Content matrix

VersionSummary of contentComments
  • GUI updates

  • Improvements for Industry Standards

Can be used with:

  •  8.3.3


Resolved issues

Internal IDTicket IDSummaryAffects Version/s
DASHBOARDS-237823542Unable to access dashboard when SAML keystore is configured using SHA256 algorithm1.16.0


Dashboard supports the SAML Keystore file which is generated using the SHA256 algorithm

To generate a Keystore file with SHA256 algorithm:

keytool -genkey -alias <some-alias> -keyalg RSA -sigalg SHA256withRSA -keysize 2048 -validity 3650 -keystore <samlKeystore.jks>


Resolved issues

Internal IDTicket IDSummaryAffects Version/s
DASHBOARDS-223323034Unable to generate the AEP report through RG command line1.16.0
DASHBOARDS-236223527Tile "Application Components" is never loading1.17.1
DASHBOARDS-2369-Fix console error on API fails1.12.0
DASHBOARDS-2364-Application selector is missing in ED1.18.0


What's New option added

In the left menu panel, an icon "What's New" has been added below the existing Help icon, enabling users to explore the latest released features.

Clicking the What's New icon will redirect to a special documentation page, which contains a brief of release showing the most important updates included in the current (and previous) releases:

Check for update option added

An option, Check for update has been added to the user profile drop down list for Admin users. Clicking the Check for update option will display a dialog box showing the current Dashboard version information, and whether a new version is available:

Check for update option is available only for admin user.

Industry Standard tiles can be created in SD

It is now possible to create industry-standard tiles in the Security Dashboard to display a violation count. Tile can be configured for the following industry standards and their child business criteria:

Tile can be configured as below in ed.json file (formerly ced.json):

Drill down works well if the tile is configured with security metrics ( CISQ-Security or OMG-ASCQM-Security).

            "type": "IndustryStandards",
            { "title": "CISQ Security", "id": "1062104" }  ,
            "color": "dark-blue",
                "col": 3,
                "row": 1,
                "sizex": 1,
                "sizey": 1,
                "max-sizex": 2,
                "max-sizey": 1

Clicking on the tile navigates to Risk Investigation page and the specified Industry Standard will be selected in the Health Factor table. This tile displays N/A if the application does not have data for industry standards and the clicking option is disabled in this case.

Navigate using Industry Standard compliance items

In the Risk investigation view, a filter has been added to list all Assessment Models that are present in the Dashboard schema. The default is set to "AIP Assessment Model" and this is always present. Users will have the option to switch to a different Assessment Model if they have installed one of the available Industry Standard extensions:

The drop-down list will be disabled if no Industry Standard extensions are installed and will instead only show the "AIP Assessment Model".

OWASP will be supported in a future release.

Example showing AIP Assessment Model and additional Assessment Models from Industry Standard extensions:

Click to enlarge

CISQ Assessment Model selected:

Click to enlarge

As a result of the changes described above, the existing Module and Technology filters have been moved to a collapsible menu: