
Increase the height of the table <Benchmark Details Table>, too much free space.(NAN-1822) |
Vulnerability severity filter for software inventory list(NAN-1806) |
Information icon for Issue RISC(NAN-1797) |
Security concerns with running the shell scripts(NAN-1785) |
Benchmark details page: Value column - link clickable(NAN-1784) |
Remove columns “Recent Issues“ and “Recent changes“ -> Benchmark Details(NAN-1776) |
RISC score of a project(NAN-1766) |
Event bus for projects(NAN-1765) |
Add tooltip for vulnerability severity(NAN-1758) |
Filter improvements for the Issue Trend metric report(NAN-1757) |
Project status columns(NAN-1751) |
Confetti for completed projects(NAN-1750) |
Possibility to complete a project manually(NAN-1749) |
Project default filtering(NAN-1748) |
Project activity log(NAN-1747) |
Project completed date(NAN-1746) |
View Project information on issues(NAN-1745) |
Add Sentry to new collector/socket(NAN-1740) |
Need to filter Software titles with critical vulnerabilities(NAN-1735) |
Browsing issues - split window changes(NAN-1650) |
Issue list: The right split window is still showing items that are not selected after being excluded in the Full details of another item.(NAN-1649) |
Vulnerability Issue RISC: Include EPSS exploitability probability(NAN-1641) |
Issue details - details section(NAN-1571) |
Limit horizontal scrolling(NAN-1554) |
Support for implementing shell script checks(NAN-1435) |
Need to see which Nanitor Project an issue belongs to(NAN-1206) |
Nanitor project - raised from ASSET view (single asset)(NAN-1165) |
Issue details - details section (NAN-1571) |
Benchmarks
These benchmarks have been upgraded.
Benchmark | Change |
|---|---|
Windows 10 | Support for Level 2 + Bitlocker |
Windows 2016 | Support for Level 2 |
RedHat8 | SSH rules updated |
freeBSD | SSH rules updated |
For more information on supported benchmarks visit the documentation of our benchmarks space.
Fixes
Nanitor project - raised from ASSET view (single asset)(NAN- |
1165) |
Need to see which Nanitor Project an issue belongs to (NAN - |
1206) |
Support for implementing shell script checks (NAN-1435) |
Limit horizontal scrolling (NAN- |
1554) |
The last logon date shows some weird date in the future (NAN-1627)
SAML authentication isn't working (NAN-1629)
Last activate date time timestamp is a time in the future (NAN-1634)
Export of Audit report fails (NAN-1635)
Issue filter misses text context between views (NAN-1652)
Windows agent fails installing (NAN-1654)
Configuration score is not correct when using filters (NAN-1656)
Score color is wrong (NAN-1657)
'Unusual - Not a database, cloud, or device client' when checking in collected Oracle DB (NAN-1669)
Look into collector socket repeatedly closing on an unmigrated server database (NAN-1714)
Look into repeated connections for benchmark CPE using up our connection limit immediately (NAN-1718)
Empty list of assets which supposed to be not empty (NAN-1741)
Adding assets with SSH passphrase doesn't work (NAN-1752)
Fields don't show up immediately in add credential dialog (NAN-1756)
Calendar month and year font size correction (NAN-1761)
Feature removal
None
Breaking changes
...
We removed the issue age elevator by default. You can re-enable the the issue age elevator from the Nanitor settings menu.
...
Issue list: The right split window is still showing items that are not selected after being excluded in the Full details of another item. (NAN-1649) |
Browsing issues - split window changes (NAN-1650) |
Assign all filtered issues to a project (NAN-1659) |
Need to filter Software titles with critical vulnerabilities (NAN-1735) |
View Project information on issues (NAN-1745) |
Project completed date (NAN - 1746) |
Project activity log (NAN-1747) |
Project default filtering (NAN-1748) |
Possibility to complete a project manually (NAN-1749) |
Confetti for completed projects (NAN-1750) |
Project status columns (NAN-1751) |
Filter improvements for the Issue Trend metric report (NAN-1757) |
Add tooltip for vulnerability severity (NAN-1758) |
Event bus for projects (NAN-1765) |
RISC score of a project (NAN-1766) |
Remove columns “Recent Issues“ and “Recent changes“ -> Benchmark Details (NAN-1776) |
Benchmark details page: Value column - link clickable (NAN-1784) |
Security concerns with running shell scripts with the agent (NAN-1785) |
Information icon for Issue RISC (NAN-1797) |
Increase the height of the table <Benchmark Details Table>, too much free space (NAN-1822) |
Feature removal
Remove the project status “pending”
Breaking changes
The Nanitor collector has been refactored. Onboarding devices that require a collector is now completly done through the web interface of Nanitor. Therefore the obsolete documentation has been removed and being replaced with a new one. |
|---|
Remove the word "Change" from the tooltip(NAN-1810) |
"Assign issue" instead of "Move issue" (NAN-1807) |