Release notes

Version: 6.0.0
Build number: 16583
Release date: 2025-02-05 (general availability)
Server version: nanitor-6.0.0.13229-16583-master
Agent version: nanitor-6.0.0.13229-16583-master
Collector version: nanitor-6.0.0.13229-16583-master

Welcome to Nanitor v6.0.0!

Nanitor v6.0.0 introduces powerful new capabilities in visualization, software inventory management, and audit logging. This release enhances visibility across assets, identities, and security risks, with a new graph-based inventory visualization providing a bird’s-eye view of environments and attack paths.

Managed Security Service Providers (MSSPs) and organizations can now better track privileged access, streamline software inventory workflows, and improve compliance through expanded audit logs. These advancements simplify security management across large, complex environments while providing the transparency needed to build trust with stakeholders and customers.

Highlights

Interactive Graph-Based Inventory Visualization

Gain a bird’s-eye view of your IT security environment — and drill down for deeper insights

We’ve introduced a new graph-based visualization that provides a bird’s-eye view of your entire IT security environment. This dynamic visualization maps connections across assets, identities, and critical issues, giving you a structured way to understand your infrastructure at a glance.

While zoomed out, it offers a high-level perspective, making it easy to spot attack surfaces, privilege relationships, and unmonitored assets. Zooming in reveals detailed connections, helping security teams trace attack paths, uncover misconfigurations, and prioritize risk mitigation efforts.

Built with the robust sigma.js library, this visualization delivers high performance and exceptional clarity. While this release focuses on foundational visualization, it paves the way for future automation features, such as:

Attack path prioritization, to calculate and highlight the shortest, most critical attack vectors.
Privilege escalation analysis, to uncover misconfigurations and excessive permissions.
Automated risk quantification, to provide deeper security insights for proactive defense.

Why it matters:

A bird’s-eye view of your security landscape enables organizations to quickly assess risks, understand asset dependencies, and detect potential attack paths.
For MSSPs, this feature provides a powerful way to deliver strategic security insights to clients, offering clear, visual evidence of risks and remediation priorities.

Key benefits:

Bird’s-eye visibility: See how assets, identities, and issues interconnect from a strategic level.
Drill-down analysis: Zoom in on individual nodes to analyze attack paths, relationships, and security gaps.
Identify overprivileged or widely connected identities: Easily spot accounts that have extensive access across multiple systems, which could pose security risks.
Attack path identification: Lays the groundwork for automating the discovery of shortest and most critical attack paths.
Operational efficiency: Detect unmonitored assets, risky identity relationships, and potential misconfigurations faster.

How to use it:

Navigate to Inventory and select the Graph.
The initial view is fully zoomed out, providing a bird’s-eye view of your entire environment.
Zoom in and pan around using your mouse to explore specific connections and attack paths.
Use the search bar and filter options to isolate nodes by text, node type, or relationship type.

Graphical Representation of Asset Inventory — Interactive graph showing asset connections and relationships.

Zooming and clicking on nodes gives more focused details — Zooming and clicking on nodes enables drilling into some more focused details.

We welcome your feedback:
While the initial view may appear somewhat crowded when managing a large number of assets, zooming in reveals clear structure and patterns—with larger nodes indicating a higher number of connections (typically representing more critical assets or dependencies).

We are actively working on clustering, filtering, and grouping improvements to refine the experience. Your feedback is invaluable—please share any suggestions or insights to help us enhance this feature further.

Enhanced Software Inventory Management

Simplify and consolidate your software inventory

Duplicate software entries can obscure critical information and slow down reporting. In this release, Nanitor automatically merges duplicate software titles and vendors by leveraging an improved alias mapping system. This consolidation results in a cleaner, more accurate inventory—while still allowing manual adjustments or reversions if needed.

Why it matters:

For organizations managing extensive software portfolios, duplicate entries create noise and inefficiencies. Consolidation ensures a clean and streamlined view, enabling MSSPs to generate clearer reports and insights for their customers.

Simplified Reporting: Generate clear, concise reports without the clutter of redundant entries.
Operational Efficiency: Spend less time managing duplicates and more time focusing on remediation.
Consistent Data: Ensure that every software product is represented only once, reducing confusion for internal teams and external partners.

Note: Data sourced from devices—such as information from uninstall registry keys—often includes vendor names in varying formats (e.g., "Adobe" vs. "Adobe Inc" vs. "Adobe Incorporated"). Our improved alias mapping system automatically resolves these inconsistencies, so you see a consistent and accurate view of your software inventory.

How to use it:

Navigate to the Software Inventory tab to view consolidated entries.
Use the merge/revert functionality for any manual adjustments when necessary.

The following figure panel illustrates where Publisher "Apple" and "Apple OSX" are selected and (1) Merge/rename action clicked, (2) "Apple" selected as correct/desired entry, (3) Merge clicked to combine.

Software Inventory Management — Easily manage and consolidate software titles and vendors: Merging process illustrated.

