Release Notes
This page provides information about the changes, updates, enhancements, fixes, and new features introduced when a new deployment is released.
deploy to cloud-hosted instances on 9-13-23
- Added ability to create and customize style guides for exported reports to Word (.doc) using a Jinja template
- Improved report experience when selecting sections from NarrativesDB or writeups from WriteupsDB by truncating long sections of text, tables, code blocks, and hiding images
- Added additional fields Clients module home page table (Client POC Email and Description)
- Added ability to configure and customize the table column experience for associated findings of an asset within the Clients module
- Improved modal experience when importing a finding (no longer defaults to Nessus in the pulldown menu)
- Improved usability on the Readout tab of a report by highlighting the box of the finding being viewed on the Report readout column
- Users with write access to reports can delete comments created by other users
- Updated BURP parser field mapping documentation
- Fixed the issue of a CVSSv3.1 risk score not showing on the findings detail page
- Fixed the issue that occurred when creating a custom role in the Admin Dashboard and disabling the “Ability to View the Administration Panel”
deploy to cloud-hosted instances on 8-21-23
- Ability to bulk associate findings to ServiceNow (if integration is configured)
- Ability to unlink a finding from ServiceNow (new option under "Actions" column (if integration is configured)
- Updated references of “Tenable.io” to “Tenable Vulnerability Management”
- For BURP HTML file imports, enhanced the usability of finding and viewing data by moving the HTTP request and response fields out of the findings details page (continues to be listed as evidence in the affected asset)
- Better error messages to users and handling of data when importing large BURP files; now a notification is sent about the finding that did not get imported, and all other findings are loaded without impacting the entire file and instance stability
- For users importing files with evidence-heavy data, significantly decreased loading time, an increase in the number of findings and assets that can be imported before performance is impacted, and improvements in any error messaging to provide helpful details to resolve any issues
- Added count totals of rows in the table headers for Assessments and Runbooks modules
- Added a red asterisk to the Client Name field to denote it is required
- Arranged theme color options in Admin Dashboard>Theme so they are now displayed by severity impact instead of alphabetically
- Added bulk actions button and options in the Assets tab for a report
- Updated legacy color palette values in tooltips, icons, etc., throughout the platform for consistent user experience
- Breaking change implemented for APIs using roleID variable in endpoints; legacy support will continue through 1.59
- Fixed issue with erratic scrolling of page for comments left when tracking changes
- Fixed issue with ServiceNow integration: now work notes, comments, and status
- Fixed issue with CSV exporter that occurred in MS Word reports containing imported findings from API integrations
- Added error handling to resolve asset names with over 10k characters that would previously cause a system error; names are now truncated to ensure the files load properly
- Fixed the issue of the default parser action not filtering correctly
- Fixed the issue of table sort order not being preserved when a questionnaire is deleted in the Assessments module
- Fixed issue in parser actions in which placeholder field titles were in pulldown menus
- Fixed issue in which the deduplication process for asset names was overwriting child asset names; child assets can now have the same name for different parents
- Fixed issue with Help Center link in the profile pulldown menu being a different color than other items in the list; also added an icon next to the link informing users that clicking Help Center will open a new tab/window and take the user outside of the platform
- Fixed the issue of a blank page appearing when clicking the Edit/Comment button on the Readout tab of a report if no narrative has been added; now, no button appears on that tab until the content has been created
- Fixed issue with bulk selecting all assets in the Clients module in which some manually deselected assets were still being deleted
deploy to cloud-hosted instances on 7-18-23
- Performance enhancements when importing findings from an integration for import into a report
- Changed the term “scan output” to “evidence” throughout the platform for consistency
- Improved experience when creating a writeup to better align with the process of creating a new finding
- Better messaging to admins when deleting users to provide more detail, so if the action failed, admin can take action to remedy (i.e., the user is assigned a task)
- Performance improvements when importing large amounts of affected assets with a finding via an integration
- Improved messaging within the modal that appears when adding a writeup to a report with a findings layout assigned
