beSECURE

October 2021

Version 21.103

October 3, 2021

Enhancements

  • Tickets Detailed now allows Assignee searching.

  • The Proxy setup value now shows an example to make it easier to configure.

  • The regular login and SAMLv2 (and other SSO) logins have been split to simplify which option to use.

  • CSV Filename (from Graph title) is now used when saving Graphs.

  • Added when tests were last updated to the reports XML .

  • Added the Hide Unschedule option on the Schedule option to improve the user interface.

  • Default Country now automatically selects the system value.

  • Added Test Inclusion to Mass Update of Scans (only had Test Exclusion).

Fixes

  • Fixed an issue with the Permissions Tab searching for values (existing vs new items).

  • Fixed an issue with the Audit table missing its pagination page due to merging of UI with the standard AJAX method.

  • Fixed an issue where the RecordState was used on the wrong table causing the AssignedItem to fail to ignore deleted entries.

  • Fixed an issue where the Create on the Fly contact was re-introduced (it was originally removed due to a coding bug).

  • Fixed an issue where Assets search was lacking Saved Search.

  • Fixed an issue where Reboot and Restart were sharing an Audit code causing user action monitoring confusion.

  • Fixed an issue where the graph binding box was not aligned.

  • Fixed an issue where users using XML preferences were causing an Internal Server Error.

Version 21.102

October 2, 2021

Enhancements

  • Added support for delay in the JavaScript Crawler.

  • Added transition API responses from XML to JSON wherever possible.

  • IS will now report back to the LSS when a scan has been disabled, improving un-syncing handling.

  • Added Scanner Name to the Web Scan column list.

Fixes

  • Fixed an issue where the beSECURE logo was malformed causing it to get blocked by some spam filters.

  • Improved 4ME integration.

  • beSecure now correctly detects notifies a user when a password has been changed.

  • Changed comparison to 'eq' when it is a string and to a '==' when it is an int to improve consistency in handling.

  • Fixed several SSO (SAML)-related issues.

  • Moved the WebScan DB connection code to its own function to prevent unneeded database connections.

  • Removed the Owner column from the tblNotification table to improve performance (always Null and incorrectly referenced as part of the KEY).

  • Disabled SMTP Authentication in the UI if no Username is provided.

  • Switched order of After/Before in UI Search to improve user experience.

  • Changed the Color of Pass (CIS report) to Green from Orange to prevent to improve user experience.

  • 'Please Wait' message now appears on tables being fetched, rather than no-matching-results message.

  • New Contact adding in New Account process has been restored (the option got lost during UI JavaScript migration).

  • Hide Host Information is now correctly stored in the Report Settings.

  • Fixed an issue where tags weren't populated in the Asset Report Generator due to a spelling mistake.

September 2021

Version 21.91

September 1, 2021

Enhancements

  • Migrated Report Settings, Preferences, and Scan Settings from XML to JSON for improved interoperability.

August 2021

Version 21.81

August 1, 2021

Enhancements

  • A new interface is now available to insert results into the database from an XML file.

  • Added CVSv3 to the test list.

  • Focus will now follow the user's integration choices.

Fixes

  • Fixed an issue that prevented saving a Search with no name.

  • Renamed Scan to Web Scan where appropriate (for example, Mass Update).

  • Fixed an issue where PageLimit was not being sent, but rather URLLimit was being used in Mass Update.

  • Fixed an issue where Lost Password was no longer returning a message dialog box.

  • Fixed an issue where Category was missing the Localization option, causing non-translated reports to show no Families.

  • Fixed an issue where creating new Assets made them transparent.

  • Fixed an issue where setting a Tag to an Asset to an item didn't refresh the list.

  • Fixed an issue where the missing '=' in the tag handling caused new tags to not be dynamically created.

  • Fixed an issue that prevented overlapping HTML IDs to avoid Chrome warnings and Firefox errors.

  • Fixed an issue where the CTA for Organization level was creating a Scan level report.

  • Fixed an issue where beSECURE was trying to calculate the size of a Report file even if it did not exist.

  • Fixed several typos in the Account Credentials email.

  • Made an update to ensure the Country code exists prior to inserting it into the DB.

  • Fixed an issue where the Password Generator was not filling the retype password.

  • Fixed an issue where the Vulnerability Age calculation was done on a reduced set, causing it to not return all the results.

  • Fixed an issue where RPC errors on the LSS side were persistent even after the error was corrected.

  • Fixed an issue where the Report Generator/Customization for Vulnerability Age and Asset Tag was not stored/loaded correctly.

June 2021

Version 21.61

June 1, 2021

Enhancements

  • Added Contact person to Report Scheduler.

