SecHard

RELEASE NOTES

 

Vesion 3.6.1.20240729 - Released 2024-07-29

Features

  • Uploading benchmarks to the CIS portal

  • Adding WLC 9800CL Benchmark

  • Adding VMware Security Hardening Guides to vCenter vCenter

  • Adding Best Practices for Securing Active Directory benchmark

  • Software end of life control

  • Addition of Arabic language support with AI

  • Performing Pfsense firewall hardening guide operations

  • Adding a Server name field for LDAP

  • Timezone and volume setting moved to system settings

  • Fixing RDP, Console error messages

  • Assigning the clipboard feature in RDP, VNC, Console sessions with authorisation via user role

  • RDP audio off by default

  • Requesting only auth code on the login screen

  • Adding logout and reconnect buttons in PAM sessions

  • Sending timezone in RDP and SSH sessions

  • Increasing the limited number of lines of Console output

  • Moving request collection to session tickets collection

  • Adding the ability to send multiple files in RDP

  • Short cut options are optional and subject to role

  • Putting F11 as full screen button in RDP

  • Addition of PRTG Discovery feature

  • Removing version information from scripts

  • Adding Microsoft 365 hardening

  • Remediation and rollback with Windows GPO

  • Addition of SCCM discover feature

  • Adding Palo Alto 11 Benchmark

  • Panorama Integration - Discover - Hardening - Backup feature

  • Hardening in Openshift architecture

  • Openshift architecture integration

  • Addition of the Break Glass scenario

  • Adding Keepas import feature

  • Addition of Panorama Discover feature

  • Adding PAM-Sessions ALL feature to the role

  • Access via Openshift API and adding token feature

  • Correction of the Discover result page view

  • Creation of Security Dashboard report

  • Creation of Company Risk Score report

  • Creating the LDAP Active Directory Groups report

  • Ability to hide areas such as browser tab, login screen, bottom bar on the brand page

  • Creating an alarm in case of a change in Netstat output

  • Creating Backup Dashboard page, adding Backup Sessions Last 10 Points and Backup Sessions Last 10 Days widgets

  • Adding PAM Sessions Last 10 Points and PAM Sessions Last 10 Days widgets in PAM Dashboards

  • SSL key manager batch execute

  • Adding type, vendor, family fields to Exporter report

  • Display of EOL software on the software page

  • Adding the ability to add more than one e-mail address to the alarm / e-mail field

  • Creation of Lestencrypt cert renew recipient, systematic operation

  • Development of Fortigate vdom backup structure

  • Moving the user role page to the new table structure

  • Linux servers added with Discover Connection Methods SSH, Auth Method SSH

  • Keeping backup tftp files as a file on the database

  • Branding logo change main screen and addition of top left logo feature

  • Linux node exporter update

  • Adding Microsoft 365 hardening

  • Remediation and rollback with Windows GPO

  • Fortimail hardening guide operations

  • Receiving information of recipients with confirm message when assigning recipe group

  • Adding Remote app Remote Application Instructions clone feature

  • Reading smbv3 Turkish folder/file names

  • System Integration PAM - Cyberark page editing

  • Benchmark import/export feature

  • In LDAP Discover, windows servers come as server instead of domain controller

  • Including Description field in filters and table

  • Folder structure improvements

  • Security and self-control items can be selected in bulk config

  • Abolish internal messaging. External messaging via Redis

  • Default benchmark can be changed according to resources

  • Benchmark duplicate/copy feature

  • Cisco Switch, cisco router discarding notification of ntp clock-period X / ntp clock period X changes

  • Permit middleware should not do extra token verification

  • Entering the time-zone setting in SIEM integration

  • Displaying the desired user actions on the User Role resource session recording page

  • Adding sync date to asset manager info page

  • Sending System Event details to SIEM

  • PAM Connections breadcrumb should be moved to the component itself, root directory should be listed

  • Sources without connection methods are not displayed in PAM Connections ALL section

  • Moving Benchmark setting recipe associete page to new page

  • The ‘lock’ status of user accounts should also be taken, they should be unlocked and password reset should be possible regardless of verify status in windows

  • Resource DNS Lookup option is enabled by default but can be removed if desired

  • Ssl key manager deleting old certificates and giving information about which discover method they come from

  • Defining the default connection account for users of resources assigned to a role in the Resource <> Type association component

