Created by James Hurrell on Jun 27, 2023
Content matrix
| Version | Summary of content | Comments |
|---|
| 2.10.0-funcrel | Updates: - Removal of violations from the Action Plan and Scheduled Exclusion list using the Rules Violation table
- Convertion of an action item into an exclusion
- Automatic assignment of NO_ROLE, when a new profile is created
- Minor UI updates for the CAST Dashboard Administration panel
- Contains customer bug fixes
| Can be used with: |
.
2.10.0-funcrel
Feature Improvements
| Summary | Details |
|---|
| UI - Security Dashboard - Converting an action item into an exclusion | In the rules violation table (available in the Risk Investigation, Application Investigation, Transaction Investigation and Advanced Search pages), it is now possible to move a violation that is already in the Action Plan list into the Scheduled Exclusion list using the "Manage > Manage exclusion of the violations" option. In previous releases it was only possible to do this directly using the Scheduled Exclusion list. See https://doc.castsoftware.com/display/SECURITY/Security+Dashboard+-+Exclusions#SecurityDashboardExclusions-ViatheRiskInvestigation,ApplicationInvestigation,TransactionInvestigationandAdvancedSearchviews. |
| UI - User Authorization roles - Read-only [NO_ROLE] role | The NO_ROLE role (read-only role) has now been made available for selection in the CAST Dashboard Administration panel for all Dashboards (in previous releases this role was not available for selection). When a new profile is created, the NO_ROLE role will be automatically assigned. See https://doc.castsoftware.com/display/DASHBOARDS/User+roles+-+2.x+and+above. |
| UI - Security Dashboard - Remove violations from the Action Plan and Scheduled Exclusion list using the Rules Violation table | In the rules violation table (available in the Application Investigation, Risk Investigation, Transaction Investigation and Advanced Search pages), it is now possible to remove violations from the Action Plan and the Scheduled Exclusion list using the "Manage > Remove from Action list" and the "Manage > Remove from Scheduled List" options. In previous releases it was only possible to remove violations directly using the Action Plan or the Scheduled Exclusion list. See https://doc.castsoftware.com/display/SECURITY/Security+Dashboard+-+Action+Plan#SecurityDashboardActionPlan-Removingviolations(objects)fromtheActionPlan and https://doc.castsoftware.com/display/SECURITY/Security+Dashboard+-+Exclusions#SecurityDashboardExclusions-removeRemovingviolations(objects)fromtheExclusionlist. |
| UI - User Authorization - Users/Groups panel - Remove SAML/LDAP users/groups | A remove option is now available for selected SAML/LDAP users/groups in the CAST Dashboard Administration panel for all Dashboards. See: https://doc.castsoftware.com/display/DASHBOARDS/User+roles+-+2.x+and+above#Userroles2.xandabove-Users/Groupspanel. |
| UI - User Authorization - Users/Groups panel - Search | A search option is now available in the column header for the Users/Groups panel in the CAST Dashboard Administration interface, allowing you to search for users/groups that have already been granted a profile. See: https://doc.castsoftware.com/display/DASHBOARDS/User+roles+-+2.x+and+above#Userroles2.xandabove-Users/Groupspanel. |
Other Updates
| Internal Id | Details |
|---|
| DASHBOARDS-4890 | A change has been made to improve overall performance of the CAST Security Dashboard when a large number of domains are configured in the domains.properties file. This change is aimed at improving the loading time of the Home page and the Application selection page. |
| DASHBOARDS-4906 | Fixes an issue where the diagnostic.html page was found to be accessible by users without the ADMIN role. Only users with the ADMIN role can now access this page. |
| DASHBOARDS-4864 | Fixes an issue where the result of the "Check for update" option available in the UI was displaying incorrect information. |
Resolved Issues
| Customer Ticket Id | Details |
|---|
| 38908 | Fixes an issue where rules are duplicated (i.e. displayed twice) in the UI when the criticality of the rule (attached to new custom technical criterion) is changed. |
| 38744 | Fixes an issue causing some UI elements (the violations download icon) to be hidden when the "no license" warning banner is displayed in the UI. |
| 39244 | Fixes an issue causing an unsuitable error message to be displayed when logging in and a timeout occurs. |
| 39389 | Fixes a performance issue found in Security Dashboard. Due to multiple API calls performance was affected, after the fix the number of API calls is reduced. |
