Release Notes

Calendar Widget: Implemented a new calendar widget for improved visualization and navigation, now displaying counts for risks and licenses when clicking on respective rows.

‍Dashboard: Updated the Risks widget to display the count of expired risks.‍

Security Awareness Training: Improved the UI in the Security Awareness Training module to resolve inconsistencies and enhance the overall user experience.‍

Manage User: Relocated user management from the Company Settings to the newly added "Identities" menu, featuring the "Trust Portal Users" tab for better accessibility.

Remediation: Resolved an issue where domain names were not displayed in lists and popup titles.

Manage User: Fixed the MFA Status filter to function correctly. Updated the action text in the dropdown menu for users to improve clarity.

Risk: Resolved an issue where the Asset label was displayed in the "View" and "Add Risk" pages, but not in the "Edit Risk" page.

Due Date: Removed the extra box that appeared in validation error messages related to due dates.

Calendar: Implemented a new calendar page for efficient scheduling and planning.

Login Authorization OTP:  Introduced a mechanism to limit One Time Password requests and temporarily block accounts after exceeding the request threshold.

Due Date Configuration: Added a configuration page for customizing remediation due dates.

Remediation Module:  Introduced a due date field in the remediation module for enhanced time management.

License Model Design:  Updated the design of the license model for improved clarity and aesthetics.

My Account:  Standardized the phone number format in the My Account section.

Event Display Format:  Improved the display format of auto-created events from third-party integrations in the Risk, Remediation, Events, and License History sections.

Remediation Widget:  Fixed an issue where the numbers displayed in the remediation widget were inaccurate.

My Account Active Services:  Resolved an issue where not all active services were displaying. The My Account section now accurately shows all active services.

Remediation Sources Filter:  Fixed an issue where the sources filter did not display all domains correctly.

Status Filters Functionality:  Resolved an issue with the “uncheck all” functionality for status filters, ensuring it works as expected.

Risk Creation: Implemented the ability to automatically create risks from User Management for users who have not logged in for 90 days, enhancing proactive risk management.

Left Navigation Bar: Updated the left navigation bar with new icons for improved usability.

User Time Zone Display: Removed the display of user time zone where local time is shown, simplifying the user interface.

Remediation Tracker: Improved user experience by increasing the size of the remediation tracker and displaying full-service names instead of abbreviations for clarity.

Remediation Check-All Checkbox: Adjusted the size of the "Check All" checkbox in the remediation tracker, making it more visually distinct when checked.

Consulting Hours Graphics: Added "no data" graphics for consulting hours on the Reports page's Consulting Hours tab when JIRA is not integrated, providing a more informative display.

My Account Improvements: Enhanced the "Edit Phone Number" modal to reset the number when the modal is closed without saving changes, preventing unintended modifications.

General Page: Updated the Company Account - General page for better organization and presentation of information.

Integrations Page Update: Updated the Company Account - Integrations page’s tool descriptions to improve clarity and understanding.

User Management: Updated the MFA filter option to include "Enabled" and "Disabled" options, providing greater flexibility in managing user accounts.

Login and MFA: Resolved issues related to the login screen displaying pre-sign-in attempt errors and incorrect error messages on the MFA page.

Login Cache Issue: Addressed a cache issue that caused unexpected behavior during login.

Audit Log Date and Time Fixes: Fixed an invalid date error that occurred when clearing the date filter in audit logs and resolved a discrepancy between the time displayed in the UI and the time shown in the downloaded CSV from audit logs.

Audit Logs: The Audit Logs tab now provides a history of user activity related to remediation and company management changes.

Audit Log Download Feature: Added the ability to download audit logs for further analysis and record-keeping.

Cybersecurity Tool Integration Steps: Steps for integrating Cybersecurity tools have been added to the onboarding process, enhancing user guidance during setup.

Sticky Table Headers: Table headers for the Reports, Policies, Assets, Licenses, Tools, Company Account, and Technical Information pages are now sticky at the top during page scroll, improving user experience and navigation.

‍Updated UI for Company Settings: The General and Integration pages in Company Settings have been updated for improved usability.

‍Filter Clearing Functionality: In Reports, Events, Risks, and Audit Logs, clicking “Clear Filter” now removes all selected filters, enhancing usability.

Correct Login Time Display: The correct login time is now displayed in User Management.

Remediation Asset Details Saving: Fixed an issue where remediation created from User Management was not saving asset details. This issue has been resolved, and asset details are now correctly saved.

Optional Recommendation Field: The recommendation field is now marked as optional in the “Create Remediation” form from the Assets page.

