Release notes
- Version: 4.5.0
- Build number: 11823
- Release date: 2023-11-27 (general availability)
- Server version: nanitor-4.5.0.11826-13711-master
- Agent version: nanitor-4.5.0.11826-13711-master
- Collector version: nanitor-4.5.0.11826-13711-master
Welcome to Nanitor v4.5.0! We're excited to bring you this significant update that enhances your security management and user experience. Focusing on essentials like Role-Based Access Control (RBAC), multi-organization support for MSSPs, scheduled reporting, and clearer software policy issues, this release is packed with improvements and bug fixes for a smoother Nanitor journey.
Highlights
Role-Based Access Control (RBAC)
- Diverse user access roles: Introducing new roles System Administrator, Organization Manager, Project Manager, Team Member, and Auditor.
- Refined user permissions management: Customize user access rights within your Nanitor setup by assigning role-specific permissions, ensuring individuals only access information essential to their roles.
Our new RBAC feature is here to streamline how you manage access and roles within your team, aligning responsibilities with access levels for efficiency and security.
The updated screen for adding users to organizations now includes a role selection feature, with a detailed view of permissions for each role on the right.
The System Administrator role now offers comprehensive control over the entire Nanitor instance, including organization creation. The remaining roles are tailored to specific organizational functions.
Scheduled Reporting of Health Reports
- Automated Health PDF reports: Get the health status report delivered to your (or any other) email, as scheduled.
- Convenient for leadership: Easily share vital information with stakeholders.
- Defined on organizational level and can send to a list of defined email addresses.
The Health PDF report is the first scheduled report we offer now, but we envision adding to this list. Let us know what you think and if there are other reports you'd like to schedule.
MSSP Support for Multiple Organizations
- Simplified multi-organization management: Effortlessly create and oversee multiple organizations.
- Flexible licensing: Manage multiple organizations under one Nanitor instance.
Users with the System Administrator role can now create organizations:
under Management - System management - Add new organization
This feature is especially designed for MSSPs, allowing for easy segregation and management of different organizations.
Software Policy Issue Clarification
- Renamed component: 'Software' issue (and health) now clearly identified as 'Software Policy'.
We've updated our naming to eliminate confusion, ensuring that you have a clear understanding of your software policy status. To address previous misunderstandings, we've refined our terminology. Previously, 'software issues' were perceived as vulnerabilities or misconfigurations. However, these are specifically policy-related issues. They occur when blacklisted software is detected on assets, or, in detailed mode, when software requires whitelisting. Additionally, this covers scenarios where mandatory software, like antivirus programs, is missing on a device. This update brings clarity, ensuring you have an accurate understanding of your software policy status and can respond accordingly.
This renaming and clarification align with our commitment to providing a transparent and intuitive Nanitor experience. Understanding these nuances is crucial for effective asset management and security compliance in your organization.
Improvements
- Export windows for list data have been streamlined to clarify what is being exported. It enables exporting the whole list (with applied filters) if no selection is made, or only selected items if selection is active. The UI has been clarified to reflect this.
- Various user interface enhancements, particularly in benchmark management and asset details.
- Performance improvements in label_device_recalculate NSQ message handling.
New Benchmarks
- Apple MacOS 14 Sonoma (revision 1) benchmark created: following CIS benchmark version 1.0.0 (Apple macOS 14.0 Sonoma Benchmark).
- RHEL 9 (revision 1) benchmark created: following CIS benchmark version 1.0.0 (Red Hat Enterprise Linux 9 Benchmark).
Benchmark updates
The following benchmarks have been updated to the most recent version from CIS:
- CentOS 7 (revision 10): updated to CIS benchmark version 3.1.2 (CentOS Linux 7 Benchmark).
- MS SQL Server 2019 (revision 9): updated to CIS benchmark version 1.3.0 (Microsoft SQL Server 2019 Benchmark). Also some fixes were made in automated checks for a couple of rules.
- MS SQL Server 2016 (revision 17): updated to CIS benchmark version 1.4.0 (Microsoft SQL Server 2016 Benchmark). Also some fixes were made in automated checks for a couple of rules.
New Features
-
New notifications that are displayed in the notification center (top right) for collector status:
- Collector offline for over 24 hours.
- Collector failed to connect to 80% of assets.
-
Ability to schedule PDF reports and receive them via email, starting with Health report.
-
Redesign of database structure for permission checks in RBAC.
-
Addition of 'Apply label to all' functionality in the Assets Inventory.
Bug Fixes
- Resolution of discrepancies in the Overview dashboard vulnerability count.
- Correction of agent-up-to-date filter returning incorrect assets (Asset Inventory).
- Addressed issue with archived assets not returning to active state, when the agent was not starting up due to Bitlocker.
- Various fixes in asset management and user interfaces.
Helpful articles
How to perform manual upgrade on self-hosted servers
Updates
- 2023-11-22: Initial v4.5.0 release was published and released to early-access users.
- 2023-11-24: New build (nanitor-4.5.0.11826-13711-master) made to address scheduled collector problems affecting some users, and sporadic issue with UI window refresh.
- 2023-11-27: Release published for general availability.