  • Granting User Role multiple authorisations

  • Forti Switch (FortiOS) hardening implementation

  • CK Network - Looking at the Extreme Switch Problem without Backup

  • Fortisiem installation

  • Database permission control during the hardening phase. Minimum authorisation requirement

  • Trellix EPO - EDR system integration

  • Establishment of the necessary infrastructure for the creation of the LLDP topology map

  • Making rdp/console connection with User Provided accounts

  • Adding the Trellix ePO Discovery feature

Bug Fixes

  • Auto Discovery LDAP Credential error

  • Display of AD Group on User Management page and AD special character filtering

  • ‘Import Ad Group Users’ remains ticked

  • Roles deleted or newly added without changing the page on the User Management page are not updated in the Add or edit user window

  • RDP connection closes on connection to active session with control

  • In RDP the sidebar should not stay on the image

  • Inability to use the mouse wheel fluently in drawing programmes

  • Proxy connections that cannot be terminated

  • Writing the primary account name after proxy problem

  • AltGr key combinations in English Windows

  • Polling condition under dispatcher (recipe-execution-module.run) is not satisfied if any subjob in Recipe Execution queue receives an error and does not update its status

  • Custom benchmarks should be migrated by default

  • Imported benchmarks should not be system benchmarks, system benchmarks are deleted in every migration

  • Making the connection method value editable in VMware resource types

  • Hiding the remediation button on hardening passive substances

  • Cannot open console session with Vault credential, credentials must be searched in correct collection

  • Hardening page filters are removed when action (remediation-rollback) is taken

  • vCenter verifies from 22 in the first addition phase, it should do it from 443

Version 3.5.0.20240114 - Released 2024-01-14

 

Feature

  • Changing the duration of the approval request request and sending it to terminate

  • Providing permanent proxy connections by creating Session Token

  • Adding "Show Users" button to AD Groups page

  • VNC multi-monitor support

  • LDAP Tree View view and adding Exclude option

  • Keeping the source information for mail and sms while synchronising accounts and not overwriting if entered manually

  • PAM Connections Default Account - separation as RDP and SSH

  • GUI Terminal display right side update

  • Optional display of the Sechard 2FA QR Code at the entrance

  • Automatic addition of LDAP username domain suffix

  • TTMesaj SMS provider integration

  • PAM - Private key in Account section can be made primary in Associete section

  • SecHard-Drive" drive to be named "Drive on SecHard"

  • AD user names should be case insensitive

  • AD users at the top level cannot be retrieved with lower level filtering

  • Adding the number of pieces in Discover dashboard

  • Pulling PaloAlto Firewall Asset information

  • Pulling Fortinet Firewall Asset information

  • WMI Exporter 0.24 update and update of Windows dashboards

  • Linux version control and automatic editing

  • ESXi version control and auto-editing

  • Adding dependency column on Account

  • Adding resource information in Licence Asset report

  • Adding Password generate example button

  • Adding Centos 7 asset manager sssd service

  • Windows resources added with AD Discover should also be checked in Domain controller type and added accordingly.

  • Adding hardening scores history recipe report

  • Adding hardening error information to the cake

  • Automatic page refresh when the source changes from the top right on the Dashboard screen

  • Adding resource information to Grafana OK alarm

  • Adjusting the theme black font setting

  • Triggering an alarm when the Licence Expiration Date reaches the specified date

  • In the Import from AD discover option, it should be possible to add the same name with a different name

  • Discovered Resource List Not Detechted resources can be exported

  • Replacing the licence restriction with a unique encrypted value generated by the system instead of the MAC address

  • Adding URL field information for printer devices and opening the web page when we say right button connect

  • CTRL focus on enter

  • Black app list application alarm

  • Production of compliance reports

  • Saving filters in the user's browser on the Recipe Settings page

  • Add TAG to Hardening Zone filtering section

  • Hardening diff recipe report

  • Adding Windows licences to the license page

  • Job Management job export report csv

  • Accessories, licence, componet export - import

  • Executive Summary Report should be added to the report page

  • Organisation of PAM Role page order

  • Resource - Created manually at Feb 23, 2023, 11:32:10 AM. Addition of Added by

  • Resource cloning

  • Adding recipes from the Hardening page to the recipe group

  • Showing PAM Account, Vault account changes in system event

  • Adding Asset Management Dashboard resources information

  • Removing the repeat feature in discoveries

  • Nginx auth method ssh defaulted should come

  • vCenter auth method API port 443 should come in default + migration

  • ESXi auth method API port 443 should come in default + migration

  • Switching from otp to password during login

  • Adding Recipe Group export - import feature

  • Adding the PAM Connection Tree View display feature

  • Adding User Management Bulk edit

  • Tag options at the top and check boxed and stack them on top

  • User role resourcelar is not added automatically Family option and the option to include newly added resources

