Version | 2.4.0. |
---|---|
Release date |
|
Build number | xxx |
Next scheduled release |
|
Status | DRAFT |
Upgrading instructions | Upgrading the Nanitor Server |
Nanitor Collector Server | 2.4.xxx |
Nanitor Agent | 2.x.x |
Key objectives
The Nanitor release 2.4. has focused lot of improvements on Project, like applying filter for issues based on projects, benchmarks, platforms, priorities and so on. Making ease on usability of the projects. Now one can also see the RISC score of the project which gives clarity on how importance is the project. Also it gives clear understanding of which issue is associated to what project
A new Health status dashboard is implemented. It displays complete organization health data in a different colour codes and with some weighing factors.
Collector-
New Features
A new dashboard is implemented that is “health status” (NAN-1770). It will be another dropdown menu item under the “Overview” menu. The Health status dashboard shows the below details with the colour coding:
Organisation health
Organisation health broken down by issue type.
Health over time (organisation)
Health over time (broken down by issue type). One graph where individual lines can be activated/deactivated. Dropdown to select time period (1Y, 6M, 3M, 1M, 1W)
As for now we have implemented this as a dark feature which means you can access the new dashboard by adding “health_overview” to the url of your Nanitor instance. E.g.
https://relbuild.nanitor.net/container/nanqa/health_overview
(where “http://relbuild.nanitor.net” is the url to your Nanitor instance and “nanqa” the name of your tenant/container)For further information refer to our documentation for the IT security health overview
Improvements
Nanitor project - raised from ASSET view (single asset)(NAN-1165) |
Need to see which Nanitor Project an issue belongs to (NAN - 1206) |
Support for implementing shell script checks (NAN-1435) |
Limit horizontal scrolling (NAN-1554) |
Issue list: The right split window is still showing items that are not selected after being excluded in the Full details of another item. (NAN-1649) |
Browsing issues - split window changes (NAN-1650) |
Assign all filtered issues to a project (NAN-1659) |
Need to filter Software titles with critical vulnerabilities(NAN-1735) |
View Project information on issues(NAN-1745) |
Project completed date(NAN - 1746) |
Project activity log(NAN-1747) |
Project default filtering(NAN-1748) |
Possibility to complete a project manually(NAN-1749) |
Confetti for completed projects(NAN-1750) |
Project status columns(NAN-1751) |
Filter improvements for the Issue Trend metric report(NAN-1757) |
Add tooltip for vulnerability severity(NAN-1758) |
Event bus for projects(NAN-1765) |
RISC score of a project(NAN-1766) |
Remove columns “Recent Issues“ and “Recent changes“ -> Benchmark Details(NAN-1776) |
Benchmark details page: Value column - link clickable(NAN-1784) |
Security concerns with running the shell scripts(NAN-1785) |
Information icon for Issue RISC(NAN-1797) |
Increase the height of the table <Benchmark Details Table>, too much free space(NAN-1822) |
Benchmarks
These benchmarks have been upgraded.
Benchmark | Change |
---|---|
RedHat8 | SSH rules updated |
freeBSD | SSH rules updated |
For more information on supported benchmarks visit the documentation of our benchmarks space.
Fixes
UX bug: User can't manage last two rules in a benchmark when a rule has been modified (NAN-1671) |
Trend metric PDF report does not show correct information (NAN-1759) |
Most issue filters don't work on compliance issue views (NAN-1764) |
Set a resolved_reason for issues resolved because a rule has been removed from a benchmark (NAN-1777) |
Refreshing project activity log refreshes the issue list instead (NAN-1782) |
Add more info to "all projects" list (NAN-1787) |
Weird logic for what projects we show in places (NAN-1790) |
Progress bar on project issue asset page is white on a black background (NAN-1795) |
Starting project from project list does not work (NAN-1805) |
Feature removal
Issue details - details section (NAN-1571)