Release Notes

License Management: Enhanced license management with the ability to download licenses, assign license owners and tags in bulk, a redesigned Create License flow and list view, a new license widget, and automated remediation creation for expiring licenses—making license tracking faster, easier, and more intuitive.

Calendar: Remediation modal now opens on the same page for faster access to remediation details.

Policy Renewal: Automatically creates a remediation item when a policy is due for renewal, helping teams stay compliant.

Confirmation Popups: Updated text and buttons for a consistent user experience.

Vendor Management: Added a vendor dropdown with the option to quickly add new vendors and a Tiers filter for improved categorization and management—making vendor setup and oversight simpler.

Security Awareness: Fixed a missing “Connect Your Tool” prompt and token error messages.

Manage Users: Resolved issue where the Roles filter was not functioning correctly.

License Management: Introduced the ability to upload licenses in bulk via a template, making license management faster and more efficient.

Audit Management: Auditors now receive notifications when an audit lead is saved or updated, improving collaboration and accountability.

Event Management: Added multi-select and bulk action menu, bulk event remediation, and improved support for tags, links, and history updates for easier event tracking.

Calendar & Dashboard: Policies-to-expire now appear in the calendar and the "This Week" dashboard widget. Policy renewals automatically create a remediation item when due.

License Management: General functionality improvements for smoother and more intuitive license operations.

User Interface: Enhanced UI design across the portal, standardized row-click behavior for opening modals, and applied hand cursor on hover for consistent user experience.

Edit Audit: Fixed an issue where the Edit Audit option was not functioning.

Reset Password: Fixed functionality that had caused an issue receiving a password reset email.

License Bulk Delete: Resolved issues with bulk delete in License Management to ensure it works as expected.

Custom Questionnaire: Added the ability to preview and download uploaded files for easier access and review.

Rapid Risk Assessment (v2): Introducing the second version of the Rapid Risk Assessment! The assessment has been streamlined from 75 to 60 questions, focusing on the most critical areas of technology and cybersecurity. This updated version delivers faster, more relevant insights to help you better understand and mitigate your organization’s cyber risk.

Controls: Integrated Controls API with on-scroll pagination for smoother navigation through control lists.

General Optimizations:

• Reduced the number of API calls, improving page load times across the platform.
• Optimized refresh behavior for the "My Account" sidebar.
• Reduced Toast notification display time to 2 seconds for a less disruptive experience.

Custom Questionnaire:

• Fixed an issue where question data was not loading correctly.
• Resolved filters not working after being applied once.
• Corrected saving of company name, first name, and last name.

Evidence: Fixed an issue where evidence names were not updating until a manual refresh.

License Management: Resolved issues with bulk upload and bulk delete functionality.

Audit Management: Fixed a mismatch between status displayed in the list and the modal view.

Auditor Feedback: When a control status is set to "Needs More Info", Auditor Feedback is now a mandatory field, helping auditors provide complete, actionable feedback for better audit outcomes.

Multi-Factor Authentication (MFA): SMS-based MFA has been removed, simplifying login while maintaining security best practices.

Audit Summary & List: Updated status colors for instant clarity, making it easier to track audit progress at a glance.

Control Applicability: Text entry is now required when a control is marked as “No,” ensuring all critical details are captured.

Evidence Validation: Evidence due dates are now validated to fall within the audit period, helping teams stay on track and compliant.

Login & Session Management: Inactive users now receive clear messages, and automatic logout on tab close improves session security.

Performance: Backend optimizations make the Trust Portal faster, smoother, and more reliable.

Evidence Module: Resolved errors when assigning users and ensured required/custom evidence displays correctly, reducing frustration and saving time.

Audit Status: Fixed issues where controls answered “Yes” or marked as “Pass” were still showing as “Not Started,” ensuring accurate audit tracking.

Auditor Assignment: You can now assign different auditors to each control, giving teams more flexibility and control.

Audit Views: Fixed reversed behavior between “View Audit” and “Manage Audit” and ensured the Audit menu loads reliably, streamlining navigation.

Template API Support: Enabled API access for standardized questionnaire templates, laying the groundwork for reusable formats and faster onboarding.

Controls Progress Display: Fixed an issue where the Controls page showed incorrect progress percentages for selected security frameworks.

Framework Selection Error: Resolved a “Bad Request” error when selecting “All Frameworks” on the Controls page.

Logout Stability: Fixed a logout issue that occurred after three page refreshes followed by any action.

Date Field Saving: Resolved a bug preventing users from saving dates in applicable forms.

UpGuard Finding: Fixed a flagged issue identified by UpGuard.

Security Header Enforcement: Implemented HTTP Strict Transport Security (HSTS) to strengthen platform security.

Custom Questionnaires Launch: You can now upload, track, and manage customer or vendor questionnaires directly within the Trust Portal. The new interface features a streamlined list view with pagination, progress tracking, upload history, and integrated status updates — eliminating the need for manual tracking outside the platform.

Upload Modal & Tab Integration: A user-friendly upload modal and new questionnaire tab have been added to the Audit Management page, making it easy to manage assessments in one place.

Smart Company Recognition: Automatically identifies and displays the company name and logo based on the domain associated with uploaded questionnaires.

Template Selection Support: Easily reuse standard questionnaire templates with support for uploading predefined formats.

Audit Excel Export: Added the ability to export Excel summaries once all audit controls are completed (Pass/Fail).

Third-Party API Stability: Improved reliability by adding automatic retries for select third-party API calls.

Forgot Password: Fixed an issue where the Forgot Password functionality was not working.

Audit Page Load: Resolved a critical issue where the Audit Management page could display a blank white screen.

Control History Scoping: Scoped Company Control History by individual audit for accurate audit tracking.