Deletion of Remediation Linked to Risk: Fixed the issue where remediation was not being deleted when the associated risk was deleted. Remediation is now automatically deleted when the risk is removed.

Event Time Change History Display: Fixed the issue of not showing the history for event time changes. The correct time is now displayed.

User Management Page:  Added a User Management page with integration to Microsoft Entra (Azure AD), streamlining user administration. This page provides visibility into key fields such as Asset, Tool, Last Check-in, Last Login User, IP Address, MAC Address, and Status. With this information, customers can easily identify users who have not logged in for an extended period or those who are no longer employed but still have access, enhancing security and management oversight.

Audit Logs:  A new Audit Logs tab has been added to the Company Management page, providing a comprehensive history of user activity for security and compliance purposes. This feature enhances accountability by tracking key actions such as inviting users, editing user details, and enabling/disabling MFA.

Sticky Table Headers:  Table headers for the Remediation, Events, and Risk pages are now sticky at the top during page scroll, improving user experience and navigation.

Dashboard Loading Experience:  The dashboard will initially load widgets with skeleton screens and will re-render them once the data is ready, providing a smoother user experience.

Consistent Naming:  The "Source" and "Service Name" fields have been renamed to "Cybersecurity Domain" and standardized throughout the product.

Auto-Submission for One-Time Passwords (OTP):  The form will now auto-submit upon entering the complete OTP, and the entered code will automatically clear when the "Resend New Code" button is clicked.

‍

Inactive Status Color:  The inactive status color has been changed to red across the product for consistency.

Remediation Status Update:  The status will now display as “Risk Accepted” if a created remediation is deleted and an expiry date exists, instead of changing to “Not Started” as it did previously.

‍

Event History Viewing:  Users can now view the history for each event, providing a comprehensive audit trail for improved tracking and transparency.‍

Company Logo Management:  Users can now add, edit, and delete the company logo directly from their company account, enhancing personalization and branding options.

Enhanced History Views:  New history views have been introduced for Risks, Remediations, and Licenses, offering detailed insights and better historical tracking.

Page Visibility Updates:  The Penetration Testing, Vulnerability Management, and Attack Surface Management pages are now hidden, simplifying the user interface and focusing on core functionalities.

Create Remediation Option for Deleted Assets:  Fixed an issue where the “Create Remediation” option was not available for deleted remediations in the Assets page, allowing users to create new remediations as needed.

‍Auto-Updating Risk Summary Counts:  Summary counts on the Risk page now auto-update without requiring a page refresh, enhancing data accuracy and user experience.

‍Data Mismatch in Phishing Simulation:  Resolved a data mismatch issue between the Phishing Simulation section on the dashboard and the Phishing Campaign section on the Security Awareness page.

‍Negative Values in Licenses:  Corrected an issue that allowed the entry of negative values in license fields, ensuring accurate and valid license data.

Feedback and Feature Requests:  Users can now provide feedback or request new features via the Help Center, facilitating improved communication and feature development.‍

Dashboard Customization for Admins:  Company Admins can now customize the dashboard to meet their specific needs, enhancing user experience and operational efficiency.‍

Asset Remediation Tracking:  Users can now track created remediations for Assets using the “Open Remediation” option on the Assets page.

Risk and Remediation History:  The history for Risks and Remediations now includes the date of creation, providing a more comprehensive audit trail.‍

Events Card Redirection:  The Events card on the dashboard now redirects to the selected criticality list on the Events page for easier navigation and management.‍

Create Remediation for Bulk Risk Operations:  Removed the unnecessary history tab during the creation of remediations for bulk risk operations, streamlining the process.

Navigation to Specific Risks and Remediations:  Resolved an issue where navigation from the Compliance page to specific Risks and Remediations was not functioning correctly.‍

Company Name Display for Assignees:  Fixed an issue where the company name was not displayed for assignees on the Remediation list page.‍

Tags List in Remediation Form:  Fixed an issue where the tags list was not displaying correctly in the “Create Remediation” form for Events.‍

View Risk Display:  Corrected issue with displaying invalid dates and blank users in the View Risk section for Unaccepted Risks.

Service Integration Management:  Company users can now manage service integrations directly within the Trust Portal.

‍New License UI Modal:  Introduced a new License UI modal that supports viewing license history and uploading copies of license contracts, enhancing license management capabilities.

Risk Modal Enhancements:  Users can now view the acceptance status and expiration time for accepted risks directly in the Risk modal.

‍JIRA Integration Category:  Added a “Project Management” category for JIRA on the Integration page, improving integration organization.

‍User Time Zone Visibility:  The time zone of users is now visible in the Remediation and Risk modals, facilitating better scheduling and communication.

Attack Surface Management Counts:  Resolved an issue where Attack Surface Management counts now accurately match the associated Risks.

‍Rapid7 InsightVM Data Fetching:  Fixed an issue where data fetched from InsightVM now properly resolves risks and their corresponding remediations.

‍Risk Widget Display:  Updated the Risk widget on the dashboard to show only open risks, excluding resolved risks from the count.

‍Checkbox Issue on Risk Page:  Fixed an issue where unchecking a checkbox on the Risk page was not functioning correctly.

False Positive Marking:  Users can now mark Events and Risks as False Positive, allowing for better management and filtering of data.

‍Risk Tagging:  Added functionality for users to tag Risks, including support for bulk tagging, enhancing risk categorization and organization.

Updated Sidebar Icons:  The icons in the sidebar have been updated for improved clarity and visual appeal.

‍Summary Sections:  Added summary sections to the Risk, Assets, and Events pages for a concise overview of key information.

‍Event Widget UI Update:  The Event Management widget on the Dashboard has been updated with a new user interface for a more streamlined and intuitive experience.

Track Remediation Link:  Fixed an issue where the Track Remediation link in Events now properly opens the related remediation directly.

Microsoft Defender Integration:  Integrated Microsoft Defender into the Events and Tools pages, enhancing security monitoring capabilities directly within the Trust Portal.

Auto-Populate License Utilization Data:  Automated the population of license utilization data for Darktrace, improving accuracy and efficiency in license management.

Enhanced Risk Filtering:  Users can now filter Risks by Discovered Date, enabling more precise risk management and analysis.

Sorted Display of Risk Data:  Risk data will now be displayed in sorted order: by Criticality (High, Medium, Low), Status (Not Started, In Remediation, Risk Accepted, Resolved), and then by Discovered Date (descending order), improving usability and clarity.

Dashboard Risk and Remediation Counts:  Added total Risk and Remediation counts on the Dashboard for quick overview and management insights.

Compliance Search Enhancement:  Enhanced compliance search capabilities by allowing search by question number and question text, facilitating easier navigation and audit readiness.

Reset Password Error Messaging:  Improved the error messaging for the Reset Password link to display proper messages upon expiry, enhancing user experience and clarity.

Remediation Creation Issue:  Resolved an issue where users were unable to create remediation for assets if the old remediation was deleted, enabling seamless remediation management.

Bulk Risk Operation Fix:  Fixed an issue preventing users from performing bulk risk operations across different pages, allowing users to create, accept, and create remediation for risks across pages seamlessly.

Location Activation/Deactivation Error:  Fixed an error where activating or deactivating a location without facilities resulted in an error, ensuring smooth functionality.

Pagination Navigation Fix:  Fixed an issue where actions performed on pages other than page 1 would navigate the user back to page 1, ensuring users remain on the same page after any action on risks.

Invite Management Enhancements:  Added functionality to reset passwords and send reminder emails for pending invites, improving user management efficiency.

New Risk Widget Summary View:  Implemented a new Risk Widget with a summary view for quick insights into open and accepted risks.

Darktrace and Rapid7 Tools Integration:  The Tool Management page now directly pulls data from Darktrace and Rapid7, streamlining tool management and enhancing data accuracy.

Enhanced Vulnerability Scan Integration:  Improved integration for vulnerability scans, now supporting both internal and external vulnerability scan site IDs from Rapid7 on the integration page.

Risk and Remediation Notifications:  Users will now receive notifications for creating, updating, deleting risks, and creating remediations from risks, improving visibility and responsiveness in risk management.

Phishing Campaign Prone User Counts:  Rounded up prone user counts in phishing campaigns for clearer reporting and analysis.

License Page Updates:  Vendor and tool names on the License page are now updated based on service selections, ensuring alignment with service configurations.

Session Management:  Fixed session issues where sessions were not properly deleted on logout, enhancing security and user session management.

Empty Company Management Page Graphics:  Added graphics to improve the visual representation of empty pages in company management, enhancing user experience.

Bulk Asset Deletion Fix:  Resolved an issue with bulk asset deletion where users were unable to perform bulk deletes after cancelling a bulk delete operation, restoring full functionality for asset management.

Introduced Auditor Role:  We have added the Auditor role, enabling designated users to audit policies and compliance within the Trust Portal.

Dashboard Tools Widget:  Added a Tools Widget on the Dashboard page for a quick overview and easy access to essential tools.

Tools Page Summary View:  Changed the UI for the Tools page to include a Summary view, enhancing user experience and data presentation.

