RELEASE NOTES

Version 3.6.3

Features

Bug Fixes

Version 3.6.2.20250325 - Released 2025-03-25

Features

Migration of Weblogic Server dashboard to the overall dashboard
Hardening improvements with Panorama support
Displaying alarms and warnings when publication of sample web pages is blocked in Web Content Monitor
Android MDM integration
Merging folder, asset group, asset location, and tag relationships under the same structure for assets
Adding 'resource creation date' and 'resource creation method' as optional fields in the resource list
Preserving the previous status when an 'error' is detected during status changes
Using FQDN value if available in database native client connections
Making the Connectivity Sync job triggerable for a resource (ping, port, credential check)
Ensuring that assets selected as VNC-only are also visible on the RDP page
Adding DNS Discovery method
MISP CTI integration
USOM CTI integration
Tenable SC+ integration
SentinelOne Deception System risk data collection integration
Displaying the account name in the session ticket list
Integration of Cisco Catalyst (DNA) Center v2.3.7
Adding a web scanner context page
Integrating vulnerabilities detected in Advanced Scanner scans into asset-risk
Monitoring content integrity of web pages, detecting changes, and generating alerts
Bizzy Asset Discovery integration
Adding Netstat Asset PDF Report
Defining nmap parameters to be used during instant discovery
Adding OS Information and Benchmark Name to the Hardening Observation report
Managing XSOAR incident structure as a ticket integration
Creating a PRTG discovery method using Passhash and Password
Adding FortiGate, SQL Server, SecHard Overall, Up-Down Grafana dashboards, and Up-Down alert
Filtering XSS-containing inputs in PAM Command creation and editing
Adding severity information to hardening reports
Developing a report containing information about folders and associated resources
Developing Windows DNS Monitoring and Hardening
Updating RedHat 8 Benchmark from v2.0.0 to v3.0.0
Adding Juniper Router Benchmark
Updating RedHat 9 Benchmark from v1.0.0 to v2.0.0
Adding export-import functionality for all risk setting values
MongoDB 4 Hardening Benchmark v1.0.0
Using domain suffix as the domain during RDP with AD
Retrieving email sender information from system settings
Prioritizing risk assessment results based on risk scores
Consolidating the notification structure to listen to all events from a single source and determine notification types accordingly
Standardizing event data structure
Retrieving the real-time status of specific services based on resources
Disabling server certificate recording in RDP Proxy
Calculating and displaying risk scores based on threat analysis
Adjusting dashboard variables and migrating them to the overall dashboard
Migrating FortiGate dashboard to the overall dashboard
Adding an exclusion option for FQDNs in Discovery Methods
OpenText uCMDB PAM integration
Separating Executive Summary, Comparison, and Statistics menus from the reports permission
Adding Radius Vendor Specific Attributes and Message-Authenticator fields
Adding FQDN and OU-based exclusion options in Discovery
Tagging devices based on Discovery method
Displaying Threat and CTI scores on the company risk score page
Exporting mRemoteNG-compatible Session Ticket CSV files
Logging session key logs for RDP Proxy
Reducing CPU consumption by initiating encoding of RDP Proxy video files in passthrough mode
Sending an alarm when a prohibited word is detected in Session Logs
Providing more detailed information on the Risk Score pages
Migrating IIS Server dashboard to the overall dashboard
Migrating MSSQL dashboard to the overall dashboard
Generating alarms and sending emails based on real-time up/down status of specific services
Migrating vCenter dashboard to the overall dashboard
Adding Grafana overall dashboard
Updating Node Exporter version
Migrating SNMP Exporter dashboard to the overall dashboard
Updating VMI Exporter version
Allowing users to add Generic Resources and select authentication types
Applying Self-Question items in bulk configuration
Improving the performance of Security Zone Dashboards by creating database views
Migrating Postman Reporting, Key Manager, and Syslog Private APIs, and making necessary changes
Adding F5 TMOS as a Web Application Firewall (WAF)
Adding IBM WebSphere Liberty Benchmark
Adding IBM AIX 7.2 Benchmark
Adding Oracle Database 19c and 18c Benchmark
Adding Lenovo Switch Benchmark
Adding Redis Benchmark
Upgrading Mongo Service to version 6.0.18
Adding Juniper Firewall v2.1.0 Benchmark
Adding Brocade Switch Benchmark
Adding CIS Kubernetes Benchmark v1.9.0
Adding alarm functionality in RemoteApp sessions
Separating Remote App and PowerShell log deletion times
Supporting multiple file downloads/uploads and folder uploads via SFTP
Adding an option to append a domain to usernames when importing Radius accounts
Adding Expiring Certificates Mail to the alarm page
Enabling renaming of user information for Linux machines in SecHard Resource List
Adding sechard.sh commands:
- Deleting Docker images (sechard image -d)
- Checking for updates (sechard image -c)
- Updating an image (sechard update -u <image>)
Adding Vault Certificate Import feature
Generating a Mac Addresses Report
Adding IBM AIX system support and creating a user password change recipe
Supporting new Ubuntu 22.04 images
Integrating Trellix EPO - EDR systems
Preventing unnecessary migration executions by checking script changes during queue startup
Adding 'Duplicate As' feature for Custom Benchmarks
Expanding Database Discovery to include web servers
Fixing Fortinet SSH Login issue caused by Prompt-based account verification
Adding Cisco Firepower Threat Defense Hardening
Allowing different report formats on the Reports page
Updating Portainer container to version 2.21.0
Integrating Trellix ePO Discovery and PRTG Discovery
Implementing FortiMail hardening guide tasks