Audit Progress Bar: Restored the missing progress bar on the Manage Audit screen.

Audit Logs Filter: Fixed the user filter in Company Account > Audit Logs to show the current logged-in user.

Integration Popup Data: Resolved an issue where integration configuration popups were showing real customer data.

Critical Event Accuracy: Fixed a bug that caused inactive assets (less than 7 days) to appear as critical events in the Events tab.

Rapid7 CVE Integration: The Trust Portal now pulls CVE links and vulnerability vector data directly from Rapid7 to enhance risk context during assessments.

‍

Audit Progress Bar: The Audit Management Dashboard now includes a progress bar to help visualize audit completion status.

Filter Controls: Added “Select All / Deselect All” buttons for filters on the Audit Management page to improve usability.

Improved Event Labels: The Events page now shows both Vendor and Tool Name for increased clarity.

Resolved Ticket User Icons: Tickets now correctly display the user who resolved the issue, improving traceability in remediation workflows.

Remediation Log Time: A new field captures log time when reopening remediations, providing better auditability.

Resolution Time Tracking: Resolution time is now shown when a ticket is marked as resolved.

Rapid Risk Assessment: Fixed a blank screen issue when accessing the page.

Summary Counts: Corrected broken summary statistics on the Rapid Risk Assessment dashboard.

Unset Audit Owner: Resolved a “user not found” error when the audit owner was not set.

Auditor Permissions: Fixed role-based visibility and access issues for the Auditor role.

Applicability Response: Restored the missing “Yes” option for “Is this control applicable?” in audits.

Incident Response Text: Removed incorrect “Incident Response” reference from the Audit Management page.

Info Icons: Fixed tooltip icons that were not showing text in Add/Edit Audit views.

User Status Change: Resolved a “user not found” error when changing a user’s status in Audit Management.

Evidence IDs: Prevented duplicate Evidence IDs from being created across modules.

Controls API: Added missing domain detail fields to improve control metadata completeness.

Control Filter Label: Corrected mislabeled text in the “Search Control Family” field.

Control Answers: Fixed an issue where control answers could not be saved.

Bulk Remediation Creation: Corrected a bug that blocked remediation creation for bulk-identified risks.

My Account Page: Fixed role display so the correct user role now appears.

MFA Settings: Fixed an issue that prevented users from disabling Multi-Factor Authentication.

Trust Portal UX Enhancements:

• Added an "All" option to filter dropdowns throughout the portal for improved filtering flexibility.
• Your last page state will now be saved after you log in, making it easier to pick up where you left off.

Calendar Enhancements: Page navigation is now easier, allowing you to click directly on rows for faster navigation and a smoother experience.

Policies: You can now view and edit renewal dates directly within the Policy page, making policy management more efficient.

Security Awareness: New functionality allows you to download participant lists from security awareness campaigns, providing better tracking and analysis.

Vendor Risk Management: The Vendors page now includes a Tiers filter, allowing you to better categorize and manage vendors.

Controls: The design of the control modal has been updated for a cleaner and more consistent look, improving your overall user interface experience.

Audit Evidence: We now provide greater transparency and accountability by tracking audit evidence history within the platform.

Company Users: Streamlined the process of inviting users with different roles, making user management simpler and more automated.

Remediation Tracker: Refined the grouping of risks under single remediation tasks.

Remediation/Reports: Enhanced domain filter functionality in Remediation and Reports.

Risk Module: Streamlined functionality for risk creation and management.

License Management: Enhanced the user interface for managing licenses.

Assets & Remediation: Improved options for managing assets and remediation tasks.

Vendor Remediation: Added improved functionality to the Vendor Remediation section.

Login Issue: Fixed a bug where refreshing the page three times and performing an action caused users to be logged out unexpectedly.

User Management: Fixed an issue preventing the "Send Reminder" function from displaying the renewal date field correctly in the Users section.

Policies Actions: Fixed the issue with Publish, Unpublish, and Archive functions not working properly in the Action dropdown for Policies.

Policy Editing: Resolved the issue that prevented editing a policy in the platform.

Asset Check-in Dates: Corrected the last check-in date in Assets to ensure accurate data.

Evidence Filters: Resolved an issue in Evidence where users were unable to uncheck the "Completed" filter.

Subscription Data: Fixed a display issue where old subscription data showed incorrectly on the Reports page, but appeared correctly on the Company Account page.

Campaign Management: We’ve updated the campaign management system to make it easier to track campaign status. The new feature displays whether a campaign is Active or Inactive, providing clearer visibility and improving the overall management process.

Evidence Module: Added options to upload files, create evidence, and download evidence, streamlining data management for a smoother workflow.

Audit Management: Enhanced audit tracking with new features for viewing control lists, filtering control answers, chatting, messaging, and accessing control history for improved collaboration.

Permissions & Access: Added permission checks for view-only users to ensure appropriate access control and security within the portal.

UI Enhancements: Added an “All” option to all filter drop-downs throughout the Trust Portal for greater flexibility when filtering data.

Calendar: Improved the Calendar component by preventing layout shifting, providing a more consistent and visually pleasing user experience.

Rapid Risk Assessment: Fixed an issue where data on page 2 of the Rapid Risk Assessment wasn’t loading correctly.

Audit Module: Auditors are now restricted from marking controls as pass/fail unless the control is in the appropriate state, ensuring proper audit procedures.

License Page: Resolved an issue where selecting an end date caused the screen to go blank, improving the user experience.

Dashboard: The phishing simulation count now accurately reflects data from all active campaigns, ensuring correct reporting.

