- 3 Minutes to read
Release Notes - July 2021
- 3 Minutes to read
1. SAFE is now SOC2 Type 1 certified
This certification assures SAFE customers and prospects that we are taking all of the steps necessary to keep their data safe on the cloud, thereby protecting them from damaging breaches.
Furthermore, we are working to get the SOC2 Type 2 certification for SAFE in the coming months.
2. Reduction in outside-in assessment duration by 100%
The third-party assessment capabilities have been enhanced to complete the third-party scans within 30 seconds for Quick Scans. Additionally, the following enhancements are added:
- Improved notification upon initiation of the third-party scan
- Duplicates in some IP-based controls have been removed
3. Custom Fields for People, Technology, and Third-party
Custom Fields functionality allows users to add additional metadata required for prompt identification, reporting, and analytics. Earlier, SAFE allowed adding Custom Fields limited to Assets only.
With this release, we have re-engineered the Custom Fields functionality of the SAFE application that allows users to add the custom fields for People, Technology, and Third-party.
Users can now create the custom field from Administration > Settings > Custom Fields.
4. Confidence Metric for Verticals - SAFE Scoring 2.0
SAFE uses the Bayesian Network model to quantify the cyber risk on a scale of 0 to 5 and also provides a confidence grade (Low, Medium, and High) that helps users assess the comprehensiveness of the signals provided to the model vs what the model needs. With this release, SAFE displays the Confidence grade for each vertical on the vertical details page.
5. Breach likelihood of Assets
To determine an organization’s risk appetite, users should understand the breach likelihood associated with their SAFE scores. Therefore, SAFE now displays the breach likelihood percentage for each of the assets.
6. Sign-in to SAFE Me via Google SSO
In addition to supporting Azure AD for SSO, this release also allows users to sign in to SAFE Me using their GSuite enterprise credentials.
7. Assessment support for 3 additional AWS Services
In addition to the 55 supported AWS services, SAFE can now do the assessment of the below mentioned AWS Services:
- AWS - API Gateway Stage
- AWS - MSK Cluster
- AWS - App Mesh Virtual Nodes
8. ‘Applicability’ is now called ‘Asset Type’
We have renamed the term ‘Applicability’ to ‘Asset Type’ across the product. The term Asset Type is widely accepted in the industry. Now users can see the Asset Type column on the technology vertical details page.
9. New addition to supported AWS Regions - London and Bahrain
SAFE now supports hosting data in the London (UK) and Bahrain (Middle-East) regions of AWS. This is in addition to the already supported US, Germany, India, Australia, and Singapore regions. Click here to read more about Data Residency in SAFE.
10. Resolve conflict while re-onboarding the AWS Accounts
SAFE now can detect and highlight the AWS accounts which were already onboarded as credentials type and again re-onboarded via Assume Role as conflicts.
Now users can resolve these conflicts right from the SAFE UI. Users can click the Resolve Conflict button and update their preferences as Assume Role or Credentials Type.
11. Observation Tab on Technology Control Page
A new tab titled “Observations” has been added to the Controls Details page to display the details on the assessment.
12. Autofill Password while Signing-in to SAFE Me iOS app
We have released an updated version of the SAFE Me iOS app with the following enhancements:
- While Sign up, now your iPhone automatically creates and stores a strong password for the SAFE Me app. However, users can also choose their own passwords.
- While Signing-in to the app, users can fill the password in a single tap using the Password autofill feature.
- For better security, we have implemented a forced change password policy for the SAFE Me app. SAFE Me app now asks you to change passwords regularly. This functionality is also available in the SAFE Me web application.
13. Configuration Assessment support for new Asset Types
Starting this release, users can onboard and perform configuration assessments of the following asset types:
- RedHat 8.x
- Big IP 14.x
- Aruba IAP 205
- HPE - ArubaOS Switch - 16.x
- HPE - ArubaOS Switch - 11.x
- FortiOs Vdom Support for 4.x, 5.x, and 6.x