Skip to content

Release notes

Release notes
  • Version: 4.4.0
  • Build number: 11723
  • Release date: 2023-10-23
  • Server version: 4.4.0.11723
  • Agent version: 4.4.0.11723
  • Collector version: 4.4.0.11723

We're excited to announce the release of Nanitor 4.4.0 on October 25th for early-access users with general availability rolling out on October 30th.

This release is packed new features, improvements, and bug fixes to simplify and enhance your experience and streamline vulnerability management processes.

Highlights

Nanitor Digest: Weekly/Monthly Email Summaries

  • Stay Updated: Users receive a concise summary of all pivotal changes in Nanitor.
  • Engagement Boost: Regular reminders and updates to keep Nanitor at the forefront.
  • Collaboration: Easily forward the digest to team members to keep everyone on the same page.

Our new Digest ensures you're always up-to-date with your organization and asset health, highlighting health score evolution, resolved issues, and project advancements.

The new Nanitor Digest email
Nanitor digest email

The digest can be configured in the "Personal settings" settings.

User configuration for Digest email
Nanitor digest email options

Enhanced Collector Experience - Collection History, Logs, and Streamlined User Experience

Our Collector now offers more transparency than ever before:

  • Real-time Monitoring: Understand what the collector is currently doing.
  • Comprehensive History: View which devices the collector has connected to and when.
  • Success Metrics: At a glance, see an overview of successful collections.

For a deep dive, the collector maintains a 30-day log. You can inspect each collection detail to discern which assets were involved, the exact timestamps, success rates, duration, and even the list of errors, if any.

Collector collection history
Clear history of all collections in the last 30 days

Onboarding Experience Improvements

Dive right into Nanitor with a streamlined onboarding process:

  • Sample Data: New Nanitor instances are populated with removable example data to help you get started.
  • Instant Help: A new Help widget grants immediate access to resources like user guides, documentation, or our support team.
  • Guided Experience: Hotspots and enhanced onboarding widgets ensure users understand and utilize Nanitor to its fullest from day one.

Improvements:

  • Benchmark updates: The following benchmarks have been updated to the most recent version from CIS:

MS Win 11 (revision 13): updated to CIS benchmark version 2.0.0 (Microsoft Windows 11 Enterprise Benchmark). Also fixed problems with a few checks like renaming the administrator account rule.

Cisco IOS 15 (revision 11): updated to CIS benchmark version 4.1.1 (Cisco IOS 15 Benchmark).

Cisco IOS 16 (revision 11): updated to CIS benchmark version 2.0.0 (Cisco IOS 16 Benchmark)

Cisco IOS 17 (revision 7): updated to CIS benchmark version 2.0.0 (Cisco IOS 17.x Benchmark).

F5 BIGIP (revision 6): updated to CIS benchmark version 1.0.0 (F5 Networks Benchmark).

Note

All the CIS rules are manual, we have a plan to automate those going forward. The automated rules from Nanitor have an "N" suffix.

AIX benchmark fixes (revision 9): updated rule 2.24 description and check to avoid false positives.

Ubuntu Linux 20.04 (revision 8): updated to CIS benchmark version 2.0.1 (Ubuntu Linux 20.04 LTS Benchmark).

Oracle Database 19 (revision 9): added missing rule to the profiles to match with CIS benchmark version 1.0.0 (Oracle Database 19c Benchmark)..

Fixes related to a few benchmark rules in Windows 11, IBM AIX, Cisco IOS benchmarks were included in benchmark updates.

  • User Experience Enhancements: Several changes have been made to improve the user interface, including the ability to multiselect benchmark rules, better error overview for the Collector, improved settings, and the addition of a feature to upload user photos.

  • Patch Forensics: All patch issues should now have Forensics that should help identify the source information for why the issue was raised. This covers all missing security patch source mechanisms, which can be based either on OVAL checks or OS query. This is intended to help with transparency and assist in troubleshooting in cases where it is unclear why a patch is reported as missing.

  • Refined UI Changes: Numerous UI changes have been made across the Settings page, Action buttons, Asset Inventory, and more to ensure consistency and improve user experience.

  • Enhanced Performance for Server: We have added database session profiling and continue to improve the performance for handling agent checkins in order to seamlessly support more devices with less resources.

  • Enhanced Feed Processing: We have added the National Vulnerability Database (NVD) API as a feed in order to prepare for the planned deprecation of their JSON feeds. We also added more data sources in order to pick up vulnerability information from more sources faster. There were also a number of tasks done to improve and streamline the processing of feed data.

  • Bulk action to exclude issues.

  • Various small fixes on the recently updated Settings pages.

Fixes:

  • Fixes in patch issue handling where patch issues would in some cases not resolve even though patch had been installed.

  • MacOS installer was updated to work on the newest Apple MacOS 14 Sonoma.

  • Resolved several bugs related to software inventory, asset collection, benchmark scores, and more to enhance overall product stability and reliability.


Helpful articles

How to perform manual upgrade on self-hosted servers

Updates

  • 2023-10-25: Initial v4.4.0 release was published and released to early-access users.