Audit Management Module: Introducing our brand-new Audit Management Module! This powerful new feature provides auditors with an intuitive layout and a streamlined interface, making it easier to manage and track audit processes from start to finish. With this new module, auditors can now efficiently organize, review, and complete audits, improving overall workflow and ensuring greater accuracy and compliance.

Compliance Mapping: Added MPA Best Practices 5.3 framework mappings to strengthen compliance tracking and reporting.

Dashboard: Services that are not configured will now only show errors on their respective pages, rather than cluttering the main dashboard.

Company Settings – Integration: When opening KnowBe4, the tool search will now automatically be filled with the user's email, simplifying the process.

License Management: Added a percentage progress bar to visually track license usage, and moved the License section under the "Compliance" category in the sidebar for better organization.

Remediation Page: The remediation name field has been moved above the Cybersecurity Domain field for improved layout and user experience.

Remediation Page: Now, all user types can edit remediation tasks, providing greater flexibility for managing remediation.

Risk Page: Prevented risk updates with empty fields, ensuring data integrity and accuracy.

Risk Module: Fixed a bug that allowed the submission of empty fields in the Risk module.

Assets: Fixed an issue where previously viewed asset details briefly appeared when loading a new asset, improving page loading performance.

Login Page: Improved behavior during failed login scenarios, providing better feedback and guidance to users.

Dashboard: Fixed column layout issues for better readability. Prevented the "connect tool" widget from displaying if tools are already configured, reducing unnecessary clutter.

Controls Page: Added support for updated filters, enhancing navigation and management of controls.

Evidence: Added graphics that appear when no files are available, providing clearer feedback to the user.

Reports: Fixed an issue where previously opened reports would briefly flash, resulting in a smoother user experience.

Settings Page: Fixed inconsistent spacing between headers and data for a cleaner layout.

User Status Colors: Updated the color colors for Active, Inactive, and Pending users to match the summary box, ensuring visual consistency.

License: Fixed an issue where the file delete functionality was not working properly.

Vulnerability Counts: Fixed the mismatch between vulnerability counts on the Risk page and Dashboard for consistent reporting.

User Management: Fixed an issue preventing users from being invited or logging into the Trust Portal, ensuring smooth access for users.

Events Page: Fixed UI and component bugs to enhance overall page functionality

Rapid Risk Assessment: We’re excited to introduce the Rapid Risk Assessment (RRA) module! This powerful new tool helps you quickly evaluate and manage risks across your organization, giving you clear insights into your security posture. With RRA, you can assess vulnerabilities, identify gaps, and take proactive steps to mitigate risk—all in a streamlined, user-friendly interface. Get actionable insights faster and make more informed security decisions with ease!

Dashboard: Phishing simulation data is now counted from all active campaigns, giving you a more comprehensive view of your security efforts.

Remediation: Made assets optional when submitting remediations, offering greater flexibility in remediation tasks.

Vendor Risk: Added a download feature for vendor risk data and updated the page title for clarity.

Reports: Added start-end date validation to prevent invalid date ranges and ensure accurate report generation.

Vendor Risk: Added support for downloading selected companies as a spreadsheet, making it easier to manage and share vendor risk data.

‍

Dashboard: Phishing simulation data is now included from all active campaigns, offering a more comprehensive view of your security efforts.

Summary Counts: Summary counts on pages like License, Remediation, Policies, and Evidence now update automatically, eliminating the need for a manual refresh.

Company Account: The framework section and dashboard widgets are now hidden when compliance checkboxes are unchecked, providing a cleaner and more focused view.

Remediation Tracker: Files will now only be deleted after clicking the Save button, ensuring better control over changes.

Risk Management: The "Add Risks" action no longer resets the form, preserving data and improving the user experience.

Tools: The "Other" summary card now displays more than just pending items, providing a more comprehensive overview.

Controls: Updated filters are now supported, enhancing your ability to manage controls more effectively.

Evidence: Added visual graphics to indicate when no files are present, improving user feedback and clarity.

Evidence: Removed the "renew date" field from evidence and calendar, simplifying the interface and making it more intuitive.

Reports: The "History" tab, which appeared during uploads, is now hidden for a smoother user experience.

Policies: Corrected the "Edit" option in the action menu, which was incorrectly showing in the edit view.

Remediation Tracker: Grouped risks now display all associated risks correctly under a single remediation task.

Events: Fixed UI bugs and component issues, resulting in a more seamless experience.

Risk Management: Expired accepted risks no longer appear in the accepted risk filter, ensuring more accurate reporting.

License: Fixed the issue where the file delete functionality wasn’t working, ensuring smooth file management.

Reports: Resolved an issue where history of previously opened reports briefly appeared, providing a cleaner report view.

License/Identities: Color statuses for Active/Inactive/Pending users now correctly match the summary box for consistency.

My Account: The phone number edit popup no longer shows a previously triggered error, improving the editing process.

Contact Support: Resolved an issue where support emails were not being sent, restoring full functionality.

License Expiry and Policy Renewal Dates: Integrated License Expiry and Policy Renewal Dates into the Calendar for better tracking of license deadlines and policy renewals.

‍Mouse Hover Effects: Added mouse hover effects for all table rows to improve user interaction and accessibility.

Clickable Dashboard Widgets: Made widgets clickable for improved usability and navigation.

Publish and Renewal Date Fields: Added Published Date and Renewal Date fields to Policies for better policy management.

Remediation List API Performance: Improved remediation list API performance in production for faster data retrieval.

Evidence Page Redesign & Enhancements: Redesigned the Evidence page for improved usability and functionality, along with enhancements to various features within the Evidence modules for better performance and user experience.

Calendar Page Enhancements: Implemented changes to the Calendar page for enhanced performance and clarity.

Vendor Logos in Vendor Risk Management: Added vendor logos in Vendor Risk Management to improve vendor tracking and identification.

