This document provides the most recent summaries release notes for Zercurity.
- Added, overhaulled the compliance user interface. Zercurity now proviers better visibility of failing compliance rules.
- Added the ability for users to now create their own compliance frameworks and rules.
- Added an additional cookie to track the last company you were working on in the event of a full page navigation.
- Fixed an issue when checking for Windows disk encryption
- Fixed an issue when trying to filter issues for backlogged items
- Fixed an issue where some interfaces were missing if they had none or an invalid netmask
- Fixed an issue where if a logged in user was deleted. They would start getting errors from the UI. They are now instead gracefully logged out.
- Global events will now only show the last 7 days in the UI by default
- ALPHA - Workflows new UI components added for a better visulisation of state between actors.
- The compliance API has been completly reworked. The existing API resources still exist but now return additional information. There are now new APIs to create new compliance namespaces and create and edit rules.
- Added the ability to now force an update of every asset component, disk info, device info, updates etc.
- Added a new vulnerability view under each asset
- Fixed font awesome icon packs not showing sometimes
- Fixed issues regarding Windows updates being marked as missing when they were in fact installed
- Fixed an issue where issue components kept removing themselves
- Fixed a bug for UI CVE names
- Fixed an issue when sorting issues
- Update asset network history is now stored instead of a snapshot to help aid network discovery
- Updated the colour or tags to be the same across the application when denoting Critical, High, Medium or low tasks
- ALPHA - JIRA integration added
- ALPHA - Workflows made available for testing
- Zercurity reports have now been bumped to version 2. Changes have been made to the issues object to better summerise issue activity
- Added issues. Zercurity will now create issues for risks that need to be addressed. Issues can be marked as acknowledged to suppress them. Zercurity will use these issues to trigger future workflows to automate tasks.
- Added the ability to create assets manually as a discovered asset. You can import asset inventories from external sources to marry up what assets Zercurity has discovered versus those enrolled. Assets can also now be tagged with barcodes.
- Added windows patch management. Zercurity can now automatically work out what patches have not been applied to a system as well as the vulnerabilities the un-patched system are vulnerable too.
- Added Osquery progress tracking. The UI will now show the number of assets a given query has been run against.
- Updated assets view to show compliance, update and vulnerability issues.
- Zercurity will now check the last time we received events for Osquery and Google Santa. Should we not receive telemetry for a month or more an issue will be raised.
- Improvement all mac addresses are now presented as lowercase. Zercurity will now accept a range of mac address formats via the API e.g. (aa:bb:cc, aabbcc, aa-bb-cc).
- Fixed an issue when running queries against teams, resulting in an error.
- Fixed an issue for drop-downs with more than 50 items. Zercurity will now collapse menu items down into searchable lists.
- Fixed some UI bugs that in certain cases the browser would go blank.
- Added the ability to add assets to asset discovery
- Added the ability to assign serial numbers in asset discovery
- Added the ability to assign owners in asset discovery
- Added the ability to change the type of an asset in asset discovery. Zercurity will try and guess the type based on the discovered MAC address
- Added type filter for assets
- Added “open in new tab” support to links
- Updated the help menu to provide more support options if the chat window fails to load (usually due to browser plugins)
- More performance improvements.
- Fixed column sort for certificates
- Migrated to new AWS lambda function version for package deployment and builds
- Released zercurity-2.2.pkg. MacOSX Osquery now installs to the /usr/local/zercurity/. Deploying the new release to remove the existing Osquery daemon and move it to the new directory to avoid conflicts with other software using Osquery such as JumpCloud.
- BETA - New issues view for assigned users
- Added issues platform now in Alpha. Any problems that are detected are now managed as a ticket.
- Added the ability to remove FIM rules.
- Added the ability to view deployed FIM rules.
- Lots of improvements to performance. We’ve spent a lot of time performance profiling the platform.
- Improved Ubuntu CVE parser
- Fixed encryption marking for disks in the UI. No longer just marking parent disks
- Added G-suite integration is now publicly available
- Added more Windows event parsing/handling to SIEM with improved event tagging
- Updated Osquery to 3.4.0
- Fixed Windows MSI now works for non-english installations
- Fixed a bug where not all packages would be displayed on both the dashboard and packages page
- Fixed an issue with the Hawk API not accepting API keys as they weren’t encoded.
- Added API Key support using the Hawk authentication method. Please see our API docs for more information https://api.zercurity.com/
- Fixed a bug when creating new users that would cause the page to go blank
- Added a new asset login section. This section details all the local and remote login sessions made against the asset. This view also includes the processes and commands run during the session.
