Version | 2.4.0. | ||||||
---|---|---|---|---|---|---|---|
Release date | 06 | ||||||
Build number | xxx10115 | ||||||
Next scheduled release | 04 | ||||||
Status |
| ||||||
Upgrading instructions | Upgrading the Nanitor Server | ||||||
Nanitor Collector Server | 2.4.xxx10115 | ||||||
Nanitor Agent | 2.x4.x10115 |
Key objectives
The Nanitor release 2.4. has focused lot of improvements on Project, like applying filter for issues based on projects, benchmarks, platforms, priorities and so on. Making ease on usability of the projects. Now one can also see the RISC score of the project which gives clarity on how importance is the project. Also it gives clear understanding of which issue is associated to what project.
A new Health status dashboard is implemented. It displays complete organization health data in a different colour codes and with some weighing factors.
Collector- The Nanitor collector is process to collect configuration information from network devices, Cloud infrastructure platforms and databases. From this release onwards the Nanitor collector is bundled with the Nanitor Server so it does no longer need to be deployed separately. It will access devices outbound and then feed the devices into the Nanitor server.
New Features
A new dashboard is implemented that is “health status” (NAN-1770). It is will be another dropdown menu item under the “Overview” menu. The Health status dashboard shows the below details with the colour coding:
Organisation health
Organisation health broken down by issue type.
Health over time (organisation)
Health over time (broken down by issue type). One graph where individual lines can be activated/deactivated. Dropdown to select time period (1Y, 6M, 3M, 1M, 1W)
...
Health status dashboard(NAN-1770)
...
)
As for now we have implemented this as a dark feature which means you can access the new dashboard by adding “health_overview” to the url of your Nanitor instance. E.g.
https://relbuild.nanitor.net/container/nanqa/health_overview
(where “https://relbuild.nanitor.net” is the url to your Nanitor instance and “nanqa” the name of your tenant/container)For further information refer to our documentation for the IT security health overview
...
Improvements
Project status filtering(NAN-1853) |
Nanitor agents needs to output silently(NAN-1827) |
Increase the height of the table <Benchmark Details Table>, too much free space.(NAN-1822) |
Vulnerability severity filter for software inventory list(NAN-1806) |
Information icon for Issue RISC(NAN-1797) |
Security concerns with running the shell scripts(NAN-1785) |
Benchmark details page: Value column - link clickable(NAN-1784) |
Remove columns “Recent Issues“ and “Recent changes“ -> Benchmark Details(NAN-1776) |
RISC score of a project(NAN-1766) |
Event bus for projects(NAN-1765) |
Add tooltip for vulnerability severity(NAN-1758) |
Filter improvements for the Issue Trend metric report(NAN-1757) |
Project status columns(NAN-1751) |
Confetti for completed projects(NAN-1750) |
Possibility to complete a project manually(NAN-1749) |
Project default filtering(NAN-1748) |
Project activity log(NAN-1747) |
Project completed date(NAN-1746) |
View Project information on issues(NAN-1745) |
Add Sentry to new collector/socket(NAN-1740) |
Need to filter Software titles with critical vulnerabilities(NAN-1735) |
Browsing issues - split window changes(NAN-1650) |
Issue list: The right split window is still showing items that are not selected after being excluded in the Full details of another item.(NAN-1649) |
Vulnerability Issue RISC: Include EPSS exploitability probability(NAN-1641) |
Issue details - details section(NAN-1571) |
Limit horizontal scrolling(NAN-1554) |
Support for implementing shell script checks(NAN-1435) |
Need to see which Nanitor Project an issue belongs to(NAN-1206) |
Nanitor project - raised from ASSET view (single asset)(NAN-1165) |
Issue details - details section (NAN-1571) |
Benchmarks
These benchmarks have been upgraded.
Benchmark | Change |
---|---|
RedHat8 | SSH rules updated |
freeBSD | SSH rules updated |
For more information on supported benchmarks visit the documentation of our benchmarks space.
Fixes
Nanitor project - raised from ASSET view (single asset)(NAN-1165) |
Need to see which Nanitor Project an issue belongs to (NAN - 1206) |
Support for implementing shell script checks (NAN-1435) |
Limit horizontal scrolling (NAN-1554) |
Issue list: The right split window is still showing items that are not selected after being excluded in the Full details of another item. (NAN-1649) |
Browsing issues - split window changes (NAN-1650) |
Assign all filtered issues to a project (NAN-1659) |
Need to filter Software titles with critical vulnerabilities (NAN-1735) |
View Project information on issues (NAN-1745) |
Project completed date (NAN - 1746) |
Project activity log (NAN-1747) |
Project default filtering (NAN-1748) |
Possibility to complete a project manually (NAN-1749) |
Confetti for completed projects (NAN-1750) |
Project status columns (NAN-1751) |
Filter improvements for the Issue Trend metric report (NAN-1757) |
Add tooltip for vulnerability severity (NAN-1758) |
Event bus for projects (NAN-1765) |
RISC score of a project (NAN-1766) |
Remove columns “Recent Issues“ and “Recent changes“ -> Benchmark Details (NAN-1776) |
Benchmark details page: Value column - link clickable (NAN-1784) |
Security concerns with running the shell scripts with the agent (NAN-1785) |
Information icon for Issue RISC (NAN-1797) |
Increase the height of the table <Benchmark Details Table>, too much free space (NAN-1822) |
Benchmarks
These benchmarks have been upgraded.
...
Benchmark
...
Change
...
RedHat8
...
SSH rules updation
...
freeBSD
...
SSH rules updation
For more information on supported benchmarks visit the documentation of our benchmarks space.
Fixes
...
UX bug: User can't manage last two rules in a benchmark when a rule has been modified(NAN-1671)
...
Trend metric PDF report does not show correct information(NAN-1759)
...
Most issue filters don't work on compliance issue views (NAN-1764)
...
Set a resolved_reason for issues resolved because a rule has been removed from a benchmark (NAN-1777)
...
Refreshing project activity log refreshes the issue list instead (NAN-1782)
...
Add more info to "all projects" list (NAN-1787)
...
Weird logic for what projects we show in places (NAN-1790)
...
Progress bar on project issue asset page is white on a black background (NAN-1795)
...
Starting project from project list does not work (NAN-1805)
Feature removal
Issue details - details section (NAN-1571)
...
Feature removal
Remove the project status “pending”
Breaking changes
The Nanitor collector has been refactored. Onboarding devices that require a collector is now completly done through the web interface of Nanitor. Therefore the obsolete documentation has been removed and being replaced with a new one. |
---|
Remove the word "Change" from the tooltip(NAN-1810) |
"Assign issue" instead of "Move issue" (NAN-1807) |
...