Release notes
- Version: 5.9.0
- Build number: 16373
- Release date: 2024-12-30 (general availability)
- Server version: nanitor-5.9.0.13122-16373-master
- Agent version: nanitor-5.9.0.13122-16373-master
- Collector version: nanitor-5.9.0.13122-16373-master
Welcome to Nanitor v5.9.0!
Nanitor v5.9.0 introduces powerful new capabilities and improvements for vulnerability filtering, asset management, project tracking, and API integrations. Managed Service Providers (MSPs) and enterprise users will benefit from enhanced filtering options, improved automation, and streamlined workflows. This release also includes essential bug fixes and performance optimizations to ensure a smoother user experience.
Highlights
1. Enhanced Asset Management and Labeling
This release introduces new ways to manage, categorize, and integrate asset data for greater flexibility and control.
π·οΈ Label Devices by IP Range or Subnet Mask
Simplify labeling for large network segments
Nanitor now allows you to create labeling rules based on IP ranges or subnet masks, offering more flexibility than using individual subnet IDs. This enhancement makes it easier to label large groups of devices that share similar IP patterns.
Why it matters:
Organizations with extensive networks, such as retail chains, educational institutions, or enterprises with multiple branches, often have devices spread across numerous subnets. Manually labeling each subnet is inefficient. This new feature automates labeling for broad IP ranges, saving time and reducing errors.
How to use it:
Go to Organization Management -> Labels and labeling rules (under Assets & Collectors). Click Create rule and set up labeling rules using IP ranges or subnet masks.
π Custom Asset Fields: Identity Linking
Track asset ownership with identity-linked fields
Create custom fields that link assets to employees (via identities), with visibility from both asset and identity views. Changes are logged for transparency, ensuring you can track asset assignments over time.
Why it matters:
For organizations managing a large inventory of laptops, monitors, and peripherals, knowing who owns what simplifies audits, loss prevention, and asset lifecycle management.
The screenshots below show how an identity field can be created (Assignee) and how it can be filled. It also shows how the linked assets are visible from the Identity detail, so that one can have an overview of all related assets from the identity (user) side.
π Custom Asset Fields: Textarea - Long Multiline Text
Capture detailed information with multiline custom fields
A new field type Textarea supporting multiple lines of text has been added. This enhancement makes it easier to add detailed notes, such as service hours or configuration details, to assets.
π‘οΈ Public API: Custom Field Support
Leverage custom fields in your API integrations
Nanitorβs Public API now supports custom fields. This update allows you to incorporate custom asset data into your automations and integrations, offering greater flexibility and control over asset management processes.
Why it matters:
For users building custom dashboards, reports, or automated workflows, this enhancement enables more comprehensive data handling, ensuring your integrations align with your unique asset tracking needs.
Refer to the Assets in the Nanitor API Documentation for details on endpoint usage.
2. π Filter Vulnerabilities by OS or Application Type
Refine vulnerability management with precision filtering
You can now filter vulnerabilities based on whether they are associated with Operating Systems (OS) or Applications. This new filtering capability allows you to focus on the exact types of vulnerabilities that matter to your organization or clients.
Why it matters:
For MSPs with contracts that mandate OS-level patching but exclude applications, this feature helps streamline reporting and action plans. For example, you can show clients the progress on OS-specific vulnerabilities while pitching additional work to handle application-level patches. This clarity ensures you meet contract obligations while identifying potential upsell opportunities.
For organizations this helps with grouping and creating application- or OS-focused projects.
How to use it:
In the Issue List, use the new Filter by Type option to narrow down issues by OS or application vulnerabilities.
NOTE: After upgrading to v5.9.0 the mapping may take up to a day to populate. It is created incrementally. It can be sped up by requesting rechecks on assets or devices.
3. Improved Project Tracking and Workflow Management
Enhance project oversight with new tracking capabilities and workflow management tools.
β³ Track Project Progress Changes Over Time
Monitor project momentum with time-based insights
You can now see how project progress has changed over a specific timeframe, such as the last 7 days, this month, or a custom period. This helps you identify which projects are advancing, stalled, or in need of attention.
Why it matters:
For teams managing multiple projects, understanding progress trends is crucial for productive meetings and effective decision-making. By seeing which projects are stuck or progressing slowly, you can proactively address issues, allocate resources, and keep initiatives on track.
How to use it:
In the Projects page, use the new Progress Change Filter to select a timeframe and view changes accordingly.
The "Progress Change" column shows the percentage change in the progress from the start to the end of the selected timeframe.
π Projects: Blocked State
Mark and manage blocked projects effectively
You can now label projects as Blocked, with the option to specify the reason for the blockage. This feature helps you quickly identify bottlenecks and take action to resolve them.
Why it matters:
Knowing which projects are blockedβand whyβhelps teams focus on unblocking issues to maintain momentum. It also improves meeting efficiency by prioritizing actionable projects and addressing roadblocks systematically.
This is something we have come across with many of our users and the new state is intended to streamline the workflow and increase the transparency of the planned work.
Moving the project into the Blocked state requires entering a reason. This is to help with transparency and documenting the reason why a Project is blocked. It should also contain information about when it will be unblocked and any other relevant considerations.
π Public API: Projects Endpoint
Integrate project data into your custom dashboards and reports
Our new Projects API endpoint lets you fetch project data programmatically for use in custom dashboards, reports, and automation scripts and integrations.
Why it matters:
For organizations that need tailored reporting or real-time project tracking, the Projects API provides the flexibility to extract and visualize data in ways that suit your workflows. Whether you're creating an executive dashboard or syncing project progress updates, this API empowers your team with greater control and visibility.
