Summary: This page describes the new features and bugs that have been fixed in the CAST  Security Dashboard Package 1.16.x.

Content matrix

VersionSummary of contentComments
1.16.x
  • Customer bug fixes
  • Parameter values in App Investigation and Transaction investigation page

  • Module search added to Advanced Search view

  • Report Generator (1.14.0) templates in  Dashboard

  • Remove Solved violations from the Action Plan

  • Add Architecture Model graphical representation and tile

Can be used with:

  • 8.3.3

Resolved issues

Internal IDCall IDSummaryAffects Version/s
DASHBOARDS-199522060Advanced search is not working for technology c++1.13.2
DASHBOARDS-196021900Unable to generate "List of new violation" Report from Dashboard8.3.16
DASHBOARDS-195021944The application still missing from Dashboard after API call with dashboard 1.14.01.14.0
DASHBOARDS-191921771Action plan details displayed in lowercase in dashboard1.13.2
DASHBOARDS-185521495HTML tags not evaluated into the rule description (Dashboard)1.13.2
DASHBOARDS-183416095A Rest API query to pull out all violations from the last snapshot is Dashboard cannot be completed & is impacting all Tomcat applicationNone
DASHBOARDS-157320283Dashboard is showing 20 digits for each percentage in the tooltip1.12.0
DASHBOARDS-192121792In Dashboard, Action Plan, how do we clear the solved items?1.14.0
DASHBOARDS-2055-Display Technical criteria name prefix in Dashboard1.12.0
DASHBOARDS-2041-Rule filter is getting highlighted after removing all violations1.14.0
DASHBOARDS-2015-The action plan table is empty if you search for an object with a single keyword and clear the search field.1.15.0
DASHBOARDS-1994-Violation selection should be disabled for quality manager role in active exclusion view1.15.0
DASHBOARDS-1989-The error message is getting displayed multiple time when sorting the columns1.15.0
DASHBOARDS-1639-Incorrect violation count displays in action plan view if you delete all the violations in the last page1.13.0

Updates 

DASHBOARDS-1999: Parameter values in App Investigation and Transaction investigation page

Clicking a Rule displays the Parameter details section in the App Investigation view and  Transaction Investigation view. This section displays the parameter name, technology, and value for the selected rule.

The parameter detail section also displays the data for a selected rule when no violations exist.  This section displays a message "No parameter details available" if the selected rule does not have parameter details:

DASHBOARDS-1983: Module search added to Advanced Search view

A Module search option is now available in the Advanced Search view:

DASHBOARDS-1996: Add Report Generator (1.14.0) templates to Dashboard

The following new report templates have been added to the Security Reports option:

DASHBOARDS-1998: New option to remove Solved violations from the Action Plan

An option to remove Solved violations has been added. Click the delete icon:

A confirmation dialog box is displayed.

If there is no solved violation, the icon will be disabled.

DASHBOARDS-2049: Architecture model violation tile in the Dashboard

The Architecture Model tile (not available out of the box) displays all Architecture Models that have been assigned to the Application and checked during the snapshot. The tile displays the number of violations/critical violations (depending on the configuration of the criticalsRulesOnly parameter in the tile configuration) per Architecture Model. Clicking an Architecture Model rule will drill down and display the details of the selected rule in the Risk Investigation page.

In a snapshot, if there is no data for architecture rule then it is displayed as "n/a".

Architecture Rule will not be available for the previous snapshot.

This tile should be configured in the panel section of the profile (see Security Dashboard tile management for more details):


{
 "type":"ArchitectureModel",
 "parameters":{
 "business":60016,
 "criticalsRulesOnly":false
 },
 "color":"pale-blue",
  "col":3,
  "row":10,
  "sizex":2,
  "sizey":1,
  "min-sizex":2,
  "min-sizey":1,
  "max-sizex":4,
  "max-sizey":4
},

DASHBOARDS-1693: Architecture Models graphical implementation in Dashboard

A new section called Architecture Model has been added to the Risk Investigation view. It is an interactive graphical representation of the violation of the model.

The diagram displays:

For each red arrow, the number of violations is displayed. The section will be selected by default instead of the violation section.

The nodes are movable, the user can drag and place in the desired position. For each red arrow, the number of violations is displayed. 

When the user clicks on a red arrow, a list of violations is displayed for the objects in violations between the two layers. This is a distinct list of the default view, which contains all the objects in violations irrespective of the layer dependencies. Users can also use the red arrow (click on the red arrow) to refresh the violation table and view the count of distinct violations between the selected layers and the total violation count.

This section display is only for the rule which has architecture model data, when there are no layers it will display a message "No layers available".

DASHBOARDS-2005: Filter impacted object with violations section based on critical/non-critical

By selecting the filter as a critical or non-critical filter, the user can see the violation count of an object based on critical or non-critical violations.