  • Increased Bruteforce check from 50 to 100 combinations.

  • Added Mass temporary password for Accounts.

  • Differential now shows the Hostname search field.

  • XLSX Ticket report now includes Ticket Comment for ignored tickets.

  • Added DNS, NetBIOS, and Operating system to Results > Search (list and export).

Fixes

  • Updated the default user agent used by Web Scan and Crawler to Chrome.

  • Updated the list of drop-down user agents to modern browsers.

  • Fixed an issue with JSON handling when HASH is inside an ARRAY.

May 2021

Version 21.51

May 1, 2021

Enhancements

  • Added Mass Update to Organization.

  • Events now use use HASH MinMax sorting.

  • Moved more code to client side rendering.

  • Added HelpSystems Intermapper Device Collector.

Fixes

  • Fixed issues with the Risk Assessment report.

  • Fixed issues with the DOM/Crawler selection.

April 2021

Version 21.43

April 3, 2021

Enhancements

  • Added Cisco IOS/IOSXE vulnerability testing (SSH authentication).

  • Improved overall SQL performance in relation to permission checks.

  • Differential Report now supports XLSX.

  • Improved performance on the Scan List page (due to Org List and Contact List AJAX rendering).

March 2021

Version 21.34

March 4, 2021

Enhancements

  • Added first Dark Theme build.

  • Added the SOC2 report format.

  • Added Huawei Device Scanning.

  • Added support for 4me Problem Tracking.

Fixes

  • Fixed Widget Score vs Summary score discrepancies caused by Masked Orgs.

  • Fixed timezone display issues caused by Date of JS being used and the timezone of the user's browser not matching.

  • The Microsoft CIS 2012 standard has been improved to be compatible with newer version of OSCAP.

  • Fixed a typo with Genians NAC integration that was causing the integration to not work properly.

February 2021

Version 21.21

February 1, 2021

Enhancements

  • Added Support Remediation report in CSV format.

  • Added Initial support for Dark Theme.

Fixes

  • Fixed an issue where Summary stats calculation was causing data to be presented incorrectly.

January 2021

Version 21.1

January 1, 2021

Enhancements

  • Reports now show the Scan Date and Next Scan Date.

  • Reports now show the Web Scan Authentication, Scan Date, and Next Scan Date.

  • Added Quick Add Dashboard to allow users to quickly add scans of Cloud/Infrastructure/Website/IoT/Router/.

  • Added Host Information and Major Issues list and Issues graph dashboards.

  • API Keys are now listed with information regarding when they were last used.

  • Organization searching can now stop at the top level to ease locating of values.

  • The PCI screen now allows users who own the Scan to modify the scan schedule.

Fixes

  • Fixed an issue where Google Login did not record the login event.

  • Migrated (and unified) vulnerabilities/report/pcistatus with pci/returnpcistatus.

December 2020

Version 20.121

December 1, 2020

Enhancements

  • Added the ability to export KBs in the CSV format.

  • Added the new Risk Assessments report type.

  • Added monthly 1/10/15/20/25 of the month to the Report Scheduler.

Fixes

  • Fixed misplaced quotes in Vulnerabilities CSV output.

  • Fixed an issue where handleaAknowledge was not calling create Audit Trail.

  • Fixed an issue where Send Report was sending the Scan Level report when org was selected.

  • Fixed an issue that prevented jQuery picking as vulnerable when filename is different.

  • Fixed an issue where the Agent Scanning schedule was becoming stuck and remaining unscheduled.

  • Fixed an issue where the upgrade mechanism was not working on newer the new 64-bit OS platform.

October 2020

Version 20.102

October 2, 2020

Enhancements

  • Added the NIST report.

  • Added the PCI SAQ subsystem to provide PCI customers with the PCI SAQ questioneer field along with their PCIDSS report.

  • Added the ability to export the Tested/Untested list for a Scan.

  • Added Vicarius TOPIA Device Collector.

Fixes

  • Fixed a issue in the OWAS ASVS that prevented it from generating.

September 2020

Version 20.91

September 1, 2020

Fixes

  • Fixed a issue where Embedded Links were still detected if the checkbox was cleared.

  • Fixed an issue where JSCrawler would not correctly handle Submit buttons.

August 2020

Version 20.81

August 1, 2020

Enhancements

  • Added the ability to limit previous scan results by using prevscannumberlimit.

  • The Month Trend report can now include a top and bottom Scan Date.

Fixes

  • Fixed a issued related to Scan Changes when a Web Scan finished.

  • Improved the start time of code by reducing some DB calls when the Crawler starts.

  • Fixed an issue with the auto-generated password requirement.