Company Account UI Update: Updated the UI for the General Page in Company Account for better user experience.

Vulnerability Count & Dashboard Consistency: Fixed a bug causing a mismatch between Vulnerability counts on the Risk page and Dashboard.

Remediation and Policy Issues: Resolved issues preventing users from resolving Remediations and fixing the "Send Reminder" function in Users, which was incorrectly displaying the renewal date field.

Evidence Module Fixes: Fixed an issue in Evidence where users couldn’t uncheck the "Completed" filter and addressed a problem with the "Publish," "Unpublish," and "Archive" functionalities in the Action dropdown for Policies.

User Login and Policy Editing: Resolved an issue where refreshing the page three times and performing an action caused users to be logged out, and fixed an issue preventing users from editing policies.

Asset and Subscription Data Accuracy: Verified and corrected the last check-in date in Assets and resolved a mismatch with old subscription data displayed on the Reports page versus the Company Account page.

Evidence Summary Dashboards: New dashboards are available, offering at-a-glance insights into your evidence landscape.‍

Trust Portal User Summary: A new summary is available for Trust Portal users, providing key information and metrics.‍

Controls Widget: A new Compliance widget on the Dashboard provides enhanced visualization and interaction with compliance data.‍

Bulk Control Assignment: The Controls page now supports bulk assignment of controls for increased efficiency.

Left Navigation Bar Improvements: We’ve reorganized the pages in the left navigation bar into three distinct sections: Governance, Risk Management, and Compliance, improving navigation and accessibility across these areas.‍

Asset Filtering in Remediation: You can now filter assets within the remediation section, making it easier to manage and track specific assets.‍

Policies & Procedures Document Counts: The platform now displays the number of selected documents in the Policies & Procedures page for better transparency.‍

Dashboard Optimizations: The Remediation widget now excludes resolved remediations, and dashboard performance is improved by reducing API calls.‍

Calendar Page Enhancements: Improved visual clarity and added a white background in full-screen mode when no data is available. Optimized the display of Remediation Descriptions for better readability.‍

Evidence Management: You can now preview evidence directly within the platform, and report history now includes a tracking feature.‍

File Uploads: The file upload component has been updated for smoother use in Reports, License, and Remediations.‍

Domain Selection: The default control page settings now respect the original settings to prevent unexpected changes.‍

Secure Controls Framework Attribution: Added attribution to SCF controls on both the Controls and Evidence Pages, providing clear sourcing and context.

General Usability & Navigation: Fixed various issues with widget display, such as disappearing or misaligning widgets.‍

Remediation: Fixed issues with remediation assignments, status updates, grouping, and unselecting. Now remediations update properly, and risks are grouped accurately.‍

Compliance: Resolved issues related to evidence management and domain selection, including the deletion of evidence and framework selection.‍

Reports & Contracts: Fixed issues with report history and previewing docx reports. Contracts now display question names and update statuses correctly.‍

Other Fixes: Addressed issues in identities, calendar styling, asset tags, and company accounts to ensure consistent behavior across the platform.

Vendor Risk Management: We’ve introduced a new Vendor Risk Management feature to help you effectively assess and manage the risks associated with your third-party vendors. The Vendor Risk Management summary widget on the Dashboard page provides a quick overview of vendor-related risks and directs you to the full Vendor Risk Management page for more detailed insights and actions. This feature streamlines your ability to track and mitigate vendor risks across your organization.

Summary Sections: Navigation just got easier! We’ve added clickable summary sections for Remediation Tracker, Risks, Identities, Assets, and Tools, providing quick and easy access to detailed information with just a click.

Calendar Page Enhancements: We’ve improved visual clarity by adding a white background when no data is available in full-screen mode. Plus, we’ve upgraded the overall design and functionality of the Calendar page and optimized the display of Remediation Descriptions for better readability.

Dashboard Optimizations: The Remediation widget now excludes resolved remediations for a cleaner view, and we’ve boosted dashboard performance by reducing unnecessary API calls from 5 to just 2 after login, making your experience faster and more efficient.

Technical Information and Company Account Display: Fixed the display of user activation and deactivation options in the Company Account and Technical Information pages, ensuring consistency across the platform.

Remediation Popup Fix: Resolved the issue where the "Cancel Create Remediation" popup wouldn’t close properly in the Events section, making it easier to manage your tasks.

Compliance Framework Mapping: Released a completely new Compliance Framework Mapping that aligns with 80+ cybersecurity frameworks, significantly improving previous mappings and offering enhanced security and compliance management across the platform.

In-Progress Status and Remediation Enhancements: Implemented an in-progress status flow for remediations, providing better visibility into remediation progress, and added asset details to remediations created from the Assets module, offering better context and traceability.

Improved Evidence Library: Integrated an API to streamline the creation and update of evidence, improving both efficiency and accuracy.

Streamlined User Management: Consolidated user management functionalities, focusing on Identity and Access Management, for a more efficient and cohesive user experience.

Improved Risk Description Display: Enhanced the display of risk descriptions for clearer understanding and communication of risks.

Calendar and Date Picker Improvements: Improved date picker behavior for a smoother user experience.

Enhanced Security: Added user password change logs to audit logs, increasing visibility and accountability for user account changes.

‍Compliance Module Remediation Display: Resolved an issue where deleted remediations were still appearing in the Compliance module.

Events Widget Count Fix: Fixed incorrect open and remediated counts in the Events widget.

Risks Module Pagination and Date Fixes: Fixed an issue in the Risks module where the default date was not updating correctly and pagination was not functioning as expected.

Evidence Module Owner Filter: Resolved issues with the owner filter in the Evidence module, improving filter functionality.

