CIS-CAT Pro Dashboard v1.1.13
CIS-CAT Pro Updates
- Support added to facilitate import of configuration assessment results for CIS Benchmark VMWare ESXi 6.7.
- Updated Java requirements to indicate that Java 8.251+ is not supported.
CIS-CAT Pro Dashboard v1.1.12
CIS-CAT Pro Updates
- Multi-select configuration assessment report(s) for daily delete from database.
- In-Dashboard alerts will now occur for new versions of Assessor v4 Service.
- Full 2020 vulnerability definitions, downloaded from NIST, are now supported.
- Resolved error on target system delete when ad hoc assessment job records exist for deleted target.
- Documentation and Dashboard installer updated to support recommended location of import directories as residing in the Tomcat structure.
- User guide emphasizes requirement of direct internet connectivity when integrated with CIS Workbench and downloading updated NVD Data from NIST.
- Corrected key tool file path mentioned in Linux Deployment section in guide.
CIS-CAT Pro Dashboard v1.1.11
CIS-CAT Pro Updates
Ability to orchestrate a remote ad-hoc assessment for an individual target system with a selected CIS Benchmark.
Delete buttons, such as assessment report delete, will now only allow users to click once. Deletion is assumed "in progress" when the button is disabled.
IMPORTANT: To use the remote ad-hoc assessment capability, installation of CIS-CAT Pro Assessor v4 Service v1.0.0+ is required.
CIS-CAT Pro Dashboard v1.1.10
CIS-CAT Pro Updates
- Members now have the option to receive an in-application alert when a new CIS-CAT Pro release has been uploaded to CIS WorkBench. Requires some setup in Dashboard Setting menu to configure an integration with CIS WorkBench.
IMPORTANT: To receive new release alerts, make sure the application has the write privileges to ccpd-config.yml file.
CIS-CAT Pro Dashboard v1.1.9
CIS-CAT Pro Updates
- The result import process has been modified to decompress and import result XML reports from CIS-CAT Pro Assessor v4 when sent via the API. Compressed reports will be sent when the Assessor v4 property is set to compress result XML reports.
- The tag field on an individual target system is read only for users without the admin role.
- More emphasis added on required UTF-8 encoding set for Tomcat configuration.
- The supported version of Maria DB has been specified in the online documentation.
- More emphasis on the type of MS SQL server User required for Dashboard installation.
CIS-CAT Pro Dashboard v1.1.8
CIS-CAT Pro Updates
- Support for NIST vulnerability JSON data feeds version 1.1 including the latest information. Important: because of NIST XML Vulnerability Feed retirement, import of NVD feeds in XML format is no longer supported in the Dashboard.
- CIS Benchmark version number added to Configuration Exception Search, Individual Target - Configuration Tab, and Assessment Results List.
- New auto complete function displays existing tags for selection in the tag field in the Exception popup and Dashboard Tag Chart.
- Target system tag assignment is now only available to users with Admin role in individual Target screens.
- Target Search screen now allows other criteria combination when searching by primary ID.
- Dashboard Installer process now creates MySQL databases with UTF-8 character sets.
- Help text added to Linux installer process regarding import folder permissions.
- CIS-CAT Pro Dashboard Upload Report API defined. Located in Linux and Windows Deployment section as a subsection titled "Dashboard API."
- Manual instructions for MySQL database installation updated to include accommodation for UTF-8 character sets.
- Tomcat installation visual material now consistent with written instruction.
CIS-CAT Pro Dashboard v1.1.7
- Enhanced process for adding and removing tags to target system allows for updates in bulk vs. single target system updates. Available on the Target search screen only to users with admin role.
- Search by IPv4 IP range has been added to the Target search screen.
- New autocomplete function displays existing tags in the Target search screen tag field. Enter a space to show all tags.
- Target system deletion is now only available to users with admin role.
- Target System Identifier deletion, edit, and creation is now only available to users with admin role.
- Configuration and Vulnerability assessments deletion is now only available to users with admin role.
- Configuration assessment and difference reports now show "no collected data" in the assessment section of a recommendation when the result is 'unknown' or 'not selected'.
- Linux/Windows deployment introduction modified to clearly define CIS-Supported components required for Dashboard operation.
- Component documentation modified to indicate official support of Google Chrome web browser for CIS-CAT Pro Dashboard.
CIS-CAT Pro Dashboard v1.1.6
- Supports MacOS 10.13 CIS Benchmark.
- Updated, more consistent schema validation process upon vulnerability report import. Per existing functionality, reports failing validation will generate a Dashboard inbox alert and will be moved to the error directory.
- New users will be assigned ROLE_USER and ROLE_BASIC_USER on default upon creation.
