Release notes - 3.0.0

Version

3.0.0.10411

Release date

Sep 12, 2022

Build number

10411

Next scheduled release

Oct 10, 2022

Status

RELEASED

Upgrading instructions

Upgrading the Nanitor Server
Upgrading the Nanitor Collector
Upgrading the Nanitor Agent

Nanitor Collector

3.0.0.10411

Nanitor Agent

3.0.0.10411

Key objectives

This time Nanitor made a major upgrade to its versioning numbering. That is for a reason since we are now ready for the security health view across your organization and assets. We have made some touches to the health scoring that is based on feedback and information that we gather during the last couple of month since we started the implementation. That does not mean we are already finished but we are very happy with the achieved results. The health security score is a unique metric for Nanitor that will bring our customers a great metric to track the overall progress from security operations judge.

We listen to our customers. One frequent question that we always get is: where can I see the progress? Until now it has been hidden and not easy to find out. But now with the implementation of the progress dashboard you can see the needle moving (hopefully in the right direction though). We also know that resolving an issue is not always telling the whole story since it might affect from a couple up to hundreds or even thousands of devices. This is the reason why we implemented a new term issue violation. An issue violation is an issue detected on a single asset. Nanitor can visualize how many issues have been resolved on single assets. That shows much quicker the progress that has been made towards removing security threads from your IT infrastructure.

Make vulnerability management easier in an enjoyable and an effective way is the mission of Nanitor. Easier means often less confusion. Therefore we removed the term RISC rating which stands for the approach used by Nanitor to prioritize the work we were recommending to be done. We have swapped the term RISC rating (since it was more than once interpreted as risk rating) and use now instead prioritization score. The prioritization score is simpler, more commonly used in general and there is no need to make any exceptions in the cyber security space. A high and a low priority is what everyone understands immediately.

Nanitor has started to implement a new, far more comprehensive vulnerability feed. This enables the Nanitor agent to detect even more vulnerabilities in a more timely fashion. More does not always mean better and thanks to the EPSS score that Nanitor is taking into consideration, vulnerabilities stay there were they belong. You only need to take action on them when they are in the coloured area of the Nanitor diamond.

This version with all its implemented features and changes is a huge step to help organizations getting more protected against security threats and keep their operations running and data secure. Nanitor flags the right things that you should take action on.

New Features

NAN-1772: Progress dashboard

Related tickets: NAN-2005

New progress dashboard added with four progress widgets.

  • Issues - Resolved and open issues over time

    • Shows the total number of issues over time, hovering over the points show a detailed breakdown.

  • Projects - Project statuses

    • Show the total number of projects over time, hovering over the points shows a detailed breakdown of the number of projects for each project status.

  • Issues - Issue violations

    • Shows the total number of issue violations over time

  • Health score - Health over time

    • Shows the health score over time, can be configured to show score for specific issue types by selecting them at the bottom. Hovering over the points shows the precise score at that time.

NAN-1840: Sunsetting the term of RISC rating

Related tickets: NAN-2007, NAN-2048
  • Removing RISC terminology and replacing with Priority/Prioritization score instead

    • Issue RISC → Issue Priority, RISC score → Prioritization score, etc.

Improvements

Description

Relevant tickets

Description

Relevant tickets

Performance improvements

  • System info check-in performance improved

  • EPSS score calculation performance improved

  • Vendor list for software inventory query performance improved

  • Project issue effected assets list query performance improved

  • Collector keeping connections open bug fixed

  • Updating device last activity timestamp performance improved

Change health score grading

  • Updated grading range:

    • A: 90%+ - Excellent

    • B: 75%-90% - Good

    • C: 50%-75% - Average

    • D: 35%-50% - Poor

    • E: 25%-35% - Very poor

    • F: 0%-25% - Failing

    • P: No score - Pending

  • Health score calculation reworked to better reflect the actual health of the system

Vulnerability detection

  • Integrated new vulnerability feeds for Windows platforms

  • Integrated new vulnerability feeds for MacOS platforms

Benchmark rule dialog

  • Saving changes to a benchmark rule no longer closes the dialog

  • Added arrow buttons to navigate to next/previous rule

  • Added more details to compliance framework tooltip

Asset list

  • Added option to export 20000 devices

  • Added 'Collected Assets' filter to filter on collected devices

Asset activity status

  • Changed inactivity duration so that devices are considered inactive if they have not checked in for 24 hours.

    • Was previously 3 hours

Benchmarks

These benchmarks have been upgraded.

Benchmark

Change

Relevant tickets

Benchmark

Change

Relevant tickets

Apache Tomcat 9 Benchmark

Added support for Apache Tomcat application. (Needs to be added from the configuration section of Nanitor)

Microsoft SQL Server 2012

Updated to comply with v.1.6.0 from CIS

Microsoft SQL Server 2014

Updated to comply with v1.5.0 from CIS

Microsoft SQL Server 2016

Updated to comply with v.1.3.0 from CIS

Microsoft SQL Server 2017

Added support for Microsoft SQL Server 2017

Microsoft SQL Server 2019

Added support for Microsoft SQL Server 2019

Windows 11

Added support for Windows 11

MacOS 10.14 + 10.15

Updated to comply with newest CIS version

MacOS 11 (Big Sur)

Updated to comply with v2.1.0 from CIS

MacOS 12 (Monterey)

Added support for MacOS 12 (Monterey)

For more information on supported benchmarks visit the documentation of our benchmarks space.

Fixes

NAN-1925 Manual checkin for expired collected devices

NAN-1942 Fix health overview label filtering

NAN-1998 Fix asset type filter to include collected devices

NAN-2012 Fix empty agent up to date field in asset list for collected devices

NAN-2022 Congratulations popup shown for projects that have not been started

NAN-2023 Status message for inactive collected devices not updated

NAN-2035 Fix 1% and lower health scores showing as pending

NAN-2044 Fix empty device health chart

NAN-2045 Fix 'drag and drop' widget icon color

NAN-2053 Fix double scroll bar in 'Weakest link asset' widget

NAN-2054 Add tooltip 'Edit scaling factor'

NAN-2055 Compliance Issue Report table is not aligned

NAN-2063 Added critical severity level for issue configurations

NAN-2098 Added critical severity level for device and user configurations

NAN-2076 Rogue option does not appear in asset type dropdown on issue detail asset list

NAN-2081 Fix horizontal scroll in benchmark rule dialog

NAN-2091 Fix project still selected after being marked completed

NAN-2113 Fix grammatical error in project completion dialog

 

 

 

 

 

Â