- Added count totals of rows in the table header for the Assessments module tab
- Added count totals of rows in the table header for Admin Dashboard>Security>Authorization page
- Fixed issue with Jira server (not cloud) integration not working as expected
- Fixed issue with exporter failing for Parser and API integrations
- Fixed issue in Edgescan integration that occurred when closed vulnerabilities for the past three years was selected in the pulldown menu during setup (the configuration would reset to default state)
deploy to cloud-hosted instances on 6-21-23
- New design improving usability for admins when adding authorized users to a client
- Added a total count of clients, reports, findings, and assets in the Clients module that is displayed as each tab is clicked
- Overhaul of CSV export for reports that fixed known limitations and issues that occurred when exporting large data sets into cells
Bug Fixes
- Fixed an issue in which a finding severity was not being adjusted from manual changes in the CVSSv3.1 calculator
- Fixed an issue in which a writeup form would occasionally disappear after loading when trying to edit
- Fixed an issue in which an analyst user was incorrectly able to add or remove reviewers from an assessment
deploy to cloud-hosted instances on 6-7-23
- Enhanced Snyk integration with a new product (Snyk Code) plus documented field mappings and deduplication logic for all Snyk products
- Changed bulk actions menu so actions are only visible to users with the correct permissions
- Added better messaging and UX experience when integration synchronizations are taking longer than expected
- Optimized affect asset retrieval for findings that had hundreds of affected assets
Bug Fixes
- Fixed an issue in which available repositories were not appearing after typing into the box within WriteupsDB when trying to move or copy writeups
- Fixed an issue in which assets imported from a Nmap.xml file were displaying a random “last seen” date in the Notes/Description tab for the affected asset
deploy to cloud-hosted instances on 5-30-23
- Improved user experience and transparency with behavior regarding parser actions seen in Admin Dashboard>Parser Actions
- Adding messaging to inform user when an import takes longer than 100 seconds explaining operation is taking longer than expected and to try importing later
- Changed label of “Runbooks V2” to “Runbooks” (Runbooks V2 replaced legacy Runbooks module in 1.53)
- Added messaging to inform user that a finding or assessment has been deleted if accessing from a notification link
- New graph in the Analytics module in the Trends & SLAs tab to display the percentage of findings exceeding SLA
Bug Fixes
- Fixed issue with saving when creating a new writeup and user not being directed to WriteupsDB homepage when finished
- Fixed an issue in which tags for a previously-created SLA were auto-populating on new SLAs
- Fixed issue in which users not assigned to any clients were able to view reports
- Removed the 2000 character limit for the rich-text field in the Custom Fields tab of a finding
- Fixed an issue with the Tenable integration
deployed to cloud-hosted instances on 5-8-23
- Added a documentation link to First CVSS at the bottom of CVSS calculator when creating a finding
- Enhanced the user experience within the graph for the Trends & SLAs tab in the Analytics module
- Added better visibility that an asset name is required through improved error messages and asterisk to denote it is a required field
- Changes made to a finding status within the most critical findings box inside the Findings tab of the Analytics module are reflected immediately
- Ability to view child assets (when applicable) from the parent affected asset
- Added visible error messaging when editing the Evidence tab of an affected asset that changes were not saved when attempting to exit
- The parent asset value within the table of the Assets tab of a report now links to the parent asset details page
- Removed legacy Runbooks module from main menu
- Fixed issue in which validation for duplicate assets was not catching an asset just created
- Fixed issue during creation of a new asset that occurred with a field screen not disappearing after selecting a provided value
- Fixed bug in which the number of findings listed in the Readout tab of a report was not accurately reflecting the number of findings in the report
- Fixed issue of importing findings from an integration that findings created on the end date chosen in the filter was not appearing
- Added logic so that after using filters in reports, leaving page, and then returning, the filter select boxes would contain previously selected values rather than be blank
- Fixed issue in which findings with closed status were triggering SLA emails
deployed to cloud-hosted instances on 4-21-23
- Added a field for URL available when setting up or editing an Edgescan integration
- Improved refresh of data used to build graphs when loading Analytics module pages
- Fixed issue with Edgescan findings import in which only one filter could be used
- Fixing a bug that allowed duplicate asset names for a client