Bug Fixes

Displaying the sizes of Proxy session logs on the Database Maintenance page
Default risk scores should not be written when risk score parameters are not entered during Resource CSV import
Detection and correction of MacOS False-Positive items
Revision of Advanced Scanner (OpenVAS)
Fix for OS Exporter auto-select issue
Detection and correction of FortiGate False-Positive items
Fixing Juniper firewall checks
A Windows resource added via instant discovery not appearing in the PAM connection menu
System email and sender details being ignored in OTP emails
Fix for export error of SSH sessions created via Proxy
Unable to search in Session Logs on the PAM Sessions page
Fix for passwords not being visible or copyable on the TACACS and RADIUS Credentials page
Unable to download Proxy sessions
When a session ticket is issued, clicking the three dots on the PAM page does not initiate any connection
Windows devices added via Discovery should be displayed on the PAM connections page
"Resource on/off" notification template error
Modification of Show Log XML monitoring script
Fixing Oracle 19c benchmark errors
Fixing hardening items containing Default Web Site on IIS servers
Secret Key should be retrieved from the config file using Docker secret
Forcing Docker secret key change during installation
Fix for Windows User Right Assignments items appearing as inactive
Removing the timeout duration for RDP Proxy
Fixing the issue where unauthorized users could access resource and account details via API
Resolving the error encountered when generating a firewall policy report
Fixing error encountered when editing an account
Standardizing resource-removed & resource-edit alarm email templates
Creating service alarms
Fixing Redis event subscription issue caused by migration index synchronization failure during update
Fixing the issue where AD synchronization fails if a remote session account is registered
Fixing "Account details BSON too large" error
Fixing error encountered when editing a CyberArk account
Fixing issue where the Show Server Info script was not running
Increasing the repeat_interval duration of Grafana alarms from 4 hours to 12 hours
Fixing an issue where the password reset job was skipping password resets
Fixing an issue where the base filter information was not being used when editing Active Directory settings
Fixing the issue where the shortcuts button was visible in RDP even when permission was not granted
Fixing an issue where a newly added resource could not be verified with a private key
Fixing an AD Group sync error
Fixing an issue where RDP-Console connection could not be established with a Vault account
Optimizing the query after selecting "select-all" on the User Roles > Resources page
Preventing password changes without entering a new password during account password change
Displaying the number of resources that could not be added due to verification failure during Discovery

