Release Notes - Oct 2021
  • 2 Minutes to read
  • PDF

Release Notes - Oct 2021

  • PDF

Automated Phishing campaign result import from KnowBe4 using APIs


We had the functionality to manually upload the exported data from the Phishing platforms like KnowBe4 and import the per campaign user-specific details to SAFE. Now, SAFE seamlessly integrates with KnowBe4 and pulls the Phishing results at pre-defined intervals, eliminating the need for manual data uploading.

You can configure KnowBe4 in SAFE via APIs from Administration > SAFE Hooks > Assessment Tools.

New High Impact Control - SSH shell for ESXi must be disabled


A recently-concluded investigation by Sophos into a Ransomware attack revealed that Python Ransomware script targets VMware ESXi server for encryption. Taking a quick lesson from this attack, we have added the control “SSH shell for ESXi must be disabled” as a High Impact Control in SAFE. 

Info
High Impact Controls in SAFE are the critical set of controls that are more likely to be exploited by attack groups.

Control Gaps table for First-party and Third-party


Now, you can drill down further from third-party pages to see the list of assets (Domains/IPs) failing for each control. The Gaps table lists additional details such as Port, CVE, exposed services, and many more to help triage the gap.

Note
These details were available only in the PDF reports earlier. We bring all available assessment details to the SAFE UI with this feature.

Consistent timezone in SAFE


SAFE had a known issue for displaying different timezones at multiple places within the application. We have fixed that issue, and now SAFE consistently displays the date and time across the application as per the configured timezone. All the graphs and score trends in SAFE display time as per the configured timezone. You can see the configured timezone for your SAFE instance at the footer of the SAFE UI.

 


One-click filter to view Failed Controls on the Third-party report card


Want to see only the failed controls for a Third-party? We have made it easy with a single-click option. A new drop-down button with options as “All Controls” and “Failed-Controls” has been added to the report card of Third-party and First-party.

Miscellaneous


  • Following the AWS security recommendations, we have deprecated the functionality of onboarding the AWS accounts using Credentials. All the AWS accounts onboarded to SAFE using credentials must be re-onboarded via Assume Role method. 
  • The system only accepts the Site Coordinator URLs starting with “HTTPS” while configuring the Site-Coordinator Gateway. This ensures that fully qualified URLs are used during the setup, instead of just the domain names.
  • To provide a better user experience, SAFE now displays the previous assessment results for first-party and third-party when the new assessment has started but not been completed.

Was this article helpful?