Release notes - 2.3.0

Owned by Alexander Eck
Last updated: May 19, 2022
3 min read

Version

2.3.0.

Release date

May 16, 2022

Build number

10015

Next scheduled release

Jun 6, 2022

Status

Final

Upgrading instructions

Upgrading the Nanitor Server
Upgrading the Nanitor Collector
Upgrading the Nanitor Agent

Nanitor Collector Server

2.3.0.10015

Nanitor Agent

2.2.1.9903

Key objectives

This release includes a huge milestone by implementing the possibility to select both Level 1 and/or Level 2 benchmarks. Additionally a couple of CIS benchmark checks can be customised in order to match organisation’s technical policies. To start with we are have been implemented this feature set for the CIS benchmarks for Windows 10 and 2016.

If you want to know more on how to apply a different level of benchmark rule refer to the documentation here. With this Nanitor release onwards it will be possible for certain benchmark rules to set customised values for a rule to check against. E.g you might want to set the password policy to 30 characters rather than the default value provided by CIS. Customisable rules are available within the Windows 10 and 2016 benchmarks only to start with but will be extended to further benchmarks in the upcoming releases. You can refer to our documentation on how to customize benchmark rules here.

One of our focus points for the next release is a better usability of Nanitor. As a commitment to that goal we implement more possibilities in the issue filter. This is to reflect and streamline along with other areas within Nanitor.

Having a prioritised list of issues is fundamental to scope out work to harden your IT infrastructure. We are aware that fixing vulnerabilities can be hustle and sometimes simply impossible when vendors do not provide fixes or vulnerabilities are discovered in shared applications with a high risk of upgrading. Nanitor ranked issues higher up the diamond with time with the so called elevator. This meant especially for vulnerabilities ending up on top of the diamond quickly resulting in an overwhelming amount of issues to handle. Included in this release is a breaking change by removing this age elevator by default. Means you will recognise a markable amount of issues being released from the top of the diamond. We made this “feature” now configurable in order for you to turn it back on when you wish to do so.

New Features

  • You can now customize certain benchmark rule checks for the WIndows 10 and 2016 benchmark

  • New and better possibilities to filter on issues. A couple of filtering options have been added

Filter on issue that are within a started or not within a project (NAN-1664)

Filter on P0, P1 and P2 issues (NAN-1665)

Filter issues on Platforms and Benchmarks (NAN-1666)

 

Improvements

Software inventory status colour coding

Filter dropdown changes  (NAN-1528)

Add "save/cancel" bottom bar instead of save/cancel buttons next to the range inputs (NAN-1584)

Dashboard should auto arrange boxes in columns when changing number of columns (NAN-1661)

New icon for "upgrade agent" (NAN-1696)

Dropdown list UI correction (NAN-1700)

Dashboard widgets height - just 2 sizes (NAN-1705)

Add "x" button to the modals and turn off possibility to close by clicking outside (NAN-1706)

Benchmarks

These benchmarks have been upgraded.

Benchmark

Change

Benchmark

Change

Windows 10

Support for Level 2 + Bitlocker
Support for several customisable values

Windows 2016

Support for Level 2
Support for several customisable values

For more information on supported benchmarks visit the documentation of our benchmarks space.

Fixes

Asset showing as "inactive" but really should stay archived. (NAN-1495)

Check is failing on Windows 10 benchmark when it's clearly passing when checked on computer (NAN-1662)

Audit settings on Windows Servers (2010, 2012, 2016,2019) are broken (NAN-1709)

The last logon date shows some weird date in the future (NAN-1627)

SAML authentication isn't working (NAN-1629)

Last activate date time timestamp is a time in the future (NAN-1634)

Export of Audit report fails (NAN-1635)

Issue filter misses text context between views (NAN-1652)

Windows agent fails installing (NAN-1654)

Configuration score is not correct when using filters (NAN-1656)

Score color is wrong (NAN-1657)

'Unusual - Not a database, cloud, or device client' when checking in collected Oracle DB (NAN-1669)

Look into collector socket repeatedly closing on an unmigrated server database (NAN-1714)

Look into repeated connections for benchmark CPE using up our connection limit immediately (NAN-1718)

Empty list of assets which supposed to be not empty (NAN-1741)

Adding assets with SSH passphrase doesn't work (NAN-1752)

Fields don't show up immediately in add credential dialog (NAN-1756)

Calendar month and year font size correction (NAN-1761)

Feature removal

None

Breaking changes

  • We removed the issue age elevator by default. You can re-enable the the issue age elevator from the Nanitor settings menu. For more information refer to the documentation.

  • Projects - change "delete" into "archive" (NAN-1698)