Version 3.6.1.20240729 - Released 2024-07-29

Features

Uploading benchmarks to the CIS portal
Adding WLC 9800CL Benchmark
Adding VMware Security Hardening Guides to vCenter vCenter
Adding Best Practices for Securing Active Directory benchmark
Software end of life control
Addition of Arabic language support with AI
Performing Pfsense firewall hardening guide operations
Adding a Server name field for LDAP
Timezone and volume setting moved to system settings
Fixing RDP, Console error messages
Assigning the clipboard feature in RDP, VNC, Console sessions with authorisation via user role
RDP audio off by default
Requesting only auth code on the login screen
Adding logout and reconnect buttons in PAM sessions
Sending timezone in RDP and SSH sessions
Increasing the limited number of lines of Console output
Moving request collection to session tickets collection
Adding the ability to send multiple files in RDP
Short cut options are optional and subject to role
Putting F11 as full screen button in RDP
Addition of PRTG Discovery feature
Removing version information from scripts
Adding Microsoft 365 hardening
Remediation and rollback with Windows GPO
Addition of SCCM discover feature
Adding Palo Alto 11 Benchmark
Panorama Integration - Discover - Hardening - Backup feature
Hardening in Openshift architecture
Openshift architecture integration
Addition of the Break Glass scenario
Adding Keepas import feature
Addition of Panorama Discover feature
Adding PAM-Sessions ALL feature to the role
Access via Openshift API and adding token feature
Correction of the Discover result page view
Creation of Security Dashboard report
Creation of Company Risk Score report
Creating the LDAP Active Directory Groups report
Ability to hide areas such as browser tab, login screen, bottom bar on the brand page
Creating an alarm in case of a change in Netstat output
Creating Backup Dashboard page, adding Backup Sessions Last 10 Points and Backup Sessions Last 10 Days widgets
Adding PAM Sessions Last 10 Points and PAM Sessions Last 10 Days widgets in PAM Dashboards
SSL key manager batch execute
Adding type, vendor, family fields to Exporter report
Display of EOL software on the software page
Adding the ability to add more than one e-mail address to the alarm / e-mail field
Creation of Lestencrypt cert renew recipient, systematic operation
Development of Fortigate vdom backup structure
Moving the user role page to the new table structure
Linux servers added with Discover Connection Methods SSH, Auth Method SSH
Keeping backup tftp files as a file on the database
Branding logo change main screen and addition of top left logo feature
Linux node exporter update
Adding Microsoft 365 hardening
Remediation and rollback with Windows GPO
Fortimail hardening guide operations
Receiving information of recipients with confirm message when assigning recipe group
Adding Remote app Remote Application Instructions clone feature
Reading smbv3 Turkish folder/file names
System Integration PAM - Cyberark page editing
Benchmark import/export feature
In LDAP Discover, windows servers come as server instead of domain controller
Including Description field in filters and table
Folder structure improvements
Security and self-control items can be selected in bulk config
Abolish internal messaging. External messaging via Redis
Default benchmark can be changed according to resources
Benchmark duplicate/copy feature
Cisco Switch, cisco router discarding notification of ntp clock-period X / ntp clock period X changes
Permit middleware should not do extra token verification
Entering the time-zone setting in SIEM integration
Displaying the desired user actions on the User Role resource session recording page
Adding sync date to asset manager info page
Sending System Event details to SIEM
PAM Connections breadcrumb should be moved to the component itself, root directory should be listed
Sources without connection methods are not displayed in PAM Connections ALL section
Moving Benchmark setting recipe associete page to new page
The ‘lock’ status of user accounts should also be taken, they should be unlocked and password reset should be possible regardless of verify status in windows
Resource DNS Lookup option is enabled by default but can be removed if desired
Ssl key manager deleting old certificates and giving information about which discover method they come from
Defining the default connection account for users of resources assigned to a role in the Resource <> Type association component
Granting User Role multiple authorisations
Forti Switch (FortiOS) hardening implementation
CK Network - Looking at the Extreme Switch Problem without Backup
Fortisiem installation
Database permission control during the hardening phase. Minimum authorisation requirement
Trellix EPO - EDR system integration
Establishment of the necessary infrastructure for the creation of the LLDP topology map
Making rdp/console connection with User Provided accounts
Adding the Trellix ePO Discovery feature

Bug Fixes

Auto Discovery LDAP Credential error
Display of AD Group on User Management page and AD special character filtering
‘Import Ad Group Users’ remains ticked
Roles deleted or newly added without changing the page on the User Management page are not updated in the Add or edit user window
RDP connection closes on connection to active session with control
In RDP the sidebar should not stay on the image
Inability to use the mouse wheel fluently in drawing programmes
Proxy connections that cannot be terminated
Writing the primary account name after proxy problem
AltGr key combinations in English Windows
Polling condition under dispatcher (recipe-execution-module.run) is not satisfied if any subjob in Recipe Execution queue receives an error and does not update its status
Custom benchmarks should be migrated by default
Imported benchmarks should not be system benchmarks, system benchmarks are deleted in every migration
Making the connection method value editable in VMware resource types
Hiding the remediation button on hardening passive substances
Cannot open console session with Vault credential, credentials must be searched in correct collection
Hardening page filters are removed when action (remediation-rollback) is taken
vCenter verifies from 22 in the first addition phase, it should do it from 443

