Version | 2.0.0 |
---|---|
Release date |
|
Build number | |
Next scheduled release |
|
Upgrading instructions | Upgrading the Nanitor Server |
Key objectives
This release of Nanitor introduced a new view on the data collected by Nanitor by adding a brand new dashboard view accessible from the Nanitor menu. It is meant to give a more specific view on the status of the IT infrastructure and key metrics. The dashboards will give a better and quicker insight to Security Officers and System administrators. Dashboard items are fixed to start with but can be added according to customer needs quickly and later they can be customised directly from the UI.
Nanitor did a complete refactoring of its PII feature. The redesign removes the need for a Casandra database with its assigned costs and maintenance. Also meaning the refactored PII solution is a light-weighted solution for better performance. Though the PII capabilty is a full fledged solution to discover possible strored credit card information it is still in its baby steps and to be improved with the help of customer feedback and machine learning techniques in the upcoming releases.
The work started on Nanitor projects is ongoing and gets improved with each release of Nanitor. The goal is to be able to organize the work to improve the IT security from within Nanitor without the need for 3rd party tools. Nanitor projects help to organize work by assigning detected issues from Nanitor to a project for remediation. Projects are timeboxed and can be scoped for a subset of assets. This is a perfect way to follow-up on progress and set deadline.
New Features
Menu navigation. All view are now accessible from the Nanitor top menu.
Dashboards. A brand-new view where widgets with key information can be added.
Issue handling. The release implements a split screen option to select or multi select issues for a sneak preview without leaving the filter issue list. This enhances the user experience. Documentation
The PII scanner has been refactored to a more lightweight solution. The PII feature of Nanitor scans for documents and database entries that contain possible credit card information.
A news feed that is attended to make users aware of important cyber security risk or other related information. News feed can be marked as read to not to be flagged.
EOL support. Nanitor now can flag EOL devices and raise an issue for those platforms. A complete list of supported EOL operation systems is listed in our documentation.
Improvements
Projects. Projects can now be assigned to Nanitor users. General overhauling the look and feel with Nanitor projects to make it a ease to break down the work to be done in digestible chunks. Issues in a project can be scoped to a subset of effected assets. The progress calculation is now taking into consideration the amount of assets an issue has been fixed on (progressive calculation per issue).
The configuration page is now able to reflect a broader success spectrum. We know that adjusting baseline scores is a long process and you need to get rewarded on the journey to a better security infrastructure. Therefore we implemented a wider colour range to reflect this. Documentation
The Nanitor diamonds got a face lift by making the displayed amount of issues clearer.
Comments can be added to issues. Comments on issues can be resolved. It is also possible to search for issues with comments for the issue filter.
The Forensic section of a vulnerability groups together assets with same detected pattern. This is a huge improvement to support the remediation process
Performance improvements in PDF reports and other of Nanitor
Handling of Rogue Devices.
Added support for CIS CSC8 framework
The ability to create a label in a context filter has been removed for consistency reasons. Labels can still be created from the administration section.
Under "Asset state", former "Archived" assets are now known as "Expired", to avoid confusion with the archived filter (which also includes the "Ghost" state).
Benchmarks
These benchmarks have been upgraded to support the most recent version from CIS.
Benchmark | Version |
---|---|
Windows 2012 R2 | 2.5.0 |
Windows 10 | 1.11.0 |
Windows Server 2016 | 1.3.0 |
Windows Server 2019 | 1.2.1 |
Fixes
Problems with connecting to CISCO devices. Now all Cisco devices should get a benchmark assigned to them.
Unable to cancel adding new whitelisting rule for ports
Benchmark check shows negative value
Don´t display "Last seen" if network discovery feature is turned off
Device archival shouldn´t take into account "last_discovery_at"
Can´t download a complete list of software vulnerabilities
nanitor-api locking up under high load and becomes unresponsive
The last logon date shows some weird date in the future
Issue Patch Status Report clicking numbers gives lists with non-matching number of items (filter issues)
Can´t assign labels to assets when all assets are selected
RISC score not recalculated correctly after removal of label
New device signup does not trigger automatic labelling rules
Benchmarks are now connected to CSC Compliance Framework
Vulnerabilities incorrect from CIS feed in many cases, especially on Windows Server 2016
Feature removal
None
Breaking changes
None