How to use it:
Refer to the Projects in the Nanitor API Documentation for details on endpoint usage and available information.
4. ποΈ Centralized View of Software Policies
Manage all your software policies from a single location
A new Software Policies view provides a consolidated view of all your defined software policies. This makes it easy to review, manage, and adjust policies without having to search through different sections.
Why it matters:
Previously, tracking down individual software policies could be cumbersome. This centralized view streamlines policy management, making it easier to ensure compliance and consistency across your organization. Whether you're updating security rules or auditing software compliance, this feature simplifies the process.
How to use it:
Go to Organization Management -> Issue configuration (under Asset Policy). Scroll down to the Software section to view and manage all policies in one place.
Improvements
Asset Created and Last Activity Date Filters
Filter assets by creation or last activity dates
You can now filter assets based on their creation date or last activity date. This enhancement makes it easier to manage large inventories by focusing on assets that were recently added or modified.
How to use it:
In the Asset Inventory, use the new date filters - Created and Last activity (available under +More) to narrow down assets by their creation or last activity date.
Forensics in Device Details β Issue List Tab
View forensics data directly from the device details page
Forensics data is now accessible within the Issues tab on the device details page. This makes it easier to analyze issues and investigate device-specific problems without navigating to separate views.
How to use it:
Navigate to the Device Details page and select the Issues tab to view associated forensics data.
The Forensics are shown per issue when expanded.
Improved Filters in Settings Pages
Quickly find what you need with enhanced filtering
The settings pages now include filters, making it easier to locate specific configurations and options. This improvement helps streamline navigation, especially for complex setups with many configurable settings.
Forensics Data Export
Export detailed forensics data for faster support resolution
You can now export full forensics data to streamline troubleshooting. This ensures support teams have all the context they need to resolve issues quickly.
Date-Type Filtering for Custom Asset Fields
Filter assets by date ranges
Filter assets by custom date fields (e.g. warranty expiration) to simplify asset lifecycle management.
Bug Fixes and Performance Enhancements
- Fix for False Positive Identity Issue with SPN: Resolved an issue where privileged accounts with Service Principal Names (SPNs) were incorrectly flagged as identity issues.
- Correct Severity for Identity Issues: Fixed an issue where identity issues were incorrectly elevated to critical severity due to user profiles being found on many devices. The severity calculation has been adjusted to better reflect typical AD environments, where user profiles are often shared across multiple machines.
- Fix for Collected Devices Marked Inactive When Unable to Connect: Addressed a bug where archived collected devices were incorrectly unarchived and marked as inactive after initiating a checkin, even if the checkin failed to connect.
- Improved Vulnerability Flagging Mechanism: Added a new mechanism for quicker vulnerability flagging, including PaperCut CVE-2024-1222.
- Fix for βFix [x]β Badge: Resolved issue where issues would incorrectly show a βFix [x]β badge even when no open vulnerabilities would be fixed.
- VMware Version Collection Improvements: Improved version detection for VMware ESXi and VMware vCenter environments.
- Performance Fixes for Shell Script Checks: Optimized performance of certain Linux shell script checks to avoid timeouts.
- Software Inventory Duplicate Fix: Fixed duplicate entries for WPS Office in the software inventory.
- Check Point Gaia Diagnostics: Enhanced diagnostics for Check Point Gaia with additional commands to enhance troubleshooting capabilities.
- Windows 10 Enterprise LTSC 1809 Detection: Corrected end-of-life detection for Windows 10 Enterprise LTSC 1809.
- Custom Field Sorting: Resolved sorting issues with asset inventory custom fields.
- Compliance Issue Report: Added missing information to compliance reports.
- Activity Log Filtering: Fixed timeouts when filtering the activity log by label.
- Benchmark Result Cleanup: Optimized background cleanup of duplicate benchmark results for better performance.
- Various Small Fixes and Optimizations: Improved stability, performance, and overall system reliability.
Useful Information
Windows Server 2025 Support Update
Vulnerability detection fully supported, benchmark support in development
Nanitor now provides full vulnerability detection for Windows Server 2025, ensuring that potential security issues are identified and reported. This update includes a dedicated vulnerability feed for Windows Server 2025.
Benchmark support:
While the vulnerability scanning is complete, best practice guidance via the CIS benchmark for Windows Server 2025 is still in development and is expected in early 2025.
Recommendation:
In the meantime, we recommend assigning the Windows Server 2022 benchmark to Windows Server 2025 systems. Based on our experience, most checks are compatible across Windows versions, though some may require adjustments in future updates.
Supported Features:
- Vulnerability coverage for native OS and range of commonly used applications.
- Asset management and reporting capabilities.
MacOS 15 Support Update
Vulnerability detection fully supported, CIS benchmark now available
Nanitor now provides full vulnerability detection for MacOS 15, ensuring that security risks are identified and addressed. Additionally, the CIS Apple MacOS 15.0 Sequoia Benchmark v1.0.0 is available to guide organizations in implementing industry best practices for MacOS 15 security.
Supported Features:
- Vulnerability coverage for native OS and range of commonly used applications.
- CIS benchmark support.
Useful Information:
macOS 15 devices will automatically be assigned the new benchmark when running the Nanitor Agent (minimum version 5.9.0).
Stay ahead of compliance requirements with full macOS 15 support in Nanitor.
Thank you for using Nanitor! Your feedback helps us improve. For detailed documentation and support, visit the Nanitor User Guide or Nanitor Knowledgebase.