  • In network devices, asset scripts should work in the first addition phase

  • PAM User multiple account mapping

  • Adding not contain property in Resources TAG column

  • Moving the default connection protocol option to resource. RDP for Windows Server, VNC for Windows Client, Console for Linux Server

  • Rule execution recipe addition delay feature

  • Passive - Self-control items to be added to all sources

  • Adding the Resource TAG option in the Rule section

  • Adding Highlight, Severity features to the Security page

  • Remote Application Arrangements

  • Adding dzdo su sudo option on servers with Linux Centrfy agent

  • Hardening score component arrangements, changing 'error' status to message only

  • The score we want is not included but also not deleted from the system

  • Organisation of the API Postman collection

  • Adding Vault hiden password

  • Only hardening scans should work in Resource Audit scan

  • Vulnerability scanning on Windows

  • Backup diff control

  • IP control from FQDN connectivity checker should only work on windows server, client, dopmain controller types

  • Only resource ip address should be checked in Windows Basic Authentication section

  • Scripting WinRM container job and using it in queue

  • Integration of Cisco Meraki

  • Preparation of CIS certification documents

  • Addition of Egypt Financial Cyber Security Compliance report

  • Addition of Information Systems Compliance report of banks

  • Addition of Natural Gas Distribution Sector Compliance report

  • Addition of Electricity Distribution Sector Compliance report

  • Adding Turkish language support in hardening reports

  • Adding KvKK Compliance report

  • Adding SecHard Compliance welcome report

  • Adding EMRA Compliance report

  • Addition of BRSA Compliance report

  • Adding the FISMA Compliance report

  • Adding NIST SP800-210 Compliance report

  • Adding NIST SP 800-207, Zero Trust Architecture Compliance report

  • Adding the CIS V7 Compliance report

  • Adding the GDPR Compliance report

  • Adding PCI DSS Compliance report

  • Adding HIPAA Compliance report

  • Adding SOX Compliance report

  • Adding ISO 27002 Compliance report

  • Adding ISO 27001 Compliance report

  • Development of Juniper OS v21

  • Cisco Wireless Contoller 8.0 will be eliminated and backup will be taken with TFTP

  • Adding Juniper SRX

  • Juniper v18 DB Operation and Hardening Controls

  • Checking Huawei switch default settings

  • Esxi 7.0 Benchmark Update v1.1.0 ---> v1.2.0

  • Addition of Linux Security feature

  • Control of restriction of Linux SSH accesses

  • Adding Windows Security

  • Control of restriction of Windows RDP accesses

  • Adding Windows 7 Benchmark

  • Adding Windows 8 Benchmark

  • Adding Windows 8.1 Benchmark

  • Windows Server 2008 R2 & DC Benchmark Update v3.2.0 -> v3.3.0

  • Checking Windows client service items and fixing errors.

  • Adding database operations to RDP Session Time Limit items

  • Windows Server 2012 R2 & DC Benchmark Update v2.4.0 -> v2.6.0

  • Addition of Meraki portal Cisco tightening benchmark

  • Adding ESXi 8.0 hardening guide

  • Best practices for Citrix - NetScaler MPX, VPX, and SDX security

  • Esxi 7.0 Benchmark Update v1.1.0 ---> v1.3.0

  • Esxi 6.7 Benchmark Update v1.2.0 ---> v1.3.0

  • Ubuntu 20.04 Benchmark Update v1.1.0 ---> v2.0.1

Bug Fixes

Pam connections not working

Powershell connections remain active even when closed. Unable to terminate.

TACACS password is not updated after LDAP user password change

OpenDiscover not working

When an account with password is converted to a type without password, the password should be deleted. Migration should be written for accounts in the collection.