- Moved tooltip about findings and assets on Dashboard module to the Finding metrics tab
- Fixed issue that a report was displaying the default template instead of the properly assigned template
- Fixed issue of empty asset when importing same assets to different reports within a client
- Fixed issue of finding updates email notifications not sent correctly when using the status tracker/bulk update modal
deployed to cloud-hosted instances on 4-6-23
- Enhanced user experience when adding findings from an integration to a report
- Added ability to retain customized columns (where applicable)
- Added refresh of page after using ‘search and replace’ functionality in reports to better indicate changes were implemented
- Added ability to bulk paste email addresses when adding assets to a client
- Improved platform performance when creating clients
- Fixed data refresh issue that occurred after a bulk delete in WriteupsDB
- Fixed issue in which the short codes section of Admin Dashboard was not appearing for some non-admin roles after given access via Administration Permissions in RBAC
- Fixed error message that resulted after adding evidence for an affected asset and then deleting evidence before saving
- Fixed bug that occurred with risk score when exporting to CVS and some finding fields were null
- Fixed an issue in which the date to and date values from search filter were not filtering correctly for the Most Critical Findings box across all tenant clients
deployed to cloud-hosted instances on 3-27-23
- Fixed issue that occurs when an authorized analyst attempts to update the status of the finding in a published report and receives an unauthorized error message
- Icon changed in the Parent Asset box of the Create Affected Asset modal to accurately reflect that this field is a search box and not a pre-populated pulldown menu
- Fixed issue of the modal not disappearing when clicking the ellipses of an asset under the “Action” column of the Assets tab in the Clients module
- Fixed issue of a blank page appearing when an admin attempts to edit a template (Account Admin>Templates) of the Admin Dashboard
- Fixed issue of a linked template not being used when exporting a report as assigned by admin in the Export templates tab (Account Admin>Templates) of the Admin Dashboard
- Fixed issue with Tenable integration that could cause integration to fail
- Fixed issue in which a parent asset was not successfully removed when deleted as parent from the child asset on the Edit Asset page
deployed to cloud-hosted instances on 3-8-23
- Usability enhancements in Admin Dashboard>Templates with the addition of tool tips, easier to read tables, and updated modal designs
- Platform-wide enhancements to messaging in modals for better consistency and experience
- Fixed issue in which Analytics pages might crash when refreshing the page or redirecting after logging out
- Fixed issue that occurs if import source is changed in the middle of the process of adding a finding via an integration
- Fixed issue of an existing asset’s ports, services, and protocols being added by default when the asset is added as an affected asset to a new finding
deployed to cloud-hosted instances on 2-24-23
- Ability to sort (via table column), filter, and search by a parent asset in the Affected Assets tab of a finding
- Ability to view and navigate to the parent asset from the asset detail modal of an affected asset, and from the findings detail modal under Affected Assets
- New button and user options for adding a new asset to a client (now have option for a bulk paste)
- Added a notification banner for admins and users belonging to the default group if an error occurs that prevents a page from being saved (a link to PlexTrac support is provided in the banner)
- Platform-wide updates to presentation of messages and button labels for improved consistency and usability
- Enhanced authoring and viewing of narrative content sections by continuously displaying editor toolbar (previously toolbar would disappear if additional required scrolling down)
- Enhanced integration experience when importing from Findings tab
- Fixed issue when deleting a repository in WriteupsDB in which user had to click the same button twice to complete task
- Fixed bug of asset description not being saved on creation
- Fixed 400 error that occurred when adding a note to a child asset
- Fixed issue in which some users were experiencing issues with logo updates
- Fixed spelling errors on Edgescan field mappings page
- Fixed bug in which an analyst could see draft findings on a report's Assets tab
deployed to cloud-hosted instances on 2-10-23
- Enhanced modal usability for WriteupsDB
- Unified the asset import experience within Affected Assets and Client Assets, including file type verification, better styling, and improved notifications
- Added a “Parent Asset” column to the report asset list table
- Bulk paste for affected assets now dynamically parses out asset name, parent asset name, and port to its relative columns in the table (before all information would be retained in asset name)
- Added a “View” link in the Affected Assets list of the Finding Detail modal to allow users quick access to the details of an asset without having to redirect to the client asset page
- Updated daily Jira synchronization (if a Jira integration is set by admin to update daily) to 4:45 UTC (9:45 PM Mountain Time)
- Removed “PlexTrac” as a file type to import for admins in pulldown menu when setting up parser actions to avoid confusion, as a .ptrac file is not tied to imported actions (still supported elsewhere in platform)
- Fixed bug that could cause the overall CVSS score to not reflect what was calculated using First CVSS calculator
deployed to cloud-hosted instances on 1-26-23
- Fixed issue of assets in a report not loading correctly on the Assets tab
- Usability improvements with labeling in Dashboard
- Autosave performance improvements in NarrativesDB module
- Fixed issue in which a new assessment might not display a 0% completion value as was incorrectly reflecting a previously edited assessment completion percentage
- Fixed issue in which large Nessus files were not loading
- Fixed issue in which CVE values were not loading correctly in some imports
deployed to cloud-hosted instances on 1-17-23
- Added version and fix version fields for Jira integration mapping
- Ability to filter by report name when adding findings from Cobalt
- Jira synchronization optimizations
- Added a check to see if an asset already exists within a client, and if so, use that asset ID to reduce duplication
- Created new endpoint to get findings older than 30 days that are not closed and in a published report
- Added filter ability to filter by tags during import of Edgescan findings
- Help Center link updated to direct users to new Zendesk solution
- Fixed Jira syncing issue in which the created date from Jira was displaying incorrectly on the findings table
- Fixed issues with Edgescan integration field mappings
- Fixed issue when new users to tenants in which MFA is required and enabled were not required to set up MFA until second login
- Fixed issue that was preventing admin user from changing password from profile screen (existing instances not affected)
- Fixed issue in which instance could crash when importing a scan file and parser actions are disabled
- Fixed issue in which Jira status change for a finding linked to a Jira ticket was not reflected in displayed status of finding table
deployed to cloud-hosted instances on 12-17-22
- Additional Jira integration field (data type) added for mapping options
- Enhanced Jira integration error messaging
- Fixed issue in which all CKEditor sections on a page were being saved at same time instead of just the section being edited
- Fixed issue preventing custom field on findings from being updated
- Fixed issue when editing a writeup that caused a 404 error and prevented writeup from being updated
- Fixed issue in which whitespace affected the parsing of parent/child assets when using bulk paste functionality to add affected assets to a finding
- Fixed issue in which a page could crash in some scenarios after clicking the finding status button on the Findings tab of a report and then clicking “Add Update”
- Fixed intermittent issue of image disappearing once loaded within a CKEditor field
- Fixed latency when page is loading findings for a report
- Fixed issue of finding titles not updating when edited on Findings tab of a report
- Fixed issue for tenants that had Classification Tiers enabled; users with appropriate permissions could not modify the classification after report was created
- Fixed multiple mapping issues with Edgescan integration (specifically description, recommendation, and severity mappings)
- Fixed issue of title search not working for findings in Client module
- Fixed issue in which a .ptrac import fails because an asset has a reference to a parent asset ID not in PlexTrac
deployed to cloud-hosted instances on 11-30-22
- Added a loading indicator to provide status for users using standard (non-MFA) login
- Ability to sort users by the last time log in occurred in the Admin Dashboard via “Last Login” column
- Added a modal to provide users more useful and relevant messaging when an export fails
- Fixed issue of tags being created after a search query
- Fixed issue in which an edited finding title may continue to display in browser cache
- Fixed issue with parent asset value not displaying in “Parent Asset” field when editing the child affected asset
- Fixed issue in which the “Change End Date” button was appearing when finding status was open or in progress instead of only appearing when status is closed
deployed to cloud-hosted instances on 11-17-22
- Ability to bulk paste assets associated with a finding
- New Assigned To column displayed on the Asset Findings table for report assets
- New modal and ability to select templates when creating a new findings layout in Admin Dashboard
- Ability to add and sort by finding sub status on the Findings tab for a report
- Added messaging to confirm successful deletion of an engagement and test plan
- Updated Cobalt integration description messaging
- Added validation and error message when importing findings to ensure selected file type and source match if either is changed by user
