Product Releases

Made by software engineers for software engineers, CyberSana is an open book.

Browse our product release notes for a detailed history of the development of our
software that is changing the game in cybersecurity.

CURRENT GA (customer upgrades included in support)

3.0

 

Updates:

 

Search enhancements
– Resolve uppercase hostname search capability
– Added accounts as a metadata search field
Increase nanoprobe robot allotment from 1 to 20 audit checks at a time
Add backup partition usage pie chart
Resolved page display issue with latest boolean flag
Increased default password algorithm character length from 12 to 14
SSH button
– Upgrade the SSH terminal emulator
– Increased the terminal width length
Add Unable to identify and unable to connect devices to the Passwords and Devices tiles
All columns are now sortable in all screens
One-click copy to clipboard added to the Static Storage area
Rename Secure Storage to Static Storage

 

PREVIOUS VERSIONS:

 

2.6 

Updates:

 
Add advanced Check Point information to inventory report
Automatically expand the accordions when we search
Add new arbitrary device groups to the default admin view automatically
Allowed for weighted scores
– Per rolled up facet
– Passwords
– Audits
– Backups
– Per device
– HA devices have the same weight
Support for explicit Cisco enable and Check Point expert accounts
Introduction of a help section
Resolved bug with deleting devices we were unable to identify
Enhanced device error code status
Attach multiple quick display at a per device level
– Status (Green or Red)
– Passwords score
– Audits score
– Backups score
– Device level score
Enabled selinux with install

2.5

Updates:

 Notify user if PKI SSL certificate is not present
– removed SSH button from view
Updated weekly SOTU email to Monday mornings
Resolved issue with license updates
Added error message when a group, resource or item name already exists in Secure Storage area
Hid two-factor delivery methods when two-factor authentication was disabled for user
Separated Device from Passwords and moved to top menu navigation
Devices now display advanced info on top of basic
– IPS
– IPS profile
– SNMP enabled
– VPN enabled
– Uptime
– Serial number
– # of CPUs
– Memory
– Comment
Updated verbiage in progressive reveal form from ‘Complete Audit’ to ‘Full Audit’ for clarity
Separated SMS and email two-factor nonce routines for availability
Resolved incorrect hyperlink IDs in the audit check history report
Fixed handlers down the stack for backup files
Display files in the repository more eloquently to the user
Fixed the ability to restore a deleted user
User authentication
– force entropy into zxcvbn
– allow for a trusted computer
– only trust one computer
– re-establish trust every 90 days
Switch password font to Consolas
Removed input validation constraint from mass static password update field
– Added compatability disclaimer
Updated search API to include Check Point MDS Domains
Introduced device lock – one nanoprobe bot per device
Check Point device information gathering enhancements
– Accounted for multiple highly available management servers
– Accounted for multiple highly available log servers
– Resolved Check Point product number to display number mapping issue
– Gather IPS profile name
– Pull policy name
– Record policy install date and time
Update Check Point serial number command
Previous:

dmidecode|grep "Serial Number"

New:

dmidecode|grep "Serial Number" |grep -Ev "Serial Number: Not Specified|Serial Number: None"

Enhanced auto-device identification for ScreenOS
– ScreenOS uses the get vrouter command

2.4

Updates:

 Introduction of Secure Storage
– Store static accounts (vendor and internal websites, certificate passphrases, API keys)
Check Point Management Domain Server support
– Auto device identification
– Auto account identification
– Auto domain identification
– Display all domains in WebUI
Change SMTP username and password fields from required to optional
Add + symbol on dashboard overall score tile for user navigation to group scores
Navigational enhancements for Backups tile
Resolved inability to change operand in audit item
Enhanced email validation to accept vanity TLDs

2.3

Updates:


SOTU – Weekly state of the union summary emails
Dual random administrator password export
Notification Center
Accounts removed outside of software
Relaxed input validation for audit checks – Added additional identifier for uniquely defined audit checks
Resolved permissions bug for auto-identification of Cisco firewalls
Ensured default tomcat configuration was overwritten for performance
Added input validation for filetype when uploading logo
Updated file permissions accordingly with setuid
Shored up confirmation dialog box across tiles for device deletion
Adjusted process flow for non-recurring scheduled items to exclude end date step
Expanded column width for backup date
Added manually refresh to dashboard score
Updated to new date picker for identical user experience
Cisco
– Increased SSH wait seconds when sending enable password

2.2

Updates:

SSH button enhancements
Resolved device editing restraint with and without comments present
Download all approved audit checks from the cloud upon installation
Added new administrator process step to initial setup wizard
Incorrect backup score calculation when device has not been backed up in a sub-group
Fixed issue when adding a new device to multiple groups, it loses access to the ‘All Devices’ group
Update typo in audit logging
UX changes to Global Operations
– Audit breadcumbs adjustment
– File repository delete button progressive reveal enhancement
– Added schedule job history with the ability to edit a previously ran job
– Broke out ‘Mass Update’ into ‘Transfer Files’ and ‘User Input’
Check Point
– CPMI root user discovery enhancement
– Highly available cluster information updates
– Resolved extraneous postfix “user” in automatic account discover for SPLAT
JunOS
– allow for account management from superuser account
– Change from commit and-quit to commit when saving changes
Introduction of device operation statuses for nanoprobe bot
– IDLE
– DIRTY
Performing Backups
– Check Point Gaia
– Check Point SecurePlatform (SPLAT)
– Check Point IPSO
– Cisco ASA
– Juniper ScreenOS
– Juniper JunOS
Device information gathering enhancements
– Juniper JunOS uptime display formatted
– Juniper ScreenOS memory and CPU
– Check Point Gaia memory and CPU
– Check Point SPLAT memory and CPU
– Check Point IPSO memory and CPU
– Cisco ASA memory and CPU

2.1 

Updates:

Added hourly device availability health check
Resolved password history account state issue
Device information refresh set to 7 days from original discovery date
Account information refresh set to 1 day from original discovery date
Hash out old passwords in the log files when updating
Reduce two-factor SMS nonce timeout from 120 minutes to 10 minutes
Add cool verbiage for two-factor SMS
Encrypt all session cookies
Encrypt all sessions
Invalidate sessions if user closes browser
Increase dashboard load times to under a second
Force user password rotation every 90 days
Add mitigate links to individual audit checks
Move multiple dashboard items to make more sense
Added SMTP setup process step to initial setup wizard
Re-engineered all progressive reveal forms
Audit check qualifiers
– High availability
– Check Point management
– IPS enabled
– Running VPNs
– SNMP enabled
– Auto-cascade software version
– Auto-cascade hardware version
Device information gathering enhancements
– Juniper JunOS IPS, SNMP, and VPN status
– Juniper ScreenOS SNMP, and VPN status
– Check Point Gaia IPS, SNMP, and VPN status
– Check Point SPLAT IPS, SNMP, and VPN status
– Check Point IPSO IPS, SNMP, and VPN status
– Cisco ASA IPS, SNMP, and VPN status
Cisco
– Resolve HA account display issue
Check Point
– Updated onboarding order of operation to Device ID => Gaia => Management Server => Account Discovery for CPMI root user
– Gaia change shell to expert and log back in to continue discovery
– Split Gaia into All, R77 and above and R76 and below qualifiers
RedHat Linux support
– Auto device discovery
– Auto account disovery
– Add/update/remove accounts
– sudo “root” access
CentOS Linux support
– Auto device discovery
– Auto account disovery
– Add/update/remove accounts
– sudo “root” access

2.0

Updates:

Ability to mass update accounts to a static password
Added user command input feature
Added file transfer via SCP feature
Resolved auto-complete/search function rendering issue
Resolved memory leak bug for crypto functions
Resolved stalled password updates for accounts with previous null passwords
Insert status categories for display in audit homepage
Move from open/close carets to +/- for accordions
Resolved user attribution issue when submitting audit requests
Reporting
– Add audit check history report
– Fix technology shank in ‘Access Audit’ and ‘Mass Update’ reports
Baseline Security Audit Feature
– Update command output in audit to text area to capture multi-line output
– Introduce ‘Mitigate’, ‘Ignore’ and ‘Recheck’ buttons for individual audit items
– Created default audit checks
– NTP, DNS, Management IPs, Timezone, domain name and login banner
– Check Point
– SecurePlatform (SPLAT) wasn’t auto-identified with crypto library updates

1.2 

Updates:

Change spinning logo from gif to css
Lock down web server to only permitted IPs controlled by user

1.1

Updates:

License restriction
Introduce SSH button feature
Add an alternative phone number for the user two-factor
Additional accordion level for drill-down navigation
Pop-up window account name identification
Check Point
– Added mapper to translate hardware shortcodes to model numbers
– Removed regex ‘/’ string from hardware model
– Moved to stricter commands for OS identification
Juniper
– Massaged output for ScreenOS hostname, serial number, software vesion, hardware model and uptime

1.0

Initial MVP!

Auto-discover device types
Auto-discover administrator accounts
Add/update/delete administrator accounts
Resolve pen test results
– cron expression injection
– multiple sql injection
– XSS for elevation
– username enumeration
– Implement CSRF

Request a Demo

Fill out the form below and we'll get in touch via email.
We look forward to talking to you!
Thank you! We'll be in touch.
Oops! Something went wrong while submitting the form.
Top ^