Event Page Search Enhancement:  Users can now search by Event name on the Events page, improving efficiency in Event Management.

Manual Vendor and Tool Name Population:  It's now possible to manually populate Vendor Name and Tool Name fields, providing greater customization and accuracy in License Management.

Risk and Remediation Page Filter Issue:  Fixed an issue where filter values on the Risk and Remediation page would become empty on page refresh, ensuring consistent data display.

Accepted Risks Validation:  Restricted the acceptance of already accepted risks, preventing users from accepting risks multiple times.

Resolved Remediation Link Issue:  Fixed an issue where resolved remediations could not be opened via the track remediation link from the Risk page, improving remediation tracking functionality.

License Page Input Validation:  Updated the license page to only accept valid numbers in the license number field, enhancing data integrity and accuracy.

Remediation Error Message Enhancement:  Improved error messaging for remediations when users attempt to save without assigning an assignee, ensuring clarity and completeness in remediation management.

Security Awareness UI Fix:  Fixed a UI issue in the Security Awareness page where the last row was previously cut off, ensuring all content displays properly for improved usability.

• Asset Management:  Introducing Asset Management, empowering users to efficiently manage their IT assets within the Trust Portal.
• Integration with NinjaOne:  We're excited to announce a new integration with NinjaOne for IT Asset Management, providing enhanced capabilities and flexibility for managing your IT infrastructure.

• Risk Management Audit History:  Added an audit history tab in the Risk Management modals, enabling users to track and review changes made to risk assessments with greater transparency and accountability.
• PDF Document Upload in Policies:   Users can now add PDF documents to the Policies page, enhancing document management capabilities and providing a centralized repository for policy-related materials.
• Admin Password Reset Capability:  The Admin user role now has the ability to reset user passwords, streamlining password management processes and providing administrators with greater control over user access and security.
• Attack Surface Management Widget Design:  Improved the design of the Attack Surface Management widget when shrunk to 1 column, ensuring a seamless and visually pleasing user experience.

• Risk Management Criticality Flag Colors:  Fixed an issue on the Risk Management page where the criticality flag colors were incorrect, ensuring accurate and consistent representation of risk severity.
• Policy Creation Error:  Resolved an error on the Policies page where creating a policy from a template resulted in an error. The issue occurred when selecting "View From Template" and then saving without making changes. The fix ensures policies are saved as drafts as expected.
• Remediation Tracker Page Display Issue:  Fixed an issue on the Remediation Tracker page where, when no search results were found, it incorrectly displayed "1 of 0" page count and inconsistent spacing between filters and search components. This fix improves the consistency and accuracy of page display in such scenarios.

• Security Information & Event Management Integration: Endpoint Detection & Response (EDR), Network Detection & Response (NDR), and Security Information & Event Management (SIEM) are now integrated into the Security Information & Event Management page. Gain visibility of all security events on a single page for faster response and remediation.

• Event Management Manual Creation: Added the ability to manually create a Security Event, empowering users to proactively manage security incidents.
• Cybersecurity Tool Name Display: Added cybersecurity tool names to the Event Management details, providing clearer insights into security tool usage.
• License Management Calendar Enhancement: Improved the calendar in License Management to enable easier selection by month and year, enhancing usability and navigation.
• Technical Information Field Streamlining: MFA and IDS/IPS are no longer required fields for applications, streamlining the application process for users.
• User Notifications for Mandatory Fields: Added notification pop-ups to inform users when mandatory fields are not completed, ensuring data completeness and accuracy.
• Left Navigation Bar Simplification: Renamed Gap Analysis as Compliance, Event Management as Events, and Risk Management as Risks, simplifying navigation and aligning terminology for clarity.

• Event Management Widget Sorting: Resolved an issue where the Event Management widget on the Dashboard page was not properly sorting events based on criticality, ensuring accurate event prioritization.
• Risk Management Share Button Fix: Fixed an issue where the share button was not working on the Risk Management page, enabling seamless sharing of risk information.

• Gap Analysis Export:  Now you can effortlessly export Gap Analysis questions and answers to Excel for further analysis and reporting.

• User Invitations:  All users now have the ability to invite others to the Trust Portal, enhancing collaboration and user management.
• Remediation Tracker Note Field:  Added a Note field for all remediations in the Remediation Tracker page, enabling better documentation and tracking.
• License Management Tool Display:  Predefined tools names are now displayed in License Management, providing clearer insights into tool usage.
• Risk Management IP Display:  Improved the display of IP ranges on the Risk Management page, especially when risks involve multiple assets.
• Security Framework Icon Size:  Increased the size of Security Framework icon images on the Dashboard for improved visibility and usability.
• Pagination Enhancement:  Moved the pagination component to the bottom of all pages, enhancing navigation and user experience.
• Login Page Password Rules:  Updated the sign-up page to display password rules when the password field is in focus, ensuring users meet security requirements.

