Release notes
- Version: 5.4.0
- Build number: 12630
- Release date: 2024-08-12 (general availability)
- Server version: nanitor-5.4.0.12630-15754-master
- Agent version: nanitor-5.4.0.12630-15754-master
- Collector version: nanitor-5.4.0.12630-15754-master
Welcome to Nanitor v5.4.0!
We are excited to announce the release of Nanitor v5.4.0, which includes several significant new features, improvements, and bug fixes. This release enhances our platform's performance, notifications, and benchmarking capabilities, ensuring a smoother and more efficient user experience. Below is a detailed overview of the updates included in this version.
Highlights
Notifications Changes
We have had the Notifications Center in Nanitor for a while, but it was not as actionable as we liked since it was not per user. It served as a useful place to check system functionality, but lacked personalization.
In 5.4, we are introducing User Notifications, which are per-user and configurable, allowing for more personalized and effective notifications. The notification topics from the Notification Center are still available in the new User Notifications. Additionally, we are adding the ability to receive notifications when tagged in comments.
User Notifications
Users can now receive personalized notifications about system events, configurable in terms of frequency or entirely opt-out.
In version 5.4, we will retain the legacy Notification Center alongside the new User Notifications, with plans to phase out the Notification Center in version 5.5.
The image below shows how the new User Notifications look.
The notifications can be configured per user with options never / daily / weekly / immediately, depending on the nature of the notification.
User Tagging and Comment Resolution Notifications
Users can now be tagged in comments, such as on a device or an issue, and receive notifications about these tags. This feature enhances collaborative workflows by allowing team members to directly engage with one another on specific assets or issues, ensuring that critical information is shared with the right people at the right time. For instance, if a user identifies a problem with a device, they can tag the relevant team member directly in the comment. This not only ensures that the issue is promptly addressed but also maintains a clear history of discussions for future reference.
The tagged comments are available in comments for:
-
Devices: Allowing users to discuss specific hardware or configurations, or who/what needs to be done.
-
Issues: Facilitating focused conversations around particular vulnerabilities or concerns.
-
Projects: Enabling comprehensive discussions within the context of broader security initiatives.
New platforms
Palo Alto Networks Firewall CIS Benchmarks Support
Implemented support for the latest CIS benchmarks for Palo Alto Networks Firewall, including 79 benchmark rules with 76 in the Default recommended Nanitor baseline.
VMware vCenter/vSphere/ESXi 8 Support
Benchmark Support for ESXi 8: We now support benchmarking for VMware ESXi 8, ensuring seamless benchmarking once a vSphere asset is added. It works in the same way as ESXi 7.
New Features
-
Date Format Customization Added the ability to customize date formats in health reports, with options for DD.MM.YYYY and MM/DD/YYYY. This is particularly relevant to US customers that want to produce reports with data according to US conventions.
-
Custom Webhooks for Alerts Introduced custom webhooks for alert rules, supporting various formats for user integration. This enables users to easily integrate our alerts with any chat or messaging system of their choice through the webhook.
This feature came from a request from one of our customers that wanted to integrate the alerts with Mattermost.
Improvements
-
False Positive Reporting Follow Up: Create Jira Service Desk support tickets for reported false positives. Now, when a user flags a false positive on an Issue in the UI, a Jira Service Desk ticket will be automatically created to follow up.
-
Clarified Vulnerability Description Sources: Clarified where the source of the vulnerability descriptions is from by adding an information bubble (usually NVD). This helps avoid confusion where the description does not match the findings.
-
Improved Asset Archival Modal: Added explanations in the "Remove rule" modal for user clarity on post-deletion behavior.
-
Improved Comment Readability: Improved readability of comments by adding extra space when tagging users.
-
Enhanced CI and Performance Monitoring: We have improved our CI and automated tests to include more performance tests, ensuring high-quality, performant services. We integrated Sentry error and performance monitoring across our tech stack to detect and address service issues promptly.
-
Various other performance fixes in background tasks.
Bug Fixes
These bug fixes address several important user experience and functionality issues, ensuring that Nanitor continues to deliver a robust and reliable platform for threat exposure management.
-
Fixed Filtering Inconsistencies: Fixed inconsistencies in the
update_deviceissue_excluded
function to prevent filtering errors. This could have led to inaccuracies in lists and reports on excluded issues. -
Division by Zero Error: Resolved division by zero errors during system check-in that was evident in system logs.
-
MSSP Global Dashboard Load Time: Reduced load time for the MSSP Global dashboard by improving database queries.
-
Network Discovery Queue Issues: Fixed message queue issues in network discovery, that was causing poor performance.
-
Reduced Duplication of Benchmark Results: There was a lot of unnecessary data related to benchmark results being saved. Fixed hashing to avoid saving duplicate results.
-
Issue List Load Time: Reduced latency for the issue list UI API endpoint.
-
Device List Load Time: Improved load time for the device list in the UI API.
-
Customer Portal Sync Timeout: Resolved portal sync timeout issues that was causing feed updates to fail occasionally.
-
Collector Credentials Reset: Fixed issue in UI windows where editing collector credentials/assets and canceling did not reset information in the UI.
-
External Assets Filter Fix: Fixed external assets filter (under Asset Inventory) returning incorrect results.
-
AD Discovered Assets Issue: Fixed issue with AD discovered assets incorrectly reported to have an outdated agent in the UI.
-
Quick Filters Timeout Error: Resolved timeout errors when using quick filters in the asset inventory.
-
Fixed F5 Benchmark SNMP Rule: Fixed a False Positive for SNMP configuration in F5 BIGIP, where the requirement was that SNMP was fully disabled, but not sufficient to just remove all access.
-
CVE-2020-8022: False Positive Vulnerability Issue: Fixed a false positive vulnerability issue not considering the platform that was incorrectly reporting a vulnerability on Apache Tomcat on Windows.
Conclusion
We encourage you to explore these new features and improvements in Nanitor v5.4.0. As always, your feedback is invaluable in helping us continue to enhance and evolve the platform to meet your needs. Thank you for your continued support and partnership.
Updates
- 2024-08-01: Initial v5.4.0 release was published and released to early-access (EA) users.
- 2024-08-12: Release published for general availability: nanitor-5.4.0.12630-15754-master