July 2020

Version 20.72

July 2, 2020

Enhancements

  • Added support for Jamf Integration.

  • Added support for Efficient IP Integration.

  • Added support for Google Cloud Compute Integration.

  • Added support for Palo Alto GlobalProect Integration.

  • Added support for PagerDuty Integration.

  • Added support for Ubiquiti SDN Integration.

  • Added support for SonicWall integration.

  • Added support for SolarWinds RMM Integration.

  • Added support for ConnectWise Integration.

  • Added support for Tufin SecureChange.

June 2020

Version 20.65

June 5, 2020

Enhancements

  • Added support for Agent Scanning.

  • Added the ability to select syslog risk level selection.

  • Added support for Siemplify SIEM.

  • Added support for Infoblox DHCP and DNS.

  • Added support for Azure Sentinel Integration.

  • Moved the following customizations to Administrator control: Show more, show extended time range options, show create new scan, show alarms in menu.

  • Added the ability to allow per-org setting of Scan Range modification without Scanner control.

  • Added new report type OWASP ASVS.

  • Added new report type OWASP Top Ten 2017.

  • Added support for Pulseway Integration.

  • Added support for Atera Integration.

  • Added support for NinjaRMM Integration.

  • Added support for Automox Integration.

  • Updated vulnerability tickets to now appear under the vulnerability details.

  • Added AutoTask DATTO RMM Integration.

Fixes

  • Fixed an issue related to Syslog integration and scan number.

  • Fixed an issue in SAMLv2 setup steps.

  • Fixed an issue where French reports and NBE didn't render correctly.

  • Improved the behavior of scans so that now when they finish, if the DNS and Host field are the same value, the Target IP is used as a means of giving more information.

May 2020

Version 20.51

May 1, 2020

Enhancements

  • Added support for the Asset Group Device Collector.

  • Added support for the Rumble Run Device Collector.

  • Added support for Column re-ordering.

  • Added support for the Azure Compute Device Collector.

  • Added support for the Kaseya VSA Device Collector.

Fixes

  • Fixed a crawling issue when "?" is present in the form action.

April 2020

Version 20.48

April 8, 2020

Enhancements

  • Added support for Wallix Bastion.

  • Improved beSECURE and Metasploit integration through a dedicated module.

  • Added support for Censys and Shodan external (outside) threat information.

  • Added support for Device Collector based on ISC BIND9 file parsing.

  • Added support for Device Collector based on DNS AXFR.

  • Added support for Device Collector based on SNMP Info.

  • Added support for Persistent / New / Remediated on Org level.

  • Added support for Device Collector for eNMS, LibreNMS, Zabbix, ExtraHop.

  • Added support for Device Collector for SolarWinds Orion (Family).

  • Added support for Genians NAC integration.

  • Added support for Device Collector for vSphere.

  • Added support for Osirium PxM.

  • Added support for Device Collector for Genians NAC.

  • Added support for Device Collector for SysAid.

  • Added support for Device Collector for Tufin SecureTrack.

  • Added support for Reposify integration.

  • Added support for Device Collector for AlgoSec AFA.

  • Added support for Device Collector for Illumion PCE.

Fixes

  • Fixed an issue where the Port Range was not handled correctly when the starting number in the range was more than two digits.

Version 20.41

April 1, 2020

Enhancements

  • Added the ability search within the Notification list.

  • Added DeviceCollectorUsedBy returned for Scans (Networks).

  • Added support for ISC DHCPd, OpenVPN Status, and AWS EC2 Device Collectors.

Fixes

  • Changed UsedBy returned for Scans (Networks) to WebScanUsedBy.

March 2020

Version 20.39

March 9, 2020

Enhancements

  • beSECURE now allows comparison (base line) of port ranges by way of OT List.

  • Added an interface for calling Call to Action reports.

  • Updated Assets IT to allow exports into XLSX form.

  • Updated Assets IT to allow comparisons against a baseline.

  • Added support for Portnox ARM integration.

  • Added support for Check Point integration.

  • Added support for Zendesk integration.

  • Asset Automation now support IPv4 range.

Fixes

  • Updated Ping for Wizard to be ON by default.

February 2020

Version 20.24

February 4, 2020

Enhancements

  • Added Column Visibility and Saved Search to Assets -> Search.

  • Added the Export to Assets -> Search page.

  • Updated the Asset Groups export to support the XLSX format natively.

  • Updated the Results Search export to support the XLSX format natively.

  • Updated the Scan List export to support the XLSX format natively.

  • Updated the Tickets/Detailed export to support the XLSX format natively.

Fixes

  • Fixed multiple graph timezone discrepancies.

Back to Beyond Security Products