Release notes - 3.5.0

Owned by Jón Böðvarsson (Unlicensed)
Last updated: Feb 26, 2023
3 min read

Version

3.5.0.10829

Release date

Jan 30, 2023

Build number

10829

Next scheduled release

Feb 20, 2023

Status

Released

Upgrading instructions

Upgrading the Nanitor Server
Upgrading the Nanitor Collector
Upgrading the Nanitor Agent

Nanitor Collector

3.5.0.10829

Nanitor Agent

3.5.0.10829

Key objectives

The main new features added in this version of Nanitor are a new password policy for users, to increase account security, and the ability to configure the archival rules for each asset type independently.

There have also been several performance improvements, the most noticeable improvement is on the issue list and issue overview pages.

Additionally we added benchmark support for Ubuntu 22.04.

New Features

NAN-2342: New password policy

Related tickets: NAN-2800, NAN-2745

A new password policy has been implemented that new user passwords have to meet to improve user security. Previously we only had a length requirement but this new policy requires passwords to meet the following requirements:

  • 1 lowercase letter

  • 1 uppercase letter

  • 1 symbol

  • 1 digit

  • At least 10 characters long

  • Cannot include a part of the users email address

When setting a new password, this can be during a users first log in or when changing the password from the settings page. A new validation checklist has been added to the UI to inform the user of what requirements need to be met in the new password.

After putting in the current and new passwords and clicking 'Save' the checklist will update to show the user what requirements they have not met in the new password.

NAN-2493: Configure asset archival rules

Related tickets: NAN-2771, NAN-2793

Asset archival rules can now be configured through a newly added 'Asset archival' page, accessible through the settings page.

Each device type can be independently configured to either be automatically archived or require manual confirmation before being archived.

The options the user can select from are:

Improvements

Description

Relevant tickets

Description

Relevant tickets

Collector improvements

  • Improved database collection from database instances with multiple databases.

PII Scan improvements

  • Added support for scanning files for credentials.

UI improvements

  • Added 'Information Source' field to asset detail page (Agent, Collector)

Performance improvements

  • Improved performance of health overview endpoint

  • Improved performance of issue filter creation endpoint

  • Improved performance of issue list and issue overview endpoints

Benchmarks

These benchmarks have been upgraded.

Benchmark

Change

Relevant tickets

Benchmark

Change

Relevant tickets

MS SQL Server 2012-2019

Updated benchmarks

Ubuntu 22.04

New benchmark

Microsoft Windows 10 & 11

Updated check support

For more information on supported benchmarks visit the documentation of our benchmarks space.

Fixes

NAN-2558 Fixed searching by issue title incorrectly loading all issues

NAN-2319 Fixed unhandled error when checking in asset user data

NAN-2427 Removed RISC term from email content

NAN-2443 Removed whitespace from signup url

NAN-2480 Fixed asset detail port number inconsistency

NAN-2562 Fixed some admin pages being accessible to all accounts

NAN-2568 Fixed collector version not updating in the UI after collector was updated

NAN-2635 Fixed vulnerability issue showing incorrectly in asset issue list

NAN-2651 Fixed negative issue priorities for MacOS13 benchmark

NAN-2657 Fixed MacOS patches for OSX 12 reported for OSX 13 assets

NAN-2661 Fixed broken image in notification emails

NAN-2724 Fixed “Operating system with name 'macOS' does not exist“ error

NAN-2747 Fixed search filter on 'Assets listening on port' page

NAN-2802 Remove unimplemented notifications from the UI

NAN-2779 Fixed allowing network discovery entries with empty hardware addresses