Release notes
- Version: 5.3.0
- Build number: 12601
- Release date: 2024-07-08 (general availability)
- Server version: nanitor-5.3.0.12601-15581-master
- Agent version: nanitor-5.3.0.12601-15581-master
- Collector version: nanitor-5.3.0.12601-15581-master
Welcome to Nanitor v5.3.0!
We are excited to announce the release of Nanitor v5.3.0, which includes several significant new features, improvements, and bug fixes. This release enhances our platform's compliance, alerting, and reporting capabilities, ensuring a smoother and more efficient user experience. Below is a detailed overview of the updates included in this version.
Highlights
Compliance Enhancements
New Compliance Framework: EU DORA
Support for EU Digital Operational Resiliency Act (DORA): We have added support for the EU Digital Operational Resiliency Act (DORA) framework, targeting banks with operations in Europe. Issues and benchmarks are mapped to legislative controls, providing a comprehensive compliance report.
The Compliance Issues report with the DORA framework selected provides an overview of your standing with respect to DORA requirements. This enables users to assess and demonstrate compliance with clear mapping of issues and benchmarks to DORA controls.
MSSP Support
Alerting Across Organizations
Centralized Alert Management for MSSPs: Managed Security Service Providers (MSSPs) can now define alerts that apply across their clients' organizations. Alerts set at the parent organization level can be inherited by sub-organizations, streamlining alert management.
This feature allows MSSPs to efficiently manage alerts across multiple clients, ensuring consistency and saving time.
Alert rules are managed under Organization Management -> Alert rules.
Reporting Enhancements
Asset PDF Report UI Refresh
Updated Report Layout: The Asset PDF report layout has been refreshed to match our new report styles.
The updated report contains the following sections:
-
Assets overview
-
Patch status
-
Asset list
-
Asset details
-
Top 100 issues
Usability Enhancements
Default Filters for Asset Inventory
New Default Filters: We have added a set of commonly used filters as default options in the Asset Inventory. This helps users quickly identify relevant information, enhancing user efficiency.
These filters include options for critical issues, end-of-life operating systems, and other commonly used criteria, making it easier to manage and monitor assets.
The new named default filters include:
-
Actively monitored assets.
-
Critical issues
-
Assets with end-of-life OS (EOL)
-
CISA known exploits
-
More than 5 security issues
-
Vulnerabilities with CVSS score at least 7
-
Vulnerabilities with EPSS score at least 70%
-
With vulnerable or unpatched software
-
Too many local admins
-
Not domain controller accessed by privileged domain users
These were selected based on a number of use cases we have worked on with our clients. Users can always add more named filters and save.
Identity Security
Single Issue for Multiple Identities
Enhanced Identity Issues Handling: We have improved the handling of identity issues by creating a top-level issue that groups violations for multiple identities. This change provides a better overview and makes issue management more efficient.
Users can now see a consolidated view of identity issues, reducing the number of top-level issues and aiding in better remediation planning, as typically the remediation of the same types of problem require the same kind of work.
Improvements
-
UI Changes for Vulnerability and Misconfiguration Details: Improved the Forensics tab for better clarity and usability.
-
UUID Display for Assets: Asset UUIDs are now displayed in the asset detail view for easier identification.
-
Patch support for RedHat. Flag missing security patch issues on RedHat and CentOS. This is in addition to flagging individual vulnerabilities. The missing security patch information can be useful to track patch cadency.
-
MSSP Organization Switching. Switching organizations using the user menu is now more smooth, navigating automatically to the corresponding page or inventory in the selected organization if possible.
Bug Fixes
These bug fixes address several important user experience and functionality issues, ensuring that Nanitor continues to deliver a robust and reliable platform for threat exposure management.
-
External Assets False Positives Reduced. Nanitor will no longer flag vulnerabilities on external assets when we have an agent installed that has more specific information. This helps avoid false positives where external information like versions are more limited than the actual package information, for example in Debian.
-
AWS Credentials Display: Fixed an issue with the display of the region for AWS credentials in the Collector.
-
SAML/Domain Login: Fixed login failures when a user existed with the provided email address.
-
Issues with Asset-Based Projects: Fixed issues with counting and listing assets that belong to an asset-based project in a multi-tenant environment.
-
Asset Import Function: Fixed an issue where the Collector Asset Import function didn't recognize mixed case inputs in hostnames.
-
CSV Export Timeout: Resolved a timeout issue in the Identity Inventory CSV export.
-
Activity Log Date Range: Corrected the date range shift in the Activity Log report.
-
Cloud Image Scan Issues: Addressed issues with cloud scan devices in EKS being displayed as "Inactive" and OS being shown in quotes.
-
EOL OS Handling: Improved handling of end-of-life operating systems being upgraded to another EOL OS.
Updates
- 2024-07-01: Initial v5.3.0 release was published and released to early-access (EA) users.
- 2024-07-08: Release published for general availability: nanitor-5.3.0.12601-15581-master.