- Improved browser caching to reduce data transfer for viewing assets
- Fixed API issue with frontend acceptance of new password with MFA enabled
- Improved handling of Boolean fields
- Fixed an issue when exporting a report in Word (.docx)
deployed to cloud-hosted instances on 11-4-22
- New API endpoint for retrieving all assets on a tenant (api/v2/tenant/assets)
- Ability to move multiple sections from one NarrativesDB repository to another in a single action
- Ability to filter reports by status on Reports module home page
- Ability to do bulk edits to associated findings under an asset
- Caching improvements after finding, report and client deletions
- Completed assessments and closed findings removed from items count on Dashboard module
- Ability to filter for findings that have no tags within the existing “Select Findings Tags” filter box that appears on the Findings tab of a report
- Loading improvements for the Dashboard module
- CSS improvements for text alignment on long custom answers and questions for assessments
- Fixed issue with status field when importing a Nessus file
- Fixed issue with ServiceNow OAuth credentials not being passed correctly when checking connection status during admin setup
- Fixed issue in which SLAs enabled in Admin Dashboard were missing from the findings when a questionnaire was submitted from the Assessments module and a reported created
- Fixed issue of notifications sometimes not behaving as expected in UI (bell should stay red until notification is marked as read)
- Fixed issue of artifacts sometimes not uploading to answers when starting an assessment
- Dynamic sizing/horizontal scrolling for recently viewed report cards on the dashboard page
- Ability to select all available sections via a checkbox at top of page when adding narratives to a report
- Ability to select all available findings writeups via a checkbox at top of page when adding writeups from WriteupsDB to a report
- Increased field validation for illegal characters entered in CVE ID field for a finding
- Default short codes now listed in the Admin Dashboard under “Tenant Settings/Short Codes” for visibility with a link to the online product documentation
- Added loading spinners to signify page is loading on dashboard to give users notice
- Fixed bug in which multiple comments/changes in the same location could not be selected or viewed
- Actionable dashboard that lists all user assignments and recently viewed reports in additional to findings data and information
- Added confirmation modals and additional information for admins when managing users and enabling/disabling default group in the Admin Dashboard
- Improved the usability of dialog box and added search capabilities when importing a PlexTrac Report (.ptrac)
- Tooltip added to the tags inside repository cards for RunbooksDB module
- Fixed incompatibility issues with dark mode theme on pages
- Fixed issue that caused all table rows to load when clicking sync button for an integration
- Improved method that CWE IDs display for values parsed from Invicti/Nodeware
- Integration with Cobalt platform
- Added notes to the asset GET method
- Additional confirmation modals added to notify user of potential data loss when editing/updating content
- Updated default theme colors
- Updated logic for sorting of engagements within the Runbooks module
- Ability to bulk delete affected assets for a finding in a report
- Fixed formatting table issues and image support in exports to Word
- Fixed error that may occur when copying a finding from a scan to WriteupsDB
- WriteupsDB autosave bug fixes
- Fixed finding sort issues that occurred when specific optional fields were selected
- Changed default background color for dark mode from white to black/gray
- Fixed issue with “Sync Now” button not showing for Tenable integration in Admin Dashboard
- Added auto-save capabilities when creating and updating in WriteupsDB module
- Added ability to see the allowed file types when uploading parser files
- Ability to copy Content Library repositories from the card for both NarrativesDB and WriteupsDB modules
- Updated Veracode export to use the new risk_score and common_identifer fields
- Implement In Progress status for engagements
- Caching improvements in Analytics module
- Fixed issue of some selected filters not being deleted for findings in Analytics module
- Fixed issue of some users with proper permissions unable to view Customizations section of Admin Dashboard
- Fixed error that may occur when trying to update a new writeup immediately after creation
- Fixed issue with Nessus scans with empty CVSS scores failing to import
- Fixed issue with related findings not showing when importing findings into a report from a Nessus file
- Misc. dark mode fixes
- New integrated experience for admins to manage third-party integrations; all integrations with PlexTrac are now managed under the “Integrations” button in Admin Dashboard under "Tools & Integrations"
- CKEditor update providing new functionality throughout the platform when entering content, such as indentation of lists, modification of color within code blocks, background text color options, etc.