- Added better error handling around user signups
- Added the ability to run distributed queries via teams
- Added the ability to download invoices from the billing section
- Added Geo-location to both assets, asset login history and asset location history even if no wifi survey is available.
- Added the ability to now label discovered assets to help inform network connections
- Improved page loading around assets and process exploration
- Improved the billing page to express the minimum and maximum billing for assets
- Fixed some issues around the processes explorer incorrectly identifying socket sessions
- Fixed password complexity test when resetting a user’s password via password reset request
- New user interface. Menus have been moved the left hand toolbar.
- Added breadcrumbs to help navigate investigation workflows.
- Added process explorer to see a processes execution tree, including the risk of each parent process. Useful for post-breach investigations.
- Added socket tracking for processes. You can now see all the network connections made by a given processes. Network risk will be tracked in an upcoming release.
- Process execution states are now tracked correctly based on whether binaries are known or unknown.
- Assets, applications, packages etc. All now have individual risk categories; Overall risk, outdated, vulnerabilities and malicious risk.
- Top level sections; assets, applications, packages etc. Are now sortable.
- Fixed weekly report calculations for week-on-week percentile comparisons.
- Fixed error handling on fields to correctly show the reported error message.
- Fixed the MacOSX installer to work with MDM deployments such as JAMF.
- Added Debian (8/9), CentOS (6/7), Windows (7/10), MacOSX (10.14) CIS benchmarking including more than 5k new compliance tests.
- Added a new compliance radar on the dashboard to quickly show you across your platforms where certain security configurations are falling down.
- New compliance dashboard that shows your weekly progress and where you need to improve and how you compare against your peers.
- Fixed some enrollment issues when re-installing over an existing installation to correctly clear and re-sync Santa rules.
- Added a new application risk history tab to show how we’ve derived a risk score for a given application.
- Optimised process fetching and hashing to reduce the load on the remote system.
- Restrict the data being shown for assets to the last 90 days for non-subscription customers.
- Added CVVSv3 scores to vulnerability data.
- Weekly compliance report.
- Daily summarisation of a companies cybersecurity posture. Including the ability to scrub backwards through time to review progress.
- Added Issues tab to the Asset information page. To help better identify and address outstanding issues.
- Added new vulnerabilities section.
- Added network asset discovery and detection of device types based on their mac address.
- Added new compliance dashboard for BETA availability.
- File integrity monitoring (FIM) support is now available to everyone.
- Fixed some spelling and grammar mistakes.
- Added support for Mac OSX apple system logs, Linux syslog and Windows events. Zercurity now agregates all these events into one place.
- Added a new assets view that highlights outstanding compliance issues.
- Updated the osquery test suite to 3.2.6
- Fixed an issue that caused mac OSX machines to enroll slowly when downloading rulesets.
- Fixed some issues with shareable links. Which sometimes didn’t load due to the browser caching the response.
- Updated the Osquery results tab to allow you so share the results of a query.
- Updated the way tabbed sections work so that REST API requests are abandoned if the user navigates away.
- Added packages pane. Just like with applications, you can now see and search all of your packages in one place.
- Added new search filters, to help quickly sort through items. For example; you can now filter results to just high risk items.
- Updated the dashboard. New fresh look with quick links to high risk items.
- Updated the login lockout window. Now provides a more helpful error message.
- Moved to the Nivo charting library.
- Fixed an API issue with the /teams resources. Sometimes not showing teams after an asset had been removed.
- Added an event for new application installations.
- Added an event for new package installations.
- Added remediation information and actions for malicious applications and packages.
- Added email alerts for when an assets risk profile changes. These notifications can be disabled from the user settings pane.
- Updated device events for newly attached devices. Old device events have been removed but can be found under device audit.
- Fixed package version ordering information as sometimes the order was incorrect.
- Upgraded Osquery to 3.2.6
- Upgraded Google Santa to 0.9.26 and added signed MDM config for OSX
- Fixed a UI bug when creating a new Santa rule that would cause the screen to go white.
- Added vulnerability information to packages that are installed on Ubuntu and Debian assets.
- Updated certificates section to paginate applications, rather than the top 50.
- Updated devices section to paginate assets, rather than the top 50.
- Updated our email templates for GDPR compliance.
- Updated out documentation to reflect the /packages API.
- Upgraded UI JS components to the latest versions.
- Added intercom support so that users can message us with feedback and support questions.
- Added support to unsubscribe from email alerts and newsletters.
- Added wifi support to network interfaces under windows.
- Upgraded UI JS components to the latest versions.
- Fixed an issue with duplicating packages under windows.
Older release information has been pruned.