Release Notes - January 2025

Release Notes

• Release Notes - April 2025

• Release Notes - March 2025

• Release Notes - February 2025

• Release Notes - January 2025

Release v4.1.97

January 27, 2025

1. SAFE Outside-In as Integration

Outside-In card has been added under Integration that can now be configured. Having this Integration adds flexibility to enable or disable Outside-In assessment for Enterprise groups.

2. CAIQ v4.0.3 Questionnaire support

SAFE now supports CAIQ v4.0.3 for the Third Party module.

3. Ability to select Attack Surface categories

This feature is available as Early Access to select customers. SAFE now enables customers to define the Attack Surface Types for Smart and Static Groups, facilitating better risk assessments by manual selection of additional attack surface categories.

4. Assisted Onboarding Enhancements

We've made the onboarding process for third-party organizations faster and easier. Now you can quickly search for any organization and populate important details like industry and revenue right away.

5. Default Questionnaires for Third-Party Organizations

We're excited to introduce a new feature that allows you to set default questionnaires for third-party organizations. This enhancement lets you:

Custom Selection: Choose specific questionnaires that third-party organizations should fill out, reducing the clutter of irrelevant options.

6. Ability to add Multiple Countries of Service Delivery

Third-Party now supports Multiple Countries of Service Delivery.

7. Threat Center Update

This Release we have added below threat Intel

• 148 new Threat Events were added to the Threat Center between Jan 8th to Jan 21st.

• 19 new CVEs are now marked as exploitable.

• 86 new security incidents have been added to SAFE for Breach Notification.

• 97 new findings from sources like Wiz, GCP Security Command Center and other integrations have been mapped to CAM controls.

• MITRE ATT&CK framework updated to v16.1 in SAFE.  

8. Highest and Lowest Maturity Control Widgets

The “Highest and lowest Maturity Control” widget has been added to effectively use Dashboard for reporting.

9. Other Changes

• Finding Score’s new layout for ease of readability

  We have redesigned Finding Score’s layout to enhance readability.

• Assessment Review optional for Questionnaires

  SAFE provides administrators the ability to disable the manual review step for questionnaire assessments. When this feature is enabled, the review process is skipped, and control assessments from questionnaires proceed directly, streamlining the overall workflow.

• Increase upload limit of Questionnaire

  Questionnaire upload size has been increased to 50 MB.

Release v4.1.96

January 13, 2025

1. Out-of-the-box (OOTB) Dashboard and Template updates

We’ve made key updates to our dashboard and templates to improve your experience:

• Consistent Naming and Tags: All widgets now have a uniform naming system and proper tags for better organization.

• Updated Dashboards: Key dashboards like the CISO Dashboard, CFO Dashboard, Top Risks Dashboard, and Board Report Dashboard have been refreshed with the latest widgets.

2. See What Changed

• Improved Visuals: We've made the "See What Changed" feature look better by using a tree diagram. Now, you can easily compare past and current information to see changes at a glance.

• Additional Details: You can click to explore all sections for deeper insights.

3. Enhanced Tanium Integration

SAFE Tanium integration has been improved to pull in vulnerability data for endpoints directly from the Comply module. This enhancement helps you easily access and manage vulnerability information, improving your security monitoring and response efforts.

4. Improved SOC2 PDF Report

The SOC2 reports can now better handle both custom and standard control IDs. This means more CAM controls related to SOC2 reports will be evaluated, giving you a clearer picture of your assessments.

5. Dynamic TEF Toggle for Risk Scenarios

We have extended the existing functionality that allows you to turn off Dynamic Threat Event Frequency updates for your risk scenarios. You can now also manage these updates for Initial Attack Method (IAM)-None and IAM-Any scenarios in addition to other risk scenarios. This enhancement makes it easier to tailor your TEF settings according to your specific risk management needs.

6. Threat Center Updates

• 106 new Threat Events were added to the Threat Center between Dec 25th to Jan 7th.

• 27 new CVEs are now marked as exploitable.

• 657 new security incidents have been added to SAFE for Breach Notification.

• 79 new findings from sources like Wiz, Prisma Cloud, Microsoft Defender for Cloud and Qualys Policy Compliance have been mapped to CAM controls.

• 13 new Threat Actors are added to the Threat Center, bringing the total to 120.

7. Miscellaneous Enhancements

We're dedicated to enhancing your experience, and we've made some important updates based on your feedbacks:

1. Control Mapping Review Setting

   We have introduced a new setting to allow your users to skip the CAM control mapping review steps when answering a questionnaire.

2. Country of Service Delivery

   You can now select multiple countries when specifying the country of service delivery.

3. Enhancement of “Top Controls” Widget for Groups

   The “Top Controls” widget has been improved to provide better information for groups.

4. Residual Risk for Risk Scenarios

   We’ve added a feature to show residual risk for Risk Scenario based on the configured risk threshold of the group.