October 31st, 2023
OpenRMF® Professional v2.9.1 Released!
Soteria Software today released an update to its flagship product OpenRMF® Professional!
OpenRMF® Professional version v2.9.1 was released today. This update fixes a few small bugs, adds the latest DISA Checklists as templates for creation and upgrades, allows exporting a compressed eMASS POAM, and adds several charts and reports to show POAM and Compliance data in new ways! See below for the specific updates:
- Added a confirmation on bulk edit checklist vulnerability when resetting the form fields
- Added a POAM export that is grouped by security check / vulnerability combined to show 1 line per grouped vulnerability, versus every single POAM entry in the export
- Added the plugin output and operating system information on each patch vulnerability displayed and in XLSX output
- Allow searching by CCI for bulk edit vulnerabilities as well as Vulnerability Id in system packages
- Added 2 new CCIs for NIST 800-53 REV 5 as of August 01, 2023
- Added a date range parameter for reporting on patch and checklist age
- Added a filter on listing Patch Vulnerabilities by operating system in the reports area
- Added a POAM report to show the number of open items per device, grouped by POAM item type
- Added a report to show all checklist vulnerabilities and the CCIs they reference in a list
- Added a report to show per device/hardware the scores, history, software, hardware, PPSM, and POAM entries all on one screen
- Updated the