When an account is deleted, it should be deleted from "system account"

Linux port 80 comes with VMware discover

Fixing Grafana 502 Bad Gateway e-mail problem

Wireless controller and load balancer resource types do not appear in schedule backup schedule jobs

No Resource Website asset information No details although IIS is installed in DHCP

When the role is cloned, the approvers are not copied into the new role, but all other settings are copied.

Resources added and resources deleted system events have no information about which resource it is

Asset movements do not appear in system event

Recipe does not give conflict warning with the same name

Multiresource bulk conf run throws 2 times

Install TightVNC Server recipe vpn password not coming up

When the counsellor requests approval, if we approve, the connection to the server is made without refreshing the page

Upgrade page came up twice.

Resources select all bulk config only gets 100

Security sub-recipes should not be displayed

Sources that are not hardening recipe should not come to queue. No recipe found Vcenter error.

Schedule job remains running

DATABASE server user queue password change is not written to account

Switch-Router cannot receive Banner lines

Palo Alto firewall asking yes/no after banner hardening

 

Version 3.5.0 - Released 2023-09-09

Features

  • Addition of editable mail template for 2FA QR code

  • Adding the Account Info Report Network Devices report - Account Info Report OS

  • Adding Active Directory Groups Last Sync Info information

  • When AD Group users are imported with the sync feature, the imported user type change is detected and the users in the system are moved to that type.

  • Addition of AD and LDAP discover OU restriction

  • Adding Asset Group Settings Critical High Medium Low values

  • Changing Asset scripts names

  • Adding Auth Method column as hidden to the right of Account column on Resources page

  • Adding CIS NGINX Benchmark v2.0.1 - 06-15-2023 to the system

  • Adding Compliance custom recipe

  • Editing the compliance overview page

  • Creation of compliance reports

  • Adding the Compliance page and creating the checklist structure

  • Organizing the compliance structure

  • Compliance, SAMA Addition of Saudi Arabian Monetary Authority Compliance report

  • Compliance, CIS v8 Addition of Compliance report

  • Compliance, addition of CMMC Compliance report

  • Compliance, ECC: SAUDI ARABIA'S ESSENTIAL CYBERSECURITY CONTROLS Adding the Compliance report

  • Compliance, creating severities in NIST compliance with AI

  • Compliance, NIST SP 800 - 53 Addition of Compliance report

  • Adding CTRL+v ^v character in Console connection

  • Adding Custom Vault and granting user-based permission

  • If the discovered resources have fqdn information, they should be able to save without ip

  • In the discovery phase, only Kerberos is tested, for windows platforms that are not members of the domain, Kerberos should be checked after Basic control in vmware and other discovery phases. Only Kerberos should be scanned from AD

  • Discovery Exist warning should be checked

  • Deleting MS Only recipients in Domains and DC Only recipients in Servers

  • Checking the default value in Recipe runs with Field

  • Addition of Fortigate Radius integration

  • Setting Fortinet Firewall Default Benchmark to CIS

  • Grafana Alertmanager integration

  • Moving Grafana rolls to code

  • GUI default Admin user first login password change

  • Receiving hardening diff report

  • Creating a baseline by comparing Hardening Recipe Group Resource. Having remediation and rollback options in the baseline.

  • Removing the list limit in the "Hardening Zone" section

  • Hardening, exclude / hidden recipients report with reason

  • Hardening, security cake % status display

  • Historical receipt of revision report in Hardware and Software asset information

  • Adding _cmdline-mode on account optional options during the first login phase in HP Comware5 1920 switches

  • Addition of Hyper-V Discover feature

  • Adding LDAP Discovery feature

  • Linux /tmp asset script delete and permission control

  • Adding HTML rendering in mail notification.

  • Main Dashboard - Hardening Highest Scores widget update

  • Metrics Recive Status data from queue

  • Adding navigation menu headings

  • PAM - Adding Account Associate TAG structure

  • Adding Source IP field to PAM session system event logs

  • Adding personal vault token expiration time to system settings

  • Adding Ping, Connection, Account, Last Changed information

  • Closing pop-up notifications after timeout

  • Immediate activation of changes in queue management

  • Preventing Radius AD Group Users from failing during caching

  • Making the Radius package ready for redhat, centos, oracle

  • Recipe Execution bug fixes and improvements

  • Adding polling to recipe execution queue job, eliminating race condition

  • Displaying as recipe group title bar

  • Shortening the refresh token duration and setting it to 12 hours

  • Saving the last value before remediation in the database, providing an option in rollback

  • Adding information about who deleted the resource deleted mail

  • After the resource is added, it should verify and queue

  • Adding note on Resource and showing it with popup

  • Send files to linux servers with SFTP / SCP

  • SFTP role should be disable by default

  • SIEM log improvements

  • SSH Key integration

  • Adding SSH key integration. Adding key generation, manual key fields.

