Release notes - 2.4.0
- Alexander Eck
- Shruthi R (Unlicensed)
Version | 2.4.0. |
|---|---|
Release date | Jun 20, 2022 |
Build number | 10115 |
Next scheduled release | Jul 11, 2022 |
Status | final |
Upgrading instructions | Upgrading the Nanitor Server |
Nanitor Collector | 2.4.10115 |
Nanitor Agent | 2.4.10115 |
Key objectives
The Nanitor release 2.4. has focused lot of improvements on Project, like applying filter for issues based on projects, benchmarks, platforms, priorities and so on. Making ease on usability of the projects. Now one can also see the RISC score of the project which gives clarity on how importance is the project. Also it gives clear understanding of which issue is associated to what project.
A new Health status dashboard is implemented. It displays complete organization health data in a different colour codes and with some weighing factors.
Collector- The Nanitor collector is process to collect configuration information from network devices, Cloud infrastructure platforms and databases. From this release onwards the Nanitor collector is bundled with the Nanitor Server so it does no longer need to be deployed separately. It will access devices outbound and then feed the devices into the Nanitor server.
New Features
A new dashboard is implemented that is “health status” (NAN-1770). It will be another dropdown menu item under the “Overview” menu. The Health status dashboard shows the below details with the colour coding:
Organisation health
Organisation health broken down by issue type.
Health over time (organisation)
Health over time (broken down by issue type). One graph where individual lines can be activated/deactivated. Dropdown to select time period (1Y, 6M, 3M, 1M, 1W)
As for now we have implemented this as a dark feature which means you can access the new dashboard by adding “health_overview” to the url of your Nanitor instance. E.g.
https://relbuild.nanitor.net/container/nanqa/health_overview
(where “https://relbuild.nanitor.net” is the url to your Nanitor instance and “nanqa” the name of your tenant/container)For further information refer to our documentation for the IT security health overview
Improvements
Project status filtering(NAN-1853) |
Nanitor agents needs to output silently(NAN-1827) |
Increase the height of the table <Benchmark Details Table>, too much free space.(NAN-1822) |
Vulnerability severity filter for software inventory list(NAN-1806) |
Information icon for Issue RISC(NAN-1797) |
Security concerns with running the shell scripts(NAN-1785) |
Benchmark details page: Value column - link clickable(NAN-1784) |
Remove columns “Recent Issues“ and “Recent changes“ -> Benchmark Details(NAN-1776) |
RISC score of a project(NAN-1766) |
Event bus for projects(NAN-1765) |
Add tooltip for vulnerability severity(NAN-1758) |
Filter improvements for the Issue Trend metric report(NAN-1757) |
Project status columns(NAN-1751) |
Confetti for completed projects(NAN-1750) |
Possibility to complete a project manually(NAN-1749) |
Project default filtering(NAN-1748) |
Project activity log(NAN-1747) |
Project completed date(NAN-1746) |
View Project information on issues(NAN-1745) |
Add Sentry to new collector/socket(NAN-1740) |
Need to filter Software titles with critical vulnerabilities(NAN-1735) |
Browsing issues - split window changes(NAN-1650) |
Issue list: The right split window is still showing items that are not selected after being excluded in the Full details of another item.(NAN-1649) |
Vulnerability Issue RISC: Include EPSS exploitability probability(NAN-1641) |
Issue details - details section(NAN-1571) |
Limit horizontal scrolling(NAN-1554) |
Support for implementing shell script checks(NAN-1435) |
Need to see which Nanitor Project an issue belongs to(NAN-1206) |
Nanitor project - raised from ASSET view (single asset)(NAN-1165) |
Issue details - details section (NAN-1571) |
Benchmarks
These benchmarks have been upgraded.
Benchmark | Change |
|---|---|
RedHat8 | SSH rules updated |
freeBSD | SSH rules updated |
For more information on supported benchmarks visit the documentation of our benchmarks space.
Fixes
Nanitor project - raised from ASSET view (single asset)(NAN-1165) |
Need to see which Nanitor Project an issue belongs to (NAN - 1206) |
Support for implementing shell script checks (NAN-1435) |
Limit horizontal scrolling (NAN-1554) |
Issue list: The right split window is still showing items that are not selected after being excluded in the Full details of another item. (NAN-1649) |
Browsing issues - split window changes (NAN-1650) |
Assign all filtered issues to a project (NAN-1659) |
Need to filter Software titles with critical vulnerabilities (NAN-1735) |
View Project information on issues (NAN-1745) |
Project completed date (NAN - 1746) |
Project activity log (NAN-1747) |
Project default filtering (NAN-1748) |
Possibility to complete a project manually (NAN-1749) |
Confetti for completed projects (NAN-1750) |
Project status columns (NAN-1751) |
Filter improvements for the Issue Trend metric report (NAN-1757) |
Add tooltip for vulnerability severity (NAN-1758) |
Event bus for projects (NAN-1765) |
RISC score of a project (NAN-1766) |
Remove columns “Recent Issues“ and “Recent changes“ -> Benchmark Details (NAN-1776) |
Benchmark details page: Value column - link clickable (NAN-1784) |
Security concerns with running shell scripts with the agent (NAN-1785) |
Information icon for Issue RISC (NAN-1797) |
Increase the height of the table <Benchmark Details Table>, too much free space (NAN-1822) |
Feature removal
Remove the project status “pending”
Breaking changes
The Nanitor collector has been refactored. Onboarding devices that require a collector is now completly done through the web interface of Nanitor. Therefore the obsolete documentation has been removed and being replaced with a new one. |
|---|
Remove the word "Change" from the tooltip(NAN-1810) |
"Assign issue" instead of "Move issue" (NAN-1807) |