Version 3.5.0.20240114 - Released 2024-01-14

Features

Changing the duration of the approval request request and sending it to terminate
Providing permanent proxy connections by creating Session Token
Adding "Show Users" button to AD Groups page
VNC multi-monitor support
LDAP Tree View view and adding Exclude option
Keeping the source information for mail and sms while synchronising accounts and not overwriting if entered manually
PAM Connections Default Account - separation as RDP and SSH
GUI Terminal display right side update
Optional display of the Sechard 2FA QR Code at the entrance
Automatic addition of LDAP username domain suffix
TTMesaj SMS provider integration
PAM - Private key in Account section can be made primary in Associete section
SecHard-Drive" drive to be named "Drive on SecHard"
AD user names should be case insensitive
AD users at the top level cannot be retrieved with lower level filtering
Adding the number of pieces in Discover dashboard
Pulling PaloAlto Firewall Asset information
Pulling Fortinet Firewall Asset information
WMI Exporter 0.24 update and update of Windows dashboards
Linux version control and automatic editing
ESXi version control and auto-editing
Adding dependency column on Account
Adding resource information in Licence Asset report
Adding Password generate example button
Adding Centos 7 asset manager sssd service
Windows resources added with AD Discover should also be checked in Domain controller type and added accordingly.
Adding hardening scores history recipe report
Adding hardening error information to the cake
Automatic page refresh when the source changes from the top right on the Dashboard screen
Adding resource information to Grafana OK alarm
Adjusting the theme black font setting
Triggering an alarm when the Licence Expiration Date reaches the specified date
In the Import from AD discover option, it should be possible to add the same name with a different name
Discovered Resource List Not Detechted resources can be exported
Replacing the licence restriction with a unique encrypted value generated by the system instead of the MAC address
Adding URL field information for printer devices and opening the web page when we say right button connect
CTRL focus on enter
Black app list application alarm
Production of compliance reports
Saving filters in the user's browser on the Recipe Settings page
Add TAG to Hardening Zone filtering section
Hardening diff recipe report
Adding Windows licences to the license page
Job Management job export report csv
Accessories, licence, componet export - import
Executive Summary Report should be added to the report page
Organisation of PAM Role page order
Resource - Created manually at Feb 23, 2023, 11:32:10 AM. Addition of Added by
Resource cloning
Adding recipes from the Hardening page to the recipe group
Showing PAM Account, Vault account changes in system event
Adding Asset Management Dashboard resources information
Removing the repeat feature in discoveries
Nginx auth method ssh defaulted should come
vCenter auth method API port 443 should come in default + migration
ESXi auth method API port 443 should come in default + migration
Switching from otp to password during login
Adding Recipe Group export - import feature
Adding the PAM Connection Tree View display feature
Adding User Management Bulk edit
Tag options at the top and check boxed and stack them on top
User role resourcelar is not added automatically Family option and the option to include newly added resources
In network devices, asset scripts should work in the first addition phase
PAM User multiple account mapping
Adding not contain property in Resources TAG column
Moving the default connection protocol option to resource. RDP for Windows Server, VNC for Windows Client, Console for Linux Server
Rule execution recipe addition delay feature
Passive - Self-control items to be added to all sources
Adding the Resource TAG option in the Rule section
Adding Highlight, Severity features to the Security page
Remote Application Arrangements
Adding dzdo su sudo option on servers with Linux Centrfy agent
Hardening score component arrangements, changing 'error' status to message only
The score we want is not included but also not deleted from the system
Organisation of the API Postman collection
Adding Vault hiden password
Only hardening scans should work in Resource Audit scan
Vulnerability scanning on Windows
Backup diff control
IP control from FQDN connectivity checker should only work on windows server, client, dopmain controller types
Only resource ip address should be checked in Windows Basic Authentication section
Scripting WinRM container job and using it in queue
Integration of Cisco Meraki
Preparation of CIS certification documents
Addition of Egypt Financial Cyber Security Compliance report
Addition of Information Systems Compliance report of banks
Addition of Natural Gas Distribution Sector Compliance report
Addition of Electricity Distribution Sector Compliance report
Adding Turkish language support in hardening reports
Adding KvKK Compliance report
Adding SecHard Compliance welcome report
Adding EMRA Compliance report
Addition of BRSA Compliance report
Adding the FISMA Compliance report
Adding NIST SP800-210 Compliance report
Adding NIST SP 800-207, Zero Trust Architecture Compliance report
Adding the CIS V7 Compliance report
Adding the GDPR Compliance report
Adding PCI DSS Compliance report
Adding HIPAA Compliance report
Adding SOX Compliance report
Adding ISO 27002 Compliance report
Adding ISO 27001 Compliance report
Development of Juniper OS v21
Cisco Wireless Contoller 8.0 will be eliminated and backup will be taken with TFTP
Adding Juniper SRX
Juniper v18 DB Operation and Hardening Controls
Checking Huawei switch default settings
Esxi 7.0 Benchmark Update v1.1.0 ---> v1.2.0
Addition of Linux Security feature
Control of restriction of Linux SSH accesses
Adding Windows Security
Control of restriction of Windows RDP accesses
Adding Windows 7 Benchmark
Adding Windows 8 Benchmark
Adding Windows 8.1 Benchmark
Windows Server 2008 R2 & DC Benchmark Update v3.2.0 -> v3.3.0
Checking Windows client service items and fixing errors.
Adding database operations to RDP Session Time Limit items
Windows Server 2012 R2 & DC Benchmark Update v2.4.0 -> v2.6.0
Addition of Meraki portal Cisco tightening benchmark
Adding ESXi 8.0 hardening guide
Best practices for Citrix - NetScaler MPX, VPX, and SDX security
Esxi 7.0 Benchmark Update v1.1.0 ---> v1.3.0
Esxi 6.7 Benchmark Update v1.2.0 ---> v1.3.0
Ubuntu 20.04 Benchmark Update v1.1.0 ---> v2.0.1

Bug Fixes

Pam connections not working

Powershell connections remain active even when closed. Unable to terminate.

TACACS password is not updated after LDAP user password change

OpenDiscover not working

When an account with password is converted to a type without password, the password should be deleted. Migration should be written for accounts in the collection.

When an account is deleted, it should be deleted from "system account"

Linux port 80 comes with VMware discover

Fixing Grafana 502 Bad Gateway e-mail problem

Wireless controller and load balancer resource types do not appear in schedule backup schedule jobs

No Resource Website asset information No details although IIS is installed in DHCP

When the role is cloned, the approvers are not copied into the new role, but all other settings are copied.

Resources added and resources deleted system events have no information about which resource it is

Asset movements do not appear in system event

Recipe does not give conflict warning with the same name

Multiresource bulk conf run throws 2 times

Install TightVNC Server recipe vpn password not coming up

When the counsellor requests approval, if we approve, the connection to the server is made without refreshing the page

Upgrade page came up twice.