  • Adding SSH key integration to PAM access.

  • Adding the machine name as a column in the TACACS Log section

  • Adding tftp server ip address field field.

  • Adding User Management Info information and user last session ip and date information

  • Addition of User Management user ip restriction and the ability to write more than one ip

  • Pulling Resource information in User role by looking at name group permissions. Automatic control for Administrators and Remote Desktop Group

  • Using Vault accounts in PAM Conncetion

  • Fixing null pointer error during VNC connection

  • Vulnerability OWASP ZAP Integration

  • Vulnerability Tenable Nessus integration

  • Adding the ability to add white list feature based on resource

  • Adding field and range information to Windows rollback recipients

  • Adding field and range information to Windows rollback recipients

  • Adding Test Path to Windows Server 2008 R2 Rollback commands

  • Adding Test Path to Windows Server 2008 Rollback commands

  • Adding Test Path to Windows Server 2012 R2 Rollback commands

  • Adding Test Path to Windows Server 2012 Rollback commands

  • Adding Test Path to Windows Server 2016 Rollback commands

  • Adding Test Path to Windows Server 2019 Rollback commands

  • Testing all items Bulk remedition, Confirm message, Service restart in Windows

  • Changing the name of Windows User Report to Resource User Report

  • Extending Database Operations on Windows

 

Version 3.4.0 - Released 2023-05-15

Features

  • Addition of Alert SMS support.

  • Addition of TOTP SMS support.

  • Adding Radius Server otp SMS support.

  • Windows Server 2022 Confirm Messages.

  • Addition of Hp Comware 5 support.

  • Queue backup jobs memory leak arrangement.

  • Discovery Exist warning should be checked.

  • Send files to linux servers with SFTP / SCP.

  • Organizing MS Only recipients in domains.

  • Organizing DC Only recipes on servers.

  • Addition of Personal Vault feature.

  • Addition of Custom Shared Vault feature.

  • Addition of PAM bidirectional Approval mechanism feature.

  • Using Vault accounts in PAM Conncetion.

  • Adding polling to recipe execution queue job, eliminating race condition.

  • Immediate activation of changes in queue management.

  • Recipe group feature has been added.

  • Recipe schedule feature has been added.

  • PostgreSQL 15 Hardening Benchmark has been added.

  • PostgreSQL 14 Hardening Benchmark has been added.

  • PostgreSQL 13 Hardening Benchmark has been added.

  • PostgreSQL 12 Hardening Benchmark has been added.

  • Added Docker CIS Compliance Hardening.

  • Putting Password and Account expire on the Alarm page.

  • Increasing the number of acceptable jobs in Bulk config.

  • Updating the Create Custom Recipe field field. Number of lines and width.

  • Feeding resource-asset name and hostname information from a single field.

  • Added Hardening Critical, High, Medium, Low levels in Web Browsers.

  • Added Hardening Critical, High, Medium, Low levels in Microsoft SQL Databases.

  • Added Microsoft SQL Server 2022 Hardening Benchmark.

  • Added Microsoft SQL Server 2019 Hardening Benchmark.

  • Microsoft SQL Server 2017 Hardening Benchmark has been added.

  • Microsoft SQL Server 2016 Hardening Benchmark has been added.

  • Microsoft SQL Server 2014 Hardening Benchmark has been added.

  • Microsoft SQL Server 2012 Hardening Benchmark has been added.

  • Microsoft SQL Server 2008 R2 Hardening Benchmark has been added.

  • Added Web Browser Google Chrome Hardening Benchmark.

  • Added Web Browser Microsoft Edge Hardening Benchmark.

  • Web Browser Mozilla Firefox Hardening Benchmark has been added.

  • RemoteApplication Auto Login feature has been added.

  • Service Password Change AD User feature added.

  • New Asset reports have been added.

  • Asset script structure and file names have been edited.

  • Cisco switch and router backup structure moved to tftp.

  • Docker swarm yml files have been updated.

  • Web upload feature has been added.