• Rapid7 Site ID:  Corrected error messaging for Rapid7 site IDs, ensuring accurate troubleshooting and integration.
• Consulting Hours Calculation:  Fixed a bug in the Engineering dashboard that was causing inaccuracies in consulting hours calculation.
• Technical Information:  Resolved an issue that was blocking the creation of IP ranges and wireless networks in Technical Information.

• License Management:  Introducing the new License Management page, allowing seamless management of security software licenses. Keep track of current license utilization and receive notifications when usage approaches the limit.
• Top Events Dashboard Widget:  Added a new widget on the Dashboard page to showcase the Top 10 Security Events, providing quick access to critical security insights.

• Gap Analysis Filter:  Enhanced the Gap Analysis page with a new filter by answer option, facilitating more granular analysis and streamlined navigation.

• Wireless Networks:  Resolved an issue where Wireless Network details were not saving correctly, ensuring accurate data recording and management.
• Risk Management Widget:  Fixed a bug where the statistics displayed on the Risk Management widget on the Dashboard did not match the data on the Risk Management page, ensuring consistency and reliability in reporting.

• Enhanced Security Awareness Monitoring:  We've expanded the Security Awareness page with two additional tabs, providing comprehensive insights into completion details for both Security Awareness Training and Phishing Campaigns. Now, you can easily track and analyze participant progress and engagement levels, empowering you to bolster your organization's security posture effectively.

• Enhanced Remediation Tracking:  Track remediation actions directly within the Risk details pop-up screen, streamlining risk management by enabling seamless monitoring and documentation of remedial measures in one centralized location.
• Efficient Risk Editing:  Editing risks is now simpler and more convenient with the newly added ability to edit risks directly from the Risk Management page. Swiftly update risk information, ensuring accuracy and agility in your risk management processes.
• Expanded Gap Analysis Window:  Enriched the Gap Analysis window on the Dashboard to provide comprehensive insights into control status, enhancing your ability to manage risks effectively.
• Framework Compliance Visualizations:  The Framework Compliance window now displays the logos of each framework directly on the Dashboard, offering a quick and intuitive overview of framework adherence. This enhancement facilitates better navigation and enhances the user experience.
• Dashboard Aesthetic Improvements:  Various aesthetic enhancements have been made to the Dashboard, ensuring a more seamless user interaction and improving overall look and feel.

• Risk Management:  Resolved an issue where the Discovered Date would incorrectly change after editing a Risk, ensuring data integrity and consistency in risk tracking.
• Notifications:  Addressed an issue where text within Notifications was not displaying correctly, ensuring clear and accurate communication of important updates and alerts.
• Event Management:  Fixed an API integration issue with Rapid7 that was impacting event details being displayed.

• Risk Management:  Introducing the new Risk Management page. Risks identified through Vulnerability Management scans and Attack Surface Management assessments are seamlessly integrated and will automatically populate the Risk Management page. Users can also manually create new risks as needed.  From this page, users can create and assign remediation tasks for identified risks.  Additionally, users have the ability to accept a risk, provide a business justification, and set an expiration date for the Risk Acceptance.

• Dashboard:  Added new Top Risks panel that displays a company’s Top 10 Risks
• Remediation Tracker:  Both User and Admin role types can now select multiple remediations to be Assigned or Resolved
• Gap Analysis:  Integrated Control History to the Gap Analysis Questionnaire for an enhanced audit trail for tracking changes

• User Invite:  Addressed an issue where new users invites were not being sent properly
• Login: Fixed an issue where users with multiple companies were not being deactivated properly

• Release Notes:  Added new Release Notes icon that takes the user to the Release Notes page
• About:  Added new About link that displays the Trust Portal version and last update

• Remediation Tracker:  Updated the design of the Remediation Tracker page for a better visual display
• Remediation Tracker:  Made Owner Name an optional field when creating a New Remediation
• Manage Users:  Added functionality for company admin to enforce the use of MFA on their users
• Sign-Up:  A user can now sign-up without a phone number

• Dashboard:  Fixed a bug where deleted remediations were not updating the Dashboard totals
• Network Protection: Fixed a bug where Network Protection incidents were not displaying the correct date
• Attack Surface Management:  Fixed a bug where assets were not populating in Attack Surface Management findings
• Global - Fixed a bug where Redesign team members’ activity were showing as another company