Resources select all bulk config only gets 100

Security sub-recipes should not be displayed

Sources that are not hardening recipe should not come to queue. No recipe found Vcenter error.

Schedule job remains running

DATABASE server user queue password change is not written to account

Switch-Router cannot receive Banner lines

Palo Alto firewall asking yes/no after banner hardening

Version 3.5.0 - Released 2023-09-09

Features

Addition of editable mail template for 2FA QR code
Adding the Account Info Report Network Devices report - Account Info Report OS
Adding Active Directory Groups Last Sync Info information
When AD Group users are imported with the sync feature, the imported user type change is detected and the users in the system are moved to that type.
Addition of AD and LDAP discover OU restriction
Adding Asset Group Settings Critical High Medium Low values
Changing Asset scripts names
Adding Auth Method column as hidden to the right of Account column on Resources page
Adding CIS NGINX Benchmark v2.0.1 - 06-15-2023 to the system
Adding Compliance custom recipe
Editing the compliance overview page
Creation of compliance reports
Adding the Compliance page and creating the checklist structure
Organizing the compliance structure
Compliance, SAMA Addition of Saudi Arabian Monetary Authority Compliance report
Compliance, CIS v8 Addition of Compliance report
Compliance, addition of CMMC Compliance report
Compliance, ECC: SAUDI ARABIA'S ESSENTIAL CYBERSECURITY CONTROLS Adding the Compliance report
Compliance, creating severities in NIST compliance with AI
Compliance, NIST SP 800 - 53 Addition of Compliance report
Adding CTRL+v ^v character in Console connection
Adding Custom Vault and granting user-based permission
If the discovered resources have fqdn information, they should be able to save without ip
In the discovery phase, only Kerberos is tested, for windows platforms that are not members of the domain, Kerberos should be checked after Basic control in vmware and other discovery phases. Only Kerberos should be scanned from AD
Discovery Exist warning should be checked
Deleting MS Only recipients in Domains and DC Only recipients in Servers
Checking the default value in Recipe runs with Field
Addition of Fortigate Radius integration
Setting Fortinet Firewall Default Benchmark to CIS
Grafana Alertmanager integration
Moving Grafana rolls to code
GUI default Admin user first login password change
Receiving hardening diff report
Creating a baseline by comparing Hardening Recipe Group Resource. Having remediation and rollback options in the baseline.
Removing the list limit in the "Hardening Zone" section
Hardening, exclude / hidden recipients report with reason
Hardening, security cake % status display
Historical receipt of revision report in Hardware and Software asset information
Adding _cmdline-mode on account optional options during the first login phase in HP Comware5 1920 switches
Addition of Hyper-V Discover feature
Adding LDAP Discovery feature
Linux /tmp asset script delete and permission control
Adding HTML rendering in mail notification.
Main Dashboard - Hardening Highest Scores widget update
Metrics Recive Status data from queue
Adding navigation menu headings
PAM - Adding Account Associate TAG structure
Adding Source IP field to PAM session system event logs
Adding personal vault token expiration time to system settings
Adding Ping, Connection, Account, Last Changed information
Closing pop-up notifications after timeout
Immediate activation of changes in queue management
Preventing Radius AD Group Users from failing during caching
Making the Radius package ready for redhat, centos, oracle
Recipe Execution bug fixes and improvements
Adding polling to recipe execution queue job, eliminating race condition
Displaying as recipe group title bar
Shortening the refresh token duration and setting it to 12 hours
Saving the last value before remediation in the database, providing an option in rollback
Adding information about who deleted the resource deleted mail
After the resource is added, it should verify and queue
Adding note on Resource and showing it with popup
Send files to linux servers with SFTP / SCP
SFTP role should be disable by default
SIEM log improvements
SSH Key integration
Adding SSH key integration. Adding key generation, manual key fields.
Adding SSH key integration to PAM access.
Adding the machine name as a column in the TACACS Log section
Adding tftp server ip address field field.
Adding User Management Info information and user last session ip and date information
Addition of User Management user ip restriction and the ability to write more than one ip
Pulling Resource information in User role by looking at name group permissions. Automatic control for Administrators and Remote Desktop Group
Using Vault accounts in PAM Conncetion
Fixing null pointer error during VNC connection
Vulnerability OWASP ZAP Integration
Vulnerability Tenable Nessus integration
Adding the ability to add white list feature based on resource
Adding field and range information to Windows rollback recipients
Adding field and range information to Windows rollback recipients
Adding Test Path to Windows Server 2008 R2 Rollback commands
Adding Test Path to Windows Server 2008 Rollback commands
Adding Test Path to Windows Server 2012 R2 Rollback commands
Adding Test Path to Windows Server 2012 Rollback commands
Adding Test Path to Windows Server 2016 Rollback commands
Adding Test Path to Windows Server 2019 Rollback commands
Testing all items Bulk remedition, Confirm message, Service restart in Windows
Changing the name of Windows User Report to Resource User Report
Extending Database Operations on Windows