Version 3.3.0 - Released 2023-01-10

Features

  • Added Hardening Critical, High, Medium, Low levels to Windows servers.

  • Hardening Critical, High, Medium, Low levels have been added to Linux servers.

  • Hardening Critical, High, Medium, Low levels have been added to Switch, Router, Firewall resources.

  • Added Hardening Critical, High, Medium, Low levels to applications.

  • Azure Hardening Benchmark has been added.

  • Aruba Wireless Controller Hardening Benchmark has been added.

  • Aruba OS Switch WC Hardening Benchmark has been added.

  • RemoteApplication feature has been added.

  • Service Password Change feature has been added.

  • New Asset Monitor prescriptions have been added and listed on the dashboard.

  • Asset script structure and file names have been edited.

  • Cisco switch and router backup structure has been moved to tftp.

  • Docker swarm yml files have been updated.

  • Persistent Volumes moved to data folder.

  • Web applications were moved behind Nginx Proxy.

  • VNC install and uninstall packages were prepared and sent through the system.

  • WMI install and uninstall packages were prepared and sent through the system.

  • Web download feature added.

  • Improved TOTP support for SSH, Telnet, RDP.

  • Snmpv3 support was added in Discover module.

  • Added snmpv3 support in performance monitor module.

  • Hardening hidden rciples were only shown in hidden filtering.

  • Hardening excluded rciples were shown only in exclude filtering.

  • Windows Server 2016 Hardening Benchmark has been updated.

  • Windows Server 2019 Hardening Benchmark has been updated.

  • Windows Server 2022 Hardening Benchmark has been updated.

  • Windows 10 Hardening Benchmark updated.

  • Windows 11 Hardening Benchmark has been updated.

  • Added Turkish character support on Reason page.

  • Port page CSV export added.

  • It has been ensured that the port lists that have not been used for x days are mailed daily.

  • User Management Gender field combo box Male / Female feature has been added.

  • Asset pages moved to new page.

  • Sytem Event moved to new page.

  • CSV Export module has been improved.

  • The tag feature has been improved on the Resource page.

  • Tag structure added to Account page.

  • Rersources Bulk Update was enabled to be done from the CSV Import page.

  • Double-sided continuity (Job<->Discovery-methods) has been provided in Discovery jobs.

  • Log format and content updates were made in QRadar and Logsign SIEM options.

  • Multiple condition and multiple action features have been added in Rule settings.

  • SSL Certificate export to csv page, list and vulnerability report have been added.

  • Resource User Group report has been added.

Version 3.2.0 - Released 2022-11-15

Features

  • accessory asset checkin (95919a0)

  • accessory assets (13de248)

  • accessory assets checkout (e25c484)

  • add events on asset actions web (fc559b4)

  • add ip page on resource assets (8cdd00b)

  • api routes and pub sub functions (a21b52c)

  • asset dashboard permissions (c034055)

  • asset model links (04b75fd)

  • asset model settings (a80c55b)

  • asset routes (c04f513)

  • asset services (60868f2)

  • asset settings module (0071d98)

  • asset status component (6ea8975)

  • asset status links (47968b9)

  • asset status routes and model (247b78f)

  • category asset routes (8f238e9)

  • category asset settings and form pages (b832d3c)

  • checkout component assets (e692d29)

  • company asset settings (8bfe31a)

  • company links (70b8a90)

  • component asset checkin (6abdf86)

  • component asset checkin quantity (a744c28)

  • component assets components (f79dce6)

  • component assets routes and model (989d7c0)

  • create 'dns' asset script (2991c1b)

  • create 'route' asset script (9102475)

  • create 'software-key' asset script (9dc74d4)

  • create 'software' asset script (aa44ec2)

  • create 'user' asset script (4c011bc)

  • create 'variable' asset script (e274d93)

  • create benchmark.score and recipe.status models (a191f57)

  • custom asset checkin (ee7052c)

  • custom asset checkout (db43d4c)

  • custom asset permissions (0d6f21e)

  • custom assets (d0cf752)

  • custom hardening regex key higlight (8677136)

  • deaprtment links (e3ccfb4)

  • department asset list page and form component (b596bd9)

  • department asset model and api routes (ef06ecf)

  • department asset settings refs (afc2002)

  • domain controller scripts (f7d62c0)

  • domain controller scripts and recipes (adc01f8)