Calendar Widget: Implemented a new calendar widget for improved visualization and navigation, now displaying counts for risks and licenses when clicking on respective rows.

‍Dashboard: Updated the Risks widget to display the count of expired risks.‍

Security Awareness Training: Improved the UI in the Security Awareness Training module to resolve inconsistencies and enhance the overall user experience.‍

Manage User: Relocated user management from the Company Settings to the newly added "Identities" menu, featuring the "Trust Portal Users" tab for better accessibility.

Remediation: Resolved an issue where domain names were not displayed in lists and popup titles.

Manage User: Fixed the MFA Status filter to function correctly. Updated the action text in the dropdown menu for users to improve clarity.

Risk: Resolved an issue where the Asset label was displayed in the "View" and "Add Risk" pages, but not in the "Edit Risk" page.

Due Date: Removed the extra box that appeared in validation error messages related to due dates.

Calendar: Implemented a new calendar page for efficient scheduling and planning.‍

Login Authorization OTP:  Introduced a mechanism to limit One Time Password requests and temporarily block accounts after exceeding the request threshold.

Due Date Configuration: Added a configuration page for customizing remediation due dates.

Remediation Module:  Introduced a due date field in the remediation module for enhanced time management.

License Model Design:  Updated the design of the license model for improved clarity and aesthetics.

My Account:  Standardized the phone number format in the My Account section.

Event Display Format:  Improved the display format of auto-created events from third-party integrations in the Risk, Remediation, Events, and License History sections.

Remediation Widget:  Fixed an issue where the numbers displayed in the remediation widget were inaccurate.

My Account Active Services:  Resolved an issue where not all active services were displaying. The My Account section now accurately shows all active services.

Remediation Sources Filter:  Fixed an issue where the sources filter did not display all domains correctly.

Status Filters Functionality:  Resolved an issue with the “uncheck all” functionality for status filters, ensuring it works as expected.

Risk Creation: Implemented the ability to automatically create risks from User Management for users who have not logged in for 90 days, enhancing proactive risk management.

Left Navigation Bar: Updated the left navigation bar with new icons for improved usability.

User Time Zone Display: Removed the display of user time zone where local time is shown, simplifying the user interface.

Remediation Tracker: Improved user experience by increasing the size of the remediation tracker and displaying full-service names instead of abbreviations for clarity.

Remediation Check-All Checkbox: Adjusted the size of the "Check All" checkbox in the remediation tracker, making it more visually distinct when checked.

Consulting Hours Graphics: Added "no data" graphics for consulting hours on the Reports page's Consulting Hours tab when JIRA is not integrated, providing a more informative display.

My Account Improvements: Enhanced the "Edit Phone Number" modal to reset the number when the modal is closed without saving changes, preventing unintended modifications.

General Page: Updated the Company Account - General page for better organization and presentation of information.

Integrations Page Update: Updated the Company Account - Integrations page’s tool descriptions to improve clarity and understanding.

User Management: Updated the MFA filter option to include "Enabled" and "Disabled" options, providing greater flexibility in managing user accounts.

Login and MFA: Resolved issues related to the login screen displaying pre-sign-in attempt errors and incorrect error messages on the MFA page.

Login Cache Issue: Addressed a cache issue that caused unexpected behavior during login.

Audit Log Date and Time Fixes: Fixed an invalid date error that occurred when clearing the date filter in audit logs and resolved a discrepancy between the time displayed in the UI and the time shown in the downloaded CSV from audit logs.

Audit Logs: The Audit Logs tab now provides a history of user activity related to remediation and company management changes.

Audit Log Download Feature: Added the ability to download audit logs for further analysis and record-keeping.

Cybersecurity Tool Integration Steps: Steps for integrating Cybersecurity tools have been added to the onboarding process, enhancing user guidance during setup.

Sticky Table Headers: Table headers for the Reports, Policies, Assets, Licenses, Tools, Company Account, and Technical Information pages are now sticky at the top during page scroll, improving user experience and navigation.

‍Updated UI for Company Settings: The General and Integration pages in Company Settings have been updated for improved usability.

‍Filter Clearing Functionality: In Reports, Events, Risks, and Audit Logs, clicking “Clear Filter” now removes all selected filters, enhancing usability.

Correct Login Time Display: The correct login time is now displayed in User Management.

Remediation Asset Details Saving: Fixed an issue where remediation created from User Management was not saving asset details. This issue has been resolved, and asset details are now correctly saved.

Optional Recommendation Field: The recommendation field is now marked as optional in the “Create Remediation” form from the Assets page.

Deletion of Remediation Linked to Risk: Fixed the issue where remediation was not being deleted when the associated risk was deleted. Remediation is now automatically deleted when the risk is removed.

Event Time Change History Display: Fixed the issue of not showing the history for event time changes. The correct time is now displayed.

User Management Page:  Added a User Management page with integration to Microsoft Entra (Azure AD), streamlining user administration. This page provides visibility into key fields such as Asset, Tool, Last Check-in, Last Login User, IP Address, MAC Address, and Status. With this information, customers can easily identify users who have not logged in for an extended period or those who are no longer employed but still have access, enhancing security and management oversight.

Audit Logs:  A new Audit Logs tab has been added to the Company Management page, providing a comprehensive history of user activity for security and compliance purposes. This feature enhances accountability by tracking key actions such as inviting users, editing user details, and enabling/disabling MFA.

Sticky Table Headers:  Table headers for the Remediation, Events, and Risk pages are now sticky at the top during page scroll, improving user experience and navigation.

Dashboard Loading Experience:  The dashboard will initially load widgets with skeleton screens and will re-render them once the data is ready, providing a smoother user experience.