Version 3.4.0 - Released 2023-05-15

Features

Addition of Alert SMS support.
Addition of TOTP SMS support.
Adding Radius Server otp SMS support.
Windows Server 2022 Confirm Messages.
Addition of Hp Comware 5 support.
Queue backup jobs memory leak arrangement.
Discovery Exist warning should be checked.
Send files to linux servers with SFTP / SCP.
Organizing MS Only recipients in domains.
Organizing DC Only recipes on servers.
Addition of Personal Vault feature.
Addition of Custom Shared Vault feature.
Addition of PAM bidirectional Approval mechanism feature.
Using Vault accounts in PAM Conncetion.
Adding polling to recipe execution queue job, eliminating race condition.
Immediate activation of changes in queue management.
Recipe group feature has been added.
Recipe schedule feature has been added.
PostgreSQL 15 Hardening Benchmark has been added.
PostgreSQL 14 Hardening Benchmark has been added.
PostgreSQL 13 Hardening Benchmark has been added.
PostgreSQL 12 Hardening Benchmark has been added.
Added Docker CIS Compliance Hardening.
Putting Password and Account expire on the Alarm page.
Increasing the number of acceptable jobs in Bulk config.
Updating the Create Custom Recipe field field. Number of lines and width.
Feeding resource-asset name and hostname information from a single field.
Added Hardening Critical, High, Medium, Low levels in Web Browsers.
Added Hardening Critical, High, Medium, Low levels in Microsoft SQL Databases.
Added Microsoft SQL Server 2022 Hardening Benchmark.
Added Microsoft SQL Server 2019 Hardening Benchmark.
Microsoft SQL Server 2017 Hardening Benchmark has been added.
Microsoft SQL Server 2016 Hardening Benchmark has been added.
Microsoft SQL Server 2014 Hardening Benchmark has been added.
Microsoft SQL Server 2012 Hardening Benchmark has been added.
Microsoft SQL Server 2008 R2 Hardening Benchmark has been added.
Added Web Browser Google Chrome Hardening Benchmark.
Added Web Browser Microsoft Edge Hardening Benchmark.
Web Browser Mozilla Firefox Hardening Benchmark has been added.
RemoteApplication Auto Login feature has been added.
Service Password Change AD User feature added.
New Asset reports have been added.
Asset script structure and file names have been edited.
Cisco switch and router backup structure moved to tftp.
Docker swarm yml files have been updated.
Web upload feature has been added.

Version 3.3.0 - Released 2023-01-10

Features

Added Hardening Critical, High, Medium, Low levels to Windows servers.
Hardening Critical, High, Medium, Low levels have been added to Linux servers.
Hardening Critical, High, Medium, Low levels have been added to Switch, Router, Firewall resources.
Added Hardening Critical, High, Medium, Low levels to applications.
Azure Hardening Benchmark has been added.
Aruba Wireless Controller Hardening Benchmark has been added.
Aruba OS Switch WC Hardening Benchmark has been added.
RemoteApplication feature has been added.
Service Password Change feature has been added.
New Asset Monitor prescriptions have been added and listed on the dashboard.
Asset script structure and file names have been edited.
Cisco switch and router backup structure has been moved to tftp.
Docker swarm yml files have been updated.
Persistent Volumes moved to data folder.
Web applications were moved behind Nginx Proxy.
VNC install and uninstall packages were prepared and sent through the system.
WMI install and uninstall packages were prepared and sent through the system.
Web download feature added.
Improved TOTP support for SSH, Telnet, RDP.
Snmpv3 support was added in Discover module.
Added snmpv3 support in performance monitor module.
Hardening hidden rciples were only shown in hidden filtering.
Hardening excluded rciples were shown only in exclude filtering.
Windows Server 2016 Hardening Benchmark has been updated.
Windows Server 2019 Hardening Benchmark has been updated.
Windows Server 2022 Hardening Benchmark has been updated.
Windows 10 Hardening Benchmark updated.
Windows 11 Hardening Benchmark has been updated.
Added Turkish character support on Reason page.
Port page CSV export added.
It has been ensured that the port lists that have not been used for x days are mailed daily.
User Management Gender field combo box Male / Female feature has been added.
Asset pages moved to new page.
Sytem Event moved to new page.
CSV Export module has been improved.
The tag feature has been improved on the Resource page.
Tag structure added to Account page.
Rersources Bulk Update was enabled to be done from the CSV Import page.
Double-sided continuity (Job<->Discovery-methods) has been provided in Discovery jobs.
Log format and content updates were made in QRadar and Logsign SIEM options.
Multiple condition and multiple action features have been added in Rule settings.
SSL Certificate export to csv page, list and vulnerability report have been added.
Resource User Group report has been added.

