November 29th, 2022
OpenRMF® Professional v2.8.5 Released!
Soteria Software today released an update to OpenRMF® Professional version 2.8.
OpenRMF® Professional version v2.8.5 was released today. There were major performance enhancements to the frontend user interface as well as the backend processing on listing your checklists as well as generating and listing your cyber compliance. This release also included the newer DISA checklists up to November 9, 2022:
- Update for multiple results in a Tanium CSV, cycles through each host/baseline combination and does a lookup on that template type to fill results grouped by host/baseline
- HBSS SCAP processing now correctly
- Saving of Compliance Summary Scores for faster loading and additional reporting of Continuous Monitoring for compliance by family
- Added charts to show compliance percentage by family and by control or subcontrol, current or historical monitoring
- Show all compliance statements in the listing per system package, including those you inherit (cannot edit or remove them from this screen)
- Show all compliance statements, including those you inherit, in the SSP Control to Vulnerability Matrix correctly
- Faster loading of compliance results and pagination/searching
- Faster loading of bulk vulnerability searching for edits and locks
- Asynchronous saving of compliance data generated
- Update for pulling the IP and MAC for non 127.0.0.1 and no 00:00: type MAC addresses with multiple entries (we make them comma separated)
- Update for the System Vuln report to do a "contains" versus "equals" on vulnerability number searching
- Ability to pull multiple checklists for hosts/baseline scans from Nessus Audit Compliance .nessus files for DISA and CIS benchmarks all done in one pass
- Added a visual showing the spinner while uploading and processing larger checklist and patch files
- Added API calls for compliance score and score history
- Allow report for searching on Vulnerabilities to have a partial match for results
- Ability to create Compliance via API call
- Increase timeout for UI upload and backend processing to 10 minutes
- Increase the maximum size of checklist / scan uploads to 100B to allow larger Nessus Compliance and Tanium CSV results
- Increase the timeout in NGINX for uploading large files
- Update NGINX settings for gzip compression on larger data results
- Latest DISA Templates from October and November releases https://public.cyber.mil/stigs/downloads/ -- 98 new or updated checklists
- Fixed bug on date ordering by actual date correctly (date versus a "string")
- Fixed bug on score history always including "current" regardless of filtered date range
- Fixed a bug on compliance saving too large of a record in MongoDB
- Fixed case insensitive "hostname" when uploading CKL, SCAP, Nessus, ARF XML type baseline scan files for checklists in case people use different cases from the scans
- Fixed checklist ZIP download filename when a "/" is in the filename based on STIG type
- Fixed a bug setting POAM status on manually added items
More information on the software release and its availability as well as training can be found at their website www.soteriasoft.com.