- Updated vulnerability validation process on import of a Windows 10 vulnerability assessment from CIS-CAT Pro Assessor v4.
- Resolved error on configuration assessment report display when no evidence is collected.
- HTML reports display 4 digit Benchmark version numbers
- Dashboard and Assessor documentation configuration updated for tool integration. Instructions in the online Dashboard documentation is now more clearly defined by modifying some text and moving around sections of the instructions.
- Linux Deployment instructions enhanced. Many clients required additional information regarding legacy/import folder permissions and configuration.
CIS-CAT Pro Dashboard v1.1.5
- CIS Controls V7.0 support: For Benchmarks mapped to CIS Controls, users can view how recommendations relate to CIS Controls. See our upcoming blog to learn more.
- The CIS-CAT Pro Dashboard's HTML report has been modified in style to match the Assessor's HTML report for consistency purposes.
- For Dashboard Installer users, existing database settings will be detected and used instead of changed to CIS-CAT recommended settings.
- Oracle users upgrading from Dashboard versions prior to 1.1.3 will benefit from better database performance due to established indexing. Oracle users who have upgraded to Dashboard versions 1.1.3 or later to 1.1.5, will obtain the necessary indexes on upgrade.
- The Installer has been whitelisted with Symantec anti-virus.
- Resolved an issue for SQL Server users when drilling down on the Benchmark View chart.
CIS-CAT Pro Dashboard v1.1.4
- Installation and Upgrade Tool: A step-by-step embedded tool for the install/upgrade of dashboard that steps members through each process.
- Graphs Viewable With or Without Internet Connectivity: CIS-CAT Pro Dashboard can now display assessment results in a graphical form whether your application server is on or off-line.
- MySQL database driver replaced by Maria DB driver (increase performance). IMPORTANT: in ccpd-config.yml, "com.mysql.cj.jdbc.Driver" driverClassName needs to be replaced by "org.mariadb.jdbc.Driver". Can be done with the Installer or manually.
- Jobs run in succession (queue) to avoid simultaneous access to the database.
- Fixed reset password link and password expired redirection for users using a webserver.
- Fixed a bug when importing duplicate oval variables.
- Fixed a bug when importing benchmark front-matter and rear-matter xml elements.
CIS-CAT Pro Dashboard v1.1.3
- Implemented a Difference Report for comparing an assessment result with the previous assessment result.
- Added ability to delete individual Configuration Assessments and Vulnerability Assessments.
- Conversion abilities to convert existing data to the new data model.
- Added ability to attach existing vulnerability assessments to NVD data updated after the import of the assessment.
- Delete target systems Performance improvements.
- Added "Attach CVEs to Existing Definitions" button on the Vulnerabilities List. This will allow NVD data to be imported after vulnerability assessments.
- New Assessment Data Model which will offer performance improvements in: Import, Export, Delete functionality.
- Support for WebLogic appliction server
- automated database changes required when updating from a version prior to v1.1.2.
CIS-CAT Pro Dashboard v1.1.2
- Import Performance improvements.
- Implemented a new way to identify duplicate imports, to maintain a smaller and more accurate version of content, especially OVAL content.
- Fixed a bug with imports sometimes misidentifing duplicate target systems
- Fixed a bug with importing of older CIS content, such as AIX 6 results.
CIS-CAT Pro Dashboard v1.1.0
- CCPD can now except custom target system identifiers from CIS-CAT Pro Assessor. A custom element can be configured in CIS-CAT Pro Assessor to be passed to CCPD via the import functionality.
- Group Exceptions - you can now add exceptions to entire groups or sub-groups of recommendations
- Vulnerability Reports - you can now upload vulnerability reports from CIS-CAT Pro Assessor. These reports also have exception funcitonality like the configuration assessment reports
- Vulnerability Dashboard - you can view your vulnerability data over time using the Vulnerability Dashboard.
- NVD Data Import - you can now import CVE and CVSS information directly from the NVD. This data is used to support vulnerability report scoring
- Target System UI - redesigned to better present information, including the profile level of each asseessment result. added tabs for configuration results and vulnerability results.
- Improved performance on Complete Report and Remediation Report exports.
- fixed a bug from 1.0.5 where importing subsequent ARF files would create additional Target System records
CIS-CAT Pro Dashboard v1.0.5
- Added Title information to the alert dialog
- User Favorites - added a user favorites section where users can mark their favorite benchmarks or target systems. The Benchmark Dashboard and Target System Dashboard now use user favorites to display the options available for graphing
- Inbox UI Improvements
- added an All/Unread toggle to the User Inbox to easily view only unread messages.
- added orange text to unread tasks in the User Inbox, to provide a visual distinction from other types of unread alerts.
- added batch delete and mark read/unread to the User Inbox
- Exception workflow - added alerting to recipient list when an exception is approved/rejected. Previously the alert would just go to the requester, now it will go to everyone on the recipient list, which can be managed in the admin section
- added security to exception end dating to only allow ROLE_ADMIN to end date exceptions
- Exception End date alert - recipient list will be notified when an exception is end dated
- Target System Primary Identification customization - added ability to customize the primary identifier used for target systesms at an application level, and per target system. By default, hostname will be the primary identifier of all target systems, but you can now change to use another identifier type, such as fqdn, mac-address, or a custom identifier.
- fixed bug where CCPD would not run using SQL Server 2014
- fixed missing "Back" button on Target Systems Dashboarad when toggling between multi/single view
- fixed bug preventing deletion of target systems
CIS-CAT Pro Dashboard v188.8.131.52
- Device View Dashboard - you can now search by device, or multiple devices, instead of having them all listed.
- fixed bug where viewing assessment results would make the end time on the report 12:00am
- fixed an import bug where missing oval definitions would cause an import to fail.
CIS-CAT Pro Dashboard v1.0.4
- Alerting functionality
- users will now receive configurable alerts for: Test Results imported, Low Scoring Results imported, Errors importing Results
- Exception Workflow - when an exception is created it will go into a Pending status, and an task will be created to approve/reject the exception. this defaults to users with ROLE_ADMIN, but is configurable
- User Inbox - new inbox on the menu bar for alerts and workflow tasks
- Exceptions View on Test Results - a new view was added to Test Results to show all exceptions that apply to that test result in a single list.
- Exceptions by Target System - the target system screen now displays all exceptions that apply to that target
- Exceptions Search - you can now search for exceptions by: Target System, Tag, Benchmark, Dates
- User Tags - users can now be tagged, this allows for alerts to be sent to users by tag
- Role Tags - Roles can now be tagged, no current functionality is effected by this.
- Added hostname to the Target System Search, Remediation Report Search, Complete Results Search
- Added support for Oracle Databases
- Added Support for SQL Server databases
- Performance improvements for the import process
- CCPD software version now appears on the title bar
- Functional Area now applicable by action - the functional areas for security use to only be able to control access at the controller level, administrators can now control access at the action level, whichi is much more granular
- fixed vulnerability where a basic user could become an administrator
CIS-CAT Pro Dashboard v1.0.3
- Ability to Tag Users
- Ability to Tag Roles
- Ability to Search Users
- Profile selected added to the Assessment Results List and Assessment Results Search pages.
- Performance improvements on Assessment Result Importing
- Fixed concurrency issues when uploading and importing Assessment Results simultaneously
CIS-CAT Pro Dashboard v1.0.2
- Assessment Results Search page has been added to the Reports menu. Users can now search for assessment results by: hostname, date range, benchmark, and tags.
- Exceptions added in CCPD will now show in the HTML export document.
- Added guidance on the dashboard screens to explain the data.
- Months now appear by name instead of number on the Dashboard Graphs for improved readability.
- Added a rule to prevent duplicate assessment results imports.
- Added links to the CCPD User Guide, and The CIS WorkBench, in the main navigation menu at the top right of the application.
- Created an initialization service to process data fixes required for new releases, bypassing the need to manually run data scripts.
- Made search criteria modular so that criteria and new searches can be added to the system easier.
- Assessment Results List now uses a pre-calculated score, which improves performance.
- Assessment Result import/export processes now use the weight from the XCCDF rule-result element of the TestResult, instead of the rule element of the Benchmark.
- Made performance improvements to the Assessment Results View page.
- Users can now import assessment results from target systems with underscores in their hostname.
- Users can no longer access user functionality when unauthenticated.
- Dashboard scoring calculations to include recommendation weights and exceptions.
- All users are now assigned ROLE_BASIC_USER which allows access to user functionality: profile, forgot password, password reset.
- HTML export will now take the weight of a recommendation from the results rather than the benchmark, as the imported version could have different weights than the results.
- Users with ROLE_API can no loger be added to other roles on the Show Role Screen.
- Remediation Reports with no failed rules will now show a congratulatory message instead of a blank result.
- Assessment Results can now be imported concurrently
CIS-CAT Pro Dashboard v1.0.1
- Converted documentation to online documents available at: http://cis-cat-pro-dashboard.readthedocs.io
- Fixed issues with CIS-CAT Pro Dashboard running on tomcat v8.5.11 including:
- user/role administration dialogs not working
- dashboards not showing
- Fixed scoring inconsistency between the Assessment Results List, individual Assessment Results View screen, and the HTML export of the assessment results. The inconsistancy was the result of weighting of recommendations and exceptions added to recommendations
CIS-CAT Pro Dashboard v1.0