Version 3.2.0 - Released 2022-11-15

Features

accessory asset checkin (95919a0)
accessory assets (13de248)
accessory assets checkout (e25c484)
add events on asset actions web (fc559b4)
add ip page on resource assets (8cdd00b)
api routes and pub sub functions (a21b52c)
asset dashboard permissions (c034055)
asset model links (04b75fd)
asset model settings (a80c55b)
asset routes (c04f513)
asset services (60868f2)
asset settings module (0071d98)
asset status component (6ea8975)
asset status links (47968b9)
asset status routes and model (247b78f)
category asset routes (8f238e9)
category asset settings and form pages (b832d3c)
checkout component assets (e692d29)
company asset settings (8bfe31a)
company links (70b8a90)
component asset checkin (6abdf86)
component asset checkin quantity (a744c28)
component assets components (f79dce6)
component assets routes and model (989d7c0)
create 'dns' asset script (2991c1b)
create 'route' asset script (9102475)
create 'software-key' asset script (9dc74d4)
create 'software' asset script (aa44ec2)
create 'user' asset script (4c011bc)
create 'variable' asset script (e274d93)
create benchmark.score and recipe.status models (a191f57)
custom asset checkin (ee7052c)
custom asset checkout (db43d4c)
custom asset permissions (0d6f21e)
custom assets (d0cf752)
custom hardening regex key higlight (8677136)
deaprtment links (e3ccfb4)
department asset list page and form component (b596bd9)
department asset model and api routes (ef06ecf)
department asset settings refs (afc2002)
domain controller scripts (f7d62c0)
domain controller scripts and recipes (adc01f8)
download needed audit files from sechard-api/files endpoint (0cb5a43)
hardening comparison reports (cc85545)
hardening executive summary report (233f20b)
hardening reports initial commit (64e61eb)
hide resource table when hardeing charts are selected (e969270)
huawei router (ef21c81)
initial custom assets (cf90aa0)
initial manufacturer-asset-settings (5bb9a5b)
license asset checkin (08e8cdc)
license asset checkout (b8ad5cf)
license asset page and form component (ecb5b65)
license assets routes and model (233e57c)
location asset refs (c156a32)
location asset settings page and services (316d134)
location asset settings routes and model (400b805)
location links (01e231e)
manufacturer asset links (94333cf)
manufacturer asset settings (1cfc338)
netstat paging (e7a9961)
partition page on resource assets (4e1c805)
people asset count fields (a286ed4)
people assets (93a4915)
people links (7a2766e)
reports page hardening resource filters (21ee079)
resource task page (5a120b4)
turk telekom hardening reports (5057235)
win processor scripts and recipes (7d6e434)
windows 'log' scripts and recipes (21c0c1b)
windows 'monitor' recipes (e6a9968)
windows 'monitor' scripts (a8c67b4)
windows 'netstat' scripts and recipes (c1e5a5a)
windows 'pagefile' scripts and recipes (26e2fb2)
windows 'service' scripts and recipes (e6a8747)
windows 'sound' scripts and recipes (f67e54f)
windows 'user groups' recipes (4eb1dc2)
windows 'user groups' scripts (04330bb)
windows bios monitoring recipes (eef0314)
windows bios scripts (a45a08c)
windows ip scripts and recipes (443cc09)
windows partition scripts and recipes (fe785c5)
windows task scripts and recipes (ecc7c2b)
windows video scripts and recipes api (23bf4b9)
windows video scripts and recipes queue (f7f5c39)

Bug Fixes

api shared-files (1ae95cb)
asset score (1ed0bf2)
backup operator (0f48d30)
blank asset score after recipe sync execute (6c16036)
check lenght on objects that are not arrays (19d1697)
hardening top menu item should show if custom hardening exists (75c0ef4)
hardening-reports (dd62351)
lint (a26a9a7)
lint (01fd4b9)
merge conflict (e0393ec)
merge conflict (1d5f8b7)
merge conflict (9c1b688)
merge conflict (675ea06)
queue recommended value (48dfb86)
queue resource toObject bug (53aa3d0)
queue windows 10 script paths (6b95b00)
recipe migration upsert recipes (04a1276)
remediation, rollback and audit score calculating on hardening page (2131cc3)
require is not defined on reports (0671826)
resource-edit (d7ee6ff)
score-cal (05f6d21)
set mongo image version to 4.4.6 (b9a52d1)
show 'highlight audit' button on 'Switch, Router' resource types (4152ba9)
show hardening top menu item if custom hardening exists (df345e7)

Version 3.1.0 - Released 2021-8-21

Features

add target-handler.js (adad297)

Bug Fixes

Grafana datasource (39a7735)
queue separate process (84a0910)
recipeQueueCron settings (3cc563d)
recipeQueueCron settings (9a793ef)
winrm result parse (e83fc70)