The following figure shows the result, where (4) the entries have been unified under "Apple", and (5) we can see and revert/unmerge the merged items in the Publisher details.

NOTE: Manual merging of entries requires System Administrator role as it is applies for the whole system (all organizations).

Improved Audit Logging

Gain complete visibility into system and user activity

We’ve conducted a thorough review and enhancement of our audit logging to fill in gaps and ensure that all key user-triggered actions are captured where it makes sense. While we have always logged critical security events, this release introduces a major expansion—covering 18 new audit events across asset management, compliance settings, network discovery, and system configurations.

This initiative was designed to provide greater transparency, better compliance reporting, and improved troubleshooting capabilities. As part of this effort, we reviewed and quality-checked audit events across the platform, ensuring that all key changes performed by users are properly logged.

Audit logging now includes events such as:

Sub-organization creation
Changes to network discovery, compliance frameworks, and device configurations
Updates to metadata and health scores
Asset custom field modifications
Changes to device hostnames, types, and notes
Modifications to Active Directory discovery, Network discovery, PII searches, and port probing
SAML provider additions/removals
Updates to compliance frameworks and benchmarks
Creation, updates, or deletion of scheduled reports and agent collectors

This update ensures that all meaningful user actions are logged, helping security teams and MSSPs demonstrate full accountability and compliance.

Why it matters:

For MSSPs and organizations with strict compliance requirements, detailed logging of user actions provides critical insights for audits, investigations, and security monitoring. This update makes it easier to:

Track changes and accountability – Know exactly when security settings or configurations were modified.
Support forensic investigations – Get a clear historical record of system modifications.
Ensure compliance readiness – Demonstrate a transparent and auditable security posture.

Key improvements:

Expanded Coverage: Introduces 18 new audit events, ensuring better tracking of key user-driven changes across inventory, security settings, and compliance controls.
Enhanced Transparency: Logs user actions like benchmark assignments, SAML updates, and issue prioritization changes, making it easier to see who modified what and when.
Optimized Search & Filtering: Quickly locate relevant audit logs by event type, timeframe, or user, streamlining investigations.

How to use it:

Navigate to the Audit Log under the Reports menu.
Apply filters to focus on specific event types or user actions.

We are committed to continuously refining audit logging to capture all relevant security changes. If you notice an event that should be logged but isn’t, we encourage you to share your feedback.

Improvements

Agent Binary Size Reduction

We’ve optimized and trimmed unnecessary dependencies from the nanitor-agent binary, significantly reducing its size (on Windows, nanitor-agent.exe is now 23MB, down from 44MB). This not only improves performance and efficiency but also reinforces our commitment to a low-footprint architecture. Keeping the agent lightweight and efficient ensures minimal system impact while maintaining full functionality.

MacOS File Checks Improvement

File-based checks on macOS have been significantly improved with the introduction of a local file index cache (FDB). This optimization allows for faster file lookups, reducing I/O overhead and enhancing the efficiency of vulnerability and compliance checks that rely on file existence or property checks.

Enhanced Java Vulnerability Detection

Java vulnerability detection has been refined to ensure accurate mapping between software inventory entries and known vulnerabilities. Previously, some vulnerabilities were detected but not properly linked to Java versions listed in the software inventory. This update improves the correlation process, ensuring that vulnerabilities appear correctly in reports and remediation workflows.

Bug Fixes and Performance Enhancements

Forensic Data for ACE-Based Benchmarks: Fixed an issue where forensic data was not being generated for failing ACE (Asset Check Engine) benchmarks across multiple platforms—including Cisco Nexus, F5 BIGIP, Fortigate FortiOS, Palo Alto Firewall 11, VMware ESXi 7, and VMware ESXi 8. With this fix, all failing benchmark rules now produce comprehensive forensic data in the Issue details.
Chrome Vulnerability Discrepancies: Resolved an issue with capturing vulnerabilities from multiple Chrome installations. The fix ensures that multiple installations are correctly recognized, preventing mismatches where one installation was up-to-date and another was outdated with numerous vulnerabilities.
Custom Field Sorting Consistency: The order of custom fields is now consistent between the asset view and configuration settings, ensuring a uniform experience across the platform.
Inherited Saved Filter Removal: Users should not be able to delete/edit inherited filters from a suborganization. An explanation was added to the UI when attempting to remove an inherited filter for clarification. These filters can still be removed from the parent organization where the filter is defined.
F5 BIG-IP Error Handling: To better flag permission issues, we now capture errors from list all-properties one-line when they have the prefix "Unexpected error" and display them more prominently to users. Additionally, if an error occurs while adding a device and retrieving its configuration, we now use the device address as the hostname to prevent empty hostname entries, improving usability and troubleshooting.

Thank you for using Nanitor! Your feedback helps us improve. For detailed documentation and support, visit the Nanitor User Guide or Nanitor Knowledgebase.