  • download needed audit files from sechard-api/files endpoint (0cb5a43)

  • hardening comparison reports (cc85545)

  • hardening executive summary report (233f20b)

  • hardening reports initial commit (64e61eb)

  • hide resource table when hardeing charts are selected (e969270)

  • huawei router (ef21c81)

  • initial custom assets (cf90aa0)

  • initial manufacturer-asset-settings (5bb9a5b)

  • license asset checkin (08e8cdc)

  • license asset checkout (b8ad5cf)

  • license asset page and form component (ecb5b65)

  • license assets routes and model (233e57c)

  • location asset refs (c156a32)

  • location asset settings page and services (316d134)

  • location asset settings routes and model (400b805)

  • location links (01e231e)

  • manufacturer asset links (94333cf)

  • manufacturer asset settings (1cfc338)

  • netstat paging (e7a9961)

  • partition page on resource assets (4e1c805)

  • people asset count fields (a286ed4)

  • people assets (93a4915)

  • people links (7a2766e)

  • reports page hardening resource filters (21ee079)

  • resource task page (5a120b4)

  • turk telekom hardening reports (5057235)

  • win processor scripts and recipes (7d6e434)

  • windows 'log' scripts and recipes (21c0c1b)

  • windows 'monitor' recipes (e6a9968)

  • windows 'monitor' scripts (a8c67b4)

  • windows 'netstat' scripts and recipes (c1e5a5a)

  • windows 'pagefile' scripts and recipes (26e2fb2)

  • windows 'service' scripts and recipes (e6a8747)

  • windows 'sound' scripts and recipes (f67e54f)

  • windows 'user groups' recipes (4eb1dc2)

  • windows 'user groups' scripts (04330bb)

  • windows bios monitoring recipes (eef0314)

  • windows bios scripts (a45a08c)

  • windows ip scripts and recipes (443cc09)

  • windows partition scripts and recipes (fe785c5)

  • windows task scripts and recipes (ecc7c2b)

  • windows video scripts and recipes api (23bf4b9)

  • windows video scripts and recipes queue (f7f5c39)

Bug Fixes

  • api shared-files (1ae95cb)

  • asset score (1ed0bf2)

  • backup operator (0f48d30)

  • blank asset score after recipe sync execute (6c16036)

  • check lenght on objects that are not arrays (19d1697)

  • hardening top menu item should show if custom hardening exists (75c0ef4)

  • hardening-reports (dd62351)

  • lint (a26a9a7)

  • lint (01fd4b9)

  • merge conflict (e0393ec)

  • merge conflict (1d5f8b7)

  • merge conflict (9c1b688)

  • merge conflict (675ea06)

  • queue recommended value (48dfb86)

  • queue resource toObject bug (53aa3d0)

  • queue windows 10 script paths (6b95b00)

  • recipe migration upsert recipes (04a1276)

  • remediation, rollback and audit score calculating on hardening page (2131cc3)

  • require is not defined on reports (0671826)

  • resource-edit (d7ee6ff)

  • score-cal (05f6d21)

  • set mongo image version to 4.4.6 (b9a52d1)

  • show 'highlight audit' button on 'Switch, Router' resource types (4152ba9)

  • show hardening top menu item if custom hardening exists (df345e7)

Version 3.1.0 - Released 2021-8-21

Features

Bug Fixes

Version 2.1.0 - Released 2020-12-5

Features

  • add active directory groups dropdown to user management page (5d2d7b3)

  • add benchmark tag field to hardening recipes (95a4367)

  • add CBDDO benchmark option to device hardening page (bebfe99)

  • add CBDDO benchmark option to export device hardening pdf page (945f844)

  • add CBDDO benchmark option to reports page (dd40f31)

  • add cbddo tag to windows hardening recipes (19f9c7f)

  • add default time-out field to system model (2dbe321)

  • add idle time-out setting to user settings page (63aa3a9)

  • add new created devices to prometheus targets.json (14f5309)

  • add ocr enable setting to system settings page (050f7ae)

  • add ocr setting to user module (1709186)

  • add ocr update endpoint (56f0d7b)

  • add patch and get routes for idle-timeout (be23c45)

  • add remote desktop permission field to user model (1b1a321)

  • add remote desktop to top menu items (29509fc)

  • add sechard_agent_ip field to system models (e4814c8)