Consistent Naming:  The "Source" and "Service Name" fields have been renamed to "Cybersecurity Domain" and standardized throughout the product.

Auto-Submission for One-Time Passwords (OTP):  The form will now auto-submit upon entering the complete OTP, and the entered code will automatically clear when the "Resend New Code" button is clicked.

‍

Inactive Status Color:  The inactive status color has been changed to red across the product for consistency.

Remediation Status Update:  The status will now display as “Risk Accepted” if a created remediation is deleted and an expiry date exists, instead of changing to “Not Started” as it did previously.

‍

Event History Viewing:  Users can now view the history for each event, providing a comprehensive audit trail for improved tracking and transparency.‍

Company Logo Management:  Users can now add, edit, and delete the company logo directly from their company account, enhancing personalization and branding options.

Enhanced History Views:  New history views have been introduced for Risks, Remediations, and Licenses, offering detailed insights and better historical tracking.

Page Visibility Updates:  The Penetration Testing, Vulnerability Management, and Attack Surface Management pages are now hidden, simplifying the user interface and focusing on core functionalities.

Create Remediation Option for Deleted Assets:  Fixed an issue where the “Create Remediation” option was not available for deleted remediations in the Assets page, allowing users to create new remediations as needed.

‍Auto-Updating Risk Summary Counts:  Summary counts on the Risk page now auto-update without requiring a page refresh, enhancing data accuracy and user experience.

‍Data Mismatch in Phishing Simulation:  Resolved a data mismatch issue between the Phishing Simulation section on the dashboard and the Phishing Campaign section on the Security Awareness page.

‍Negative Values in Licenses:  Corrected an issue that allowed the entry of negative values in license fields, ensuring accurate and valid license data.

Feedback and Feature Requests:  Users can now provide feedback or request new features via the Help Center, facilitating improved communication and feature development.‍

Dashboard Customization for Admins:  Company Admins can now customize the dashboard to meet their specific needs, enhancing user experience and operational efficiency.‍

Asset Remediation Tracking:  Users can now track created remediations for Assets using the “Open Remediation” option on the Assets page.

Risk and Remediation History:  The history for Risks and Remediations now includes the date of creation, providing a more comprehensive audit trail.‍

Events Card Redirection:  The Events card on the dashboard now redirects to the selected criticality list on the Events page for easier navigation and management.‍

Create Remediation for Bulk Risk Operations:  Removed the unnecessary history tab during the creation of remediations for bulk risk operations, streamlining the process.

Navigation to Specific Risks and Remediations:  Resolved an issue where navigation from the Compliance page to specific Risks and Remediations was not functioning correctly.‍

Company Name Display for Assignees:  Fixed an issue where the company name was not displayed for assignees on the Remediation list page.‍

Tags List in Remediation Form:  Fixed an issue where the tags list was not displaying correctly in the “Create Remediation” form for Events.‍

View Risk Display:  Corrected issue with displaying invalid dates and blank users in the View Risk section for Unaccepted Risks.

Service Integration Management:  Company users can now manage service integrations directly within the Trust Portal.

‍New License UI Modal:  Introduced a new License UI modal that supports viewing license history and uploading copies of license contracts, enhancing license management capabilities.

Risk Modal Enhancements:  Users can now view the acceptance status and expiration time for accepted risks directly in the Risk modal.

‍JIRA Integration Category:  Added a “Project Management” category for JIRA on the Integration page, improving integration organization.

‍User Time Zone Visibility:  The time zone of users is now visible in the Remediation and Risk modals, facilitating better scheduling and communication.

Attack Surface Management Counts:  Resolved an issue where Attack Surface Management counts now accurately match the associated Risks.

‍Rapid7 InsightVM Data Fetching:  Fixed an issue where data fetched from InsightVM now properly resolves risks and their corresponding remediations.

‍Risk Widget Display:  Updated the Risk widget on the dashboard to show only open risks, excluding resolved risks from the count.

‍Checkbox Issue on Risk Page:  Fixed an issue where unchecking a checkbox on the Risk page was not functioning correctly.

False Positive Marking:  Users can now mark Events and Risks as False Positive, allowing for better management and filtering of data.

‍Risk Tagging:  Added functionality for users to tag Risks, including support for bulk tagging, enhancing risk categorization and organization.

Updated Sidebar Icons:  The icons in the sidebar have been updated for improved clarity and visual appeal.

‍Summary Sections:  Added summary sections to the Risk, Assets, and Events pages for a concise overview of key information.

‍Event Widget UI Update:  The Event Management widget on the Dashboard has been updated with a new user interface for a more streamlined and intuitive experience.

Track Remediation Link:  Fixed an issue where the Track Remediation link in Events now properly opens the related remediation directly.

Microsoft Defender Integration:  Integrated Microsoft Defender into the Events and Tools pages, enhancing security monitoring capabilities directly within the Trust Portal.

Auto-Populate License Utilization Data:  Automated the population of license utilization data for Darktrace, improving accuracy and efficiency in license management.

Enhanced Risk Filtering:  Users can now filter Risks by Discovered Date, enabling more precise risk management and analysis.

Sorted Display of Risk Data:  Risk data will now be displayed in sorted order: by Criticality (High, Medium, Low), Status (Not Started, In Remediation, Risk Accepted, Resolved), and then by Discovered Date (descending order), improving usability and clarity.

Dashboard Risk and Remediation Counts:  Added total Risk and Remediation counts on the Dashboard for quick overview and management insights.

Compliance Search Enhancement:  Enhanced compliance search capabilities by allowing search by question number and question text, facilitating easier navigation and audit readiness.

Reset Password Error Messaging:  Improved the error messaging for the Reset Password link to display proper messages upon expiry, enhancing user experience and clarity.