- When creating a new report, dropdown menu values are alphabetical and dynamically filtered by value typed in box by user
- Added front-end validation to CVSS scoring to ensure user cannot submit a score that will fail backend validation
- Added ability to add a Success Criteria step under “Execution Steps” when editing a procedure in the Runbooks module
- Added CVE/CWE ID Relational Filtering to Finding and Trends/SLAs analytics pages
- Ability to search the file type when importing a report
- Added CVSS 3.1 to the Report Findings and Client Findings table
- Narrative sections now reflect changes made from short code search/replace tasks
- Removed tenant point of contact and address fields (populated from another source)
- Misc. UX improvements in modals and dropdown menus
- Dark Mode display enhancements
- Fixed issue of CVE and CWE IDs not displaying in correct format in client findings list
- General CSS enhancements to modals
- Improvements with the storage of values when dynamic scoring for findings (CVSS, CVSS2, etc.) is used
- UX improvements when editing email templates in Admin Dashboard
- Platform-wide consistency on autosave functionality for performance and usability
- Platform-wide consistency on labels and text for usability
- Improved caching and performance
- Fixed issue of scores for some findings being out of sync when imported
- Fixed issue of CVSS score not appearing when editing a finding imported from WriteupsDB
- Fixed issue of some associated assets not showing in the Analytics module Assets tab graphic and table
- New user experience for setting up and configuring two-factor authentication (Profile/Personal Settings)
- Updated all modals to confirm before closing work that any discard of changes by user is intentional
- Ability to select all findings for mass edit and import during an integration upload
- Ability to customize table columns and order on Findings tab in Reports module
- Ability to customize table columns and order on Writeups tab in WriteupsDB module
- Added CVE and CWE IDs to findings detail; tool will check to see if ID is valid based on CVE standards and link to documentation if valid
- Added a CVSS 3.1 calculator to allow users to obtain scores within PlexTrac
- Ability to select all findings for mass edit in the Report module
- Added user notifications for tasks related to changing a score or using new calculator
- Ability to view a finding score in the findings detail modal (between the description and recommendation)
- General usability and design improvements
- Fixed issue of not being able to add IPv6 address when creating a new asset
- Fixed bugs when importing a file from Tenable
- Improved response time when adding large amount of writeups to WriteupsDB module
- Fixed issue of some filters not populating values for asset analytics
- Fixed a bug where client ids were showing instead of names for preset filters
- Updated user experience for importing and configuring parser actions with new descriptions, progress status, and links to documentation
- Added column in Writeups tab of WriteupsDB module to track item’s parent repository
- Ability to copy a writeup from one repository to another (click “Copy to” under Actions column of the writeup in WriteupsDB)
- Fixed issue of HTML syntax appearing in exported reports with a finding or narrative
- Fixed formatting issue of bullet lists in RTF table cell
- Fixed error message that appeared when uploading a Jinja template file to create an export template
- Resolved issue when importing a Nessus file
- New modal design for importing parser files that includes a progression bar
- Fixed issue of a .csv asset not populating fields properly when being imported
- Fixed issue of default WriteupsDB Default Repository not populating correctly with new installation
- Fixed “Client Users Error” 400 incorrectly appearing in some instances when navigating to Client module
- Fixed bug in the applications image upload functionality that prevented users from uploading images within the runbooks edit procedure workflow
- Fixed mapping issues when importing Veracode xml files
- Fixed report logs error when importing a findings file
- Fixed issue with save not working and incorrect permissions generated after creating a new custom role based on the Analyst role template
- Fixed issue with a blank screen on Narratives tab after creating a new report using a report template that had a narratives section
- Fixed issue of search not working in the “Link Writeup” pulldown menu in Admin Dashboard>Tools & Integrations>Parser Actions
- Analytics module pages more printer-friendly
- Performance improvements on Dashboard page load
- Ability to search and filter a list of sections by tags on the Sections tab within NarrativesDB
- Table presentation and caching improvements in Analytics>Trends & SLAs
- SLA information presented on the finding table and finding detail sidebar