Version 2.1.0 - Released 2020-12-5

Features

add active directory groups dropdown to user management page (5d2d7b3)
add benchmark tag field to hardening recipes (95a4367)
add CBDDO benchmark option to device hardening page (bebfe99)
add CBDDO benchmark option to export device hardening pdf page (945f844)
add CBDDO benchmark option to reports page (dd40f31)
add cbddo tag to windows hardening recipes (19f9c7f)
add default time-out field to system model (2dbe321)
add idle time-out setting to user settings page (63aa3a9)
add new created devices to prometheus targets.json (14f5309)
add ocr enable setting to system settings page (050f7ae)
add ocr setting to user module (1709186)
add ocr update endpoint (56f0d7b)
add patch and get routes for idle-timeout (be23c45)
add remote desktop permission field to user model (1b1a321)
add remote desktop to top menu items (29509fc)
add sechard_agent_ip field to system models (e4814c8)
add tag field to recipe model (f8cd12b)
add targets.json to prometheus.yml (5e02dca)
add windows and linux grafana dashboards (380e07a)
allow get requests to idle-timeout endpoint (0488974)
check if OCR is enabled before starting the OCR process (6ba702c)
get sechard_agent_ip from db or redis and set it as environment variable on queue worker (351eefc)
select tag field of the device recipe (3e3770e)
set sechard_agent_ip field on db (512d239)
show different icon when ocr is disabled and ocr is in progress (a6507e0)
show rdp or console buttons on devices list only if user has required permissions (f2e3902)
show remote desktop top menu item only if user has required permissions (5dfd4b0)
time-out idle users after a while (401485e)
ui enhancement on session records page (d17904e)
use cgroups to limit cpu usage to 25% (343291b)
winrm kerberos auth (4ccd43f)

Bug Fixes

'Windows' devices bugs in queue (2ff09f6)
add else statement if writeFile fails (a26291b)
blank ad auths (0c25b3c)
catch EHOSTUNREACH error if ad is unreachable (b92a250)
cbddo client side filtering on export hardening page (99bcaea)
cbddo client-side filtering (4762f47)
cbddo client-side filtering on reports page (71e3146)
dashboard uids (5f83cfc)
delete unnecessary files from remote destkop (50cf5cb)
edit ad auth settings even if new password is not provided (50e1ac5)
group recipes by level on detailed and summary hardening report page (6a3a056)
handle remote desktop alarms and mails on api (7a85c53)
hide management and monitoring top menu items on firewall devices (00820b9)
if ocr is not enabled remove encoded files after conversion to .mp4 (7b842ec)
lint (437bf1a)
list devices and sort server-side on report page (eff9e4d)
local users missing password field (18907ff)
ng lint (d2c723f)
pingDevices handler.bind is not a function (d916328)
recipe queue concurrency option (b9bf804)
redirect to user types page when edit user types button is clicked on user management page (71bc07d)
remote desktop container logs (e4f9f93)
remove unnecessary model files (3caf95e)
select only timeoutseconds field from system (a70d482)
show remote desktop menu item on Windows devices (52c9fa9)
undefined recipeQueueCron (a1fc554)
update session time-out seconds from user settings (3c45ada)
update windows scripts (8d06be4)
when time-out ends log user out from any other open tabs (1e85915)
winrm connection & custom recipe (b42dfc4)
winrm device host (ed247e8)
winrm hostname (33e171b)

Version 3.0.0 - Released 2020-6-3 Priorities

Features

add status field to user model (02071d2)
add status route to update status on login (fd5d153)
add user login hours restriction option when creating and editing users (604ef4d)
add user online status and logged in duration on user management page (36347e2)
dashboard module (6945047)
front-end of uploading files to server (b521980)
upload files server-side (d57af4f)
user login hours restriction server-side (3d87e91)
add different conversion depending on color scheme setting (948ed0c)
add necessary fields and routes for color scheme setting (7d3dd9b)
add session record color scheme sytem setting (648a49d)
docker dashboards (153c288)
remote desktop session records OCR (e5186b8)
search session records by keyword using OCR (efe4893)
session record page encoding and ocr search progress (38e5bc0)

Bug Fixes

add control to check if login restriction is enabled before adding or editing a user (08a01ce)
dash scores (e63c3e7)
dash scores & queue bugs (17f2d0d)
Dashboard Exceeds maximum line length of 140 (52fc74f)
isOnline and isEnabled should be checked first on user management page (38df668)
users without status field should be listed as offline (394a95e)
do not complete job if 'command timeout' happens & undefined oldRunningConfig (9434f92)
downgrade ssh2shell package version & create job per device in update-devices queue (ab676b6)
enable rdp font smoothing (8ff7b00)
merge conflict (601c860)
recipe-queue update cron settings function (21c1c33)
security score top menu item not visible (cfe31de)
top menu items not showing on generic devices (2ef9b93)

SecHard Technical Portal

RELEASE NOTES

Version 3.6.3

Features

Bug Fixes

Version 3.6.2.20250325 - Released 2025-03-25

Features

Bug Fixes

Version 3.6.1.20240729 - Released 2024-07-29

Features

Bug Fixes

Version 3.5.0.20240114 - Released 2024-01-14

Features

Bug Fixes

Version 3.5.0 - Released 2023-09-09

Features

Version 3.4.0 - Released 2023-05-15

Features

Version 3.3.0 - Released 2023-01-10

Features

Version 3.2.0 - Released 2022-11-15

Features

Bug Fixes

Version 3.1.0 - Released 2021-8-21

Features

Bug Fixes

Version 2.1.0 - Released 2020-12-5

Features

Bug Fixes

Version 3.0.0 - Released 2020-6-3 Priorities

Features

Bug Fixes

Related content