Remediation Creation Issue:  Resolved an issue where users were unable to create remediation for assets if the old remediation was deleted, enabling seamless remediation management.

Bulk Risk Operation Fix:  Fixed an issue preventing users from performing bulk risk operations across different pages, allowing users to create, accept, and create remediation for risks across pages seamlessly.

Location Activation/Deactivation Error:  Fixed an error where activating or deactivating a location without facilities resulted in an error, ensuring smooth functionality.

Pagination Navigation Fix:  Fixed an issue where actions performed on pages other than page 1 would navigate the user back to page 1, ensuring users remain on the same page after any action on risks.

Invite Management Enhancements:  Added functionality to reset passwords and send reminder emails for pending invites, improving user management efficiency.

New Risk Widget Summary View:  Implemented a new Risk Widget with a summary view for quick insights into open and accepted risks.

Darktrace and Rapid7 Tools Integration:  The Tool Management page now directly pulls data from Darktrace and Rapid7, streamlining tool management and enhancing data accuracy.

Enhanced Vulnerability Scan Integration:  Improved integration for vulnerability scans, now supporting both internal and external vulnerability scan site IDs from Rapid7 on the integration page.

Risk and Remediation Notifications:  Users will now receive notifications for creating, updating, deleting risks, and creating remediations from risks, improving visibility and responsiveness in risk management.

Phishing Campaign Prone User Counts:  Rounded up prone user counts in phishing campaigns for clearer reporting and analysis.

License Page Updates:  Vendor and tool names on the License page are now updated based on service selections, ensuring alignment with service configurations.

Session Management:  Fixed session issues where sessions were not properly deleted on logout, enhancing security and user session management.

Empty Company Management Page Graphics:  Added graphics to improve the visual representation of empty pages in company management, enhancing user experience.

Bulk Asset Deletion Fix:  Resolved an issue with bulk asset deletion where users were unable to perform bulk deletes after cancelling a bulk delete operation, restoring full functionality for asset management.

Introduced Auditor Role:  We have added the Auditor role, enabling designated users to audit policies and compliance within the Trust Portal.

Dashboard Tools Widget:  Added a Tools Widget on the Dashboard page for a quick overview and easy access to essential tools.

Tools Page Summary View:  Changed the UI for the Tools page to include a Summary view, enhancing user experience and data presentation.

Event Page Search Enhancement:  Users can now search by Event name on the Events page, improving efficiency in Event Management.

Manual Vendor and Tool Name Population:  It's now possible to manually populate Vendor Name and Tool Name fields, providing greater customization and accuracy in License Management.

Risk and Remediation Page Filter Issue:  Fixed an issue where filter values on the Risk and Remediation page would become empty on page refresh, ensuring consistent data display.

Accepted Risks Validation:  Restricted the acceptance of already accepted risks, preventing users from accepting risks multiple times.

Resolved Remediation Link Issue:  Fixed an issue where resolved remediations could not be opened via the track remediation link from the Risk page, improving remediation tracking functionality.

License Page Input Validation:  Updated the license page to only accept valid numbers in the license number field, enhancing data integrity and accuracy.

Remediation Error Message Enhancement:  Improved error messaging for remediations when users attempt to save without assigning an assignee, ensuring clarity and completeness in remediation management.

Security Awareness UI Fix:  Fixed a UI issue in the Security Awareness page where the last row was previously cut off, ensuring all content displays properly for improved usability.

• Asset Management:  Introducing Asset Management, empowering users to efficiently manage their IT assets within the Trust Portal.
• Integration with NinjaOne:  We're excited to announce a new integration with NinjaOne for IT Asset Management, providing enhanced capabilities and flexibility for managing your IT infrastructure.

Risk Management Audit History:  Added an audit history tab in the Risk Management modals, enabling users to track and review changes made to risk assessments with greater transparency and accountability.

PDF Document Upload in Policies:   Users can now add PDF documents to the Policies page, enhancing document management capabilities and providing a centralized repository for policy-related materials.

Admin Password Reset Capability:  The Admin user role now has the ability to reset user passwords, streamlining password management processes and providing administrators with greater control over user access and security.

Attack Surface Management Widget Design:  Improved the design of the Attack Surface Management widget when shrunk to 1 column, ensuring a seamless and visually pleasing user experience.

Risk Management Criticality Flag Colors:  Fixed an issue on the Risk Management page where the criticality flag colors were incorrect, ensuring accurate and consistent representation of risk severity.

Policy Creation Error:  Resolved an error on the Policies page where creating a policy from a template resulted in an error. The issue occurred when selecting "View From Template" and then saving without making changes. The fix ensures policies are saved as drafts as expected.

Remediation Tracker Page Display Issue:  Fixed an issue on the Remediation Tracker page where, when no search results were found, it incorrectly displayed "1 of 0" page count and inconsistent spacing between filters and search components. This fix improves the consistency and accuracy of page display in such scenarios.

• Security Information & Event Management Integration: Endpoint Detection & Response (EDR), Network Detection & Response (NDR), and Security Information & Event Management (SIEM) are now integrated into the Security Information & Event Management page. Gain visibility of all security events on a single page for faster response and remediation.

Event Management Manual Creation: Added the ability to manually create a Security Event, empowering users to proactively manage security incidents.

Cybersecurity Tool Name Display: Added cybersecurity tool names to the Event Management details, providing clearer insights into security tool usage.‍

License Management Calendar Enhancement: Improved the calendar in License Management to enable easier selection by month and year, enhancing usability and navigation.

Technical Information Field Streamlining: MFA and IDS/IPS are no longer required fields for applications, streamlining the application process for users.