- Updates to Inviciti parser integration mappings and support
- Latency improvements when entering data in reports
- Ability to configure date format in Personal Settings to one of the following options: YYYY-MM-DD, DD-MM-YYYY, or MM-DD-YYYY
- Customizable columns for the client findings page
- Improvements for admins to change settings for existing repositories within NarrativesDB and be seen immediately by users with access
- Unicode copy/paste support for umlauts
- Fixed 400 error when adding findings to WriteupsDB via csv upload or from a report
- Fixed Date format of Start Time for Runbook Engagements
- Fixed user access issue in WriteupsDB repository
- Fixed issue of Assessment module not appearing in menu for some customers
- Improved copy/paste formatting from external source to a report
- Contains existing WriteupsDB and new NarrativesDB features
- NarrativesDB allows for the organization, categorization, and management of content to be shared by multiple users and groups for producing reports
- Search enhancements in Content Library
- Search results for repositories and writeups refined based on text entered in search box
- Capability to sort by title field in Content Library repositories
- User management updates across Content Library and Runbooks
- Access to content repositories is governed globally for each repository type by RBAC
- The ACCESS permission enables users to see and use content within content repositories
- The MANAGE permission enables users to manage settings and users of content repositories (who is allowed to view/edit a repo)
- Ability for users with proper RBAC permissions to delete repositories
- Ability to identify the source of a Finding via the Finding Detail modal view (includes manual imports and data from integrations)
- Support of audit tracking when users are added/removed from PlexTrac
- Fixed issue in which some Unicode values were not appearing correctly from source when copy/paste was used
- Communicating age of data within analytics
- Added manual refresh of data for analytics page
- Added ability to create reviewers by state on reports
- Added functionality to sort filters alphabetically
- Changed account lockout behavior to be default, vs opt-in
- Various fixes for log syntax
- Enable account lockouts
- Allow setting createdAt during finding creation
- As a report creator, I can set a report state & assign reviewers
- Writeups Do Not Require a Recommendation
- Reorganized Admin Panel
- Added CKEditor field to findings field template
- Ampersands in Report Custom Fields missing in Word export
- Fixed OWASP Zap Parser Descriptions and Recommendations Fields
- Fixed Jinja Export Error missing type_of_piece
- Fixed import Nipper XML
- Fixed Hyperlink CKEditor formatting export error
- Fixed front end user issue where the user appeared to be part of the default group, but was not. This disallowed ability to give authorize user for client access
- Fixed intermittent Tenant Integration licensing error toast
- CKEditor Code blocks - new lines are now getting created in Word export
- SNOW - resolved issue with hardcoded URL suffix
- Ability to add ports and services to affected assets
- Added notes section to affected assets
- Added evidence section to affected assets
- URL/URI parsing for affected assets Update default table styling for exported Word documents
- Allow use of field templates when creating Writeups in WriteupsDB
- Option to auto-save work when editing narratives
- Ability to set a report state and assign reviewers in report details
- RBAC - separated out commenting and status changes permissions
- Added ability to custom sort findings
- Fixed ability to create Writeup from scratch
- Fixed issue where some SNOW suffix URL’s could not be specified
- Fixed caching issues when editing questionnaires
plextrac/plextracnginx:1.17.3 DIGEST: plextrac/plextracnginx@sha256:49bcd0e6d2793fa4aa06051f91c2cfaac2e60bb288e0213f1ab3c42b54ad8c62
plextrac/plextracapi:1.17.2 DIGEST: plextrac/plextracapi@sha256:00f147ca7b015497da6d78fc90ead9e0f39f4dcc290f6b02e1787e8b59fe97b3
- Released tenable.io, tenable.sc integration
- Enhancements to Affected Assets
- Added ability to edit Affected Assets
- Implemented new design for adding an Affected Asset
- New evidence section URL/URI parsing Notes section
- Added new RBAC permission splitting out comment vs status change in findings
- Added auto-save custom fields, exhibits, code samples when editing a finding
- Added ability to custom sort findings
- Fixed styled text & nested HTML in image captions
- Fixed Auto Numbered captions in CKEditor
- Fixed scenario where missing data in a finding would result in a SDK error
- Fixed MITRE and SCYTHE name consistency in Runbooks
- Fixed contrast for code block text in Dark Mode
- Fixed informational finding parsing in Checkmarx parser
- Fixed issue where custom field search would fail on periods
plextrac/plextracnginx:1.16.10 DIGEST:sha256:c308d650fdd6ff7e7cec56