  • add tag field to recipe model (f8cd12b)

  • add targets.json to prometheus.yml (5e02dca)

  • add windows and linux grafana dashboards (380e07a)

  • allow get requests to idle-timeout endpoint (0488974)

  • check if OCR is enabled before starting the OCR process (6ba702c)

  • get sechard_agent_ip from db or redis and set it as environment variable on queue worker (351eefc)

  • select tag field of the device recipe (3e3770e)

  • set sechard_agent_ip field on db (512d239)

  • show different icon when ocr is disabled and ocr is in progress (a6507e0)

  • show rdp or console buttons on devices list only if user has required permissions (f2e3902)

  • show remote desktop top menu item only if user has required permissions (5dfd4b0)

  • time-out idle users after a while (401485e)

  • ui enhancement on session records page (d17904e)

  • use cgroups to limit cpu usage to 25% (343291b)

  • winrm kerberos auth (4ccd43f)

Bug Fixes

  • 'Windows' devices bugs in queue (2ff09f6)

  • add else statement if writeFile fails (a26291b)

  • blank ad auths (0c25b3c)

  • catch EHOSTUNREACH error if ad is unreachable (b92a250)

  • cbddo client side filtering on export hardening page (99bcaea)

  • cbddo client-side filtering (4762f47)

  • cbddo client-side filtering on reports page (71e3146)

  • dashboard uids (5f83cfc)

  • delete unnecessary files from remote destkop (50cf5cb)

  • edit ad auth settings even if new password is not provided (50e1ac5)

  • group recipes by level on detailed and summary hardening report page (6a3a056)

  • handle remote desktop alarms and mails on api (7a85c53)

  • hide management and monitoring top menu items on firewall devices (00820b9)

  • if ocr is not enabled remove encoded files after conversion to .mp4 (7b842ec)

  • lint (437bf1a)

  • list devices and sort server-side on report page (eff9e4d)

  • local users missing password field (18907ff)

  • ng lint (d2c723f)

  • pingDevices handler.bind is not a function (d916328)

  • recipe queue concurrency option (b9bf804)

  • redirect to user types page when edit user types button is clicked on user management page (71bc07d)

  • remote desktop container logs (e4f9f93)

  • remove unnecessary model files (3caf95e)

  • select only timeoutseconds field from system (a70d482)

  • show remote desktop menu item on Windows devices (52c9fa9)

  • undefined recipeQueueCron (a1fc554)

  • update session time-out seconds from user settings (3c45ada)

  • update windows scripts (8d06be4)

  • when time-out ends log user out from any other open tabs (1e85915)

  • winrm connection & custom recipe (b42dfc4)

  • winrm device host (ed247e8)

  • winrm hostname (33e171b)

Version 3.0.0 - Released 2020-6-3 Priorities

Features

  • add status field to user model (02071d2)

  • add status route to update status on login (fd5d153)

  • add user login hours restriction option when creating and editing users (604ef4d)

  • add user online status and logged in duration on user management page (36347e2)

  • dashboard module (6945047)

  • front-end of uploading files to server (b521980)

  • upload files server-side (d57af4f)

  • user login hours restriction server-side (3d87e91)

  • add different conversion depending on color scheme setting (948ed0c)

  • add necessary fields and routes for color scheme setting (7d3dd9b)

  • add session record color scheme sytem setting (648a49d)

  • docker dashboards (153c288)

  • remote desktop session records OCR (e5186b8)

  • search session records by keyword using OCR (efe4893)

  • session record page encoding and ocr search progress (38e5bc0)

Bug Fixes

  • add control to check if login restriction is enabled before adding or editing a user (08a01ce)

  • dash scores (e63c3e7)

  • dash scores & queue bugs (17f2d0d)

  • Dashboard Exceeds maximum line length of 140 (52fc74f)

  • isOnline and isEnabled should be checked first on user management page (38df668)

  • users without status field should be listed as offline (394a95e)

  • do not complete job if 'command timeout' happens & undefined oldRunningConfig (9434f92)

  • downgrade ssh2shell package version & create job per device in update-devices queue (ab676b6)

  • enable rdp font smoothing (8ff7b00)

  • merge conflict (601c860)

  • recipe-queue update cron settings function (21c1c33)

  • security score top menu item not visible (cfe31de)

  • top menu items not showing on generic devices (2ef9b93)

SecHard