User Notifications for Mandatory Fields: Added notification pop-ups to inform users when mandatory fields are not completed, ensuring data completeness and accuracy.

Left Navigation Bar Simplification: Renamed Gap Analysis as Compliance, Event Management as Events, and Risk Management as Risks, simplifying navigation and aligning terminology for clarity.

Event Management Widget Sorting: Resolved an issue where the Event Management widget on the Dashboard page was not properly sorting events based on criticality, ensuring accurate event prioritization.

Risk Management Share Button Fix: Fixed an issue where the share button was not working on the Risk Management page, enabling seamless sharing of risk information.

• Gap Analysis Export:  Now you can effortlessly export Gap Analysis questions and answers to Excel for further analysis and reporting.

User Invitations:  All users now have the ability to invite others to the Trust Portal, enhancing collaboration and user management.

Remediation Tracker Note Field:  Added a Note field for all remediations in the Remediation Tracker page, enabling better documentation and tracking.

License Management Tool Display:  Predefined tools names are now displayed in License Management, providing clearer insights into tool usage.

Risk Management IP Display:  Improved the display of IP ranges on the Risk Management page, especially when risks involve multiple assets.

Security Framework Icon Size:  Increased the size of Security Framework icon images on the Dashboard for improved visibility and usability.

Pagination Enhancement:  Moved the pagination component to the bottom of all pages, enhancing navigation and user experience.

Login Page Password Rules:  Updated the sign-up page to display password rules when the password field is in focus, ensuring users meet security requirements.

Rapid7 Site ID:  Corrected error messaging for Rapid7 site IDs, ensuring accurate troubleshooting and integration.

Consulting Hours Calculation:  Fixed a bug in the Engineering dashboard that was causing inaccuracies in consulting hours calculation.

Technical Information:  Resolved an issue that was blocking the creation of IP ranges and wireless networks in Technical Information.

• License Management:  Introducing the new License Management page, allowing seamless management of security software licenses. Keep track of current license utilization and receive notifications when usage approaches the limit.
• Top Events Dashboard Widget:  Added a new widget on the Dashboard page to showcase the Top 10 Security Events, providing quick access to critical security insights.

Gap Analysis Filter:  Enhanced the Gap Analysis page with a new filter by answer option, facilitating more granular analysis and streamlined navigation.

Wireless Networks:  Resolved an issue where Wireless Network details were not saving correctly, ensuring accurate data recording and management.

Risk Management Widget:  Fixed a bug where the statistics displayed on the Risk Management widget on the Dashboard did not match the data on the Risk Management page, ensuring consistency and reliability in reporting.

• Enhanced Security Awareness Monitoring:  We've expanded the Security Awareness page with two additional tabs, providing comprehensive insights into completion details for both Security Awareness Training and Phishing Campaigns. Now, you can easily track and analyze participant progress and engagement levels, empowering you to bolster your organization's security posture effectively.

Enhanced Remediation Tracking:  Track remediation actions directly within the Risk details pop-up screen, streamlining risk management by enabling seamless monitoring and documentation of remedial measures in one centralized location.

Efficient Risk Editing:  Editing risks is now simpler and more convenient with the newly added ability to edit risks directly from the Risk Management page. Swiftly update risk information, ensuring accuracy and agility in your risk management processes.

Expanded Gap Analysis Window:  Enriched the Gap Analysis window on the Dashboard to provide comprehensive insights into control status, enhancing your ability to manage risks effectively.

Framework Compliance Visualizations:  The Framework Compliance window now displays the logos of each framework directly on the Dashboard, offering a quick and intuitive overview of framework adherence. This enhancement facilitates better navigation and enhances the user experience.

Dashboard Aesthetic Improvements:  Various aesthetic enhancements have been made to the Dashboard, ensuring a more seamless user interaction and improving overall look and feel.

Risk Management:  Resolved an issue where the Discovered Date would incorrectly change after editing a Risk, ensuring data integrity and consistency in risk tracking.

Notifications:  Addressed an issue where text within Notifications was not displaying correctly, ensuring clear and accurate communication of important updates and alerts.

Event Management:  Fixed an API integration issue with Rapid7 that was impacting event details being displayed.

• Risk Management:  Introducing the new Risk Management page. Risks identified through Vulnerability Management scans and Attack Surface Management assessments are seamlessly integrated and will automatically populate the Risk Management page. Users can also manually create new risks as needed.  From this page, users can create and assign remediation tasks for identified risks.  Additionally, users have the ability to accept a risk, provide a business justification, and set an expiration date for the Risk Acceptance.

Dashboard:  Added new Top Risks panel that displays a company’s Top 10 Risks

Remediation Tracker:  Both User and Admin role types can now select multiple remediations to be Assigned or Resolved

Gap Analysis:  Integrated Control History to the Gap Analysis Questionnaire for an enhanced audit trail for tracking changes

User Invite:  Addressed an issue where new users invites were not being sent properly

Login: Fixed an issue where users with multiple companies were not being deactivated properly

• Release Notes:  Added new Release Notes icon that takes the user to the Release Notes page
• About:  Added new About link that displays the Trust Portal version and last update

Remediation Tracker:  Updated the design of the Remediation Tracker page for a better visual display

Remediation Tracker:  Made Owner Name an optional field when creating a New Remediation

Manage Users:  Added functionality for company admin to enforce the use of MFA on their users

Sign-Up:  A user can now sign-up without a phone number

Dashboard:  Fixed a bug where deleted remediations were not updating the Dashboard totals‍

Network Protection: Fixed a bug where Network Protection incidents were not displaying the correct date

Attack Surface Management:  Fixed a bug where assets were not populating in Attack Surface Management findings

Global - Fixed a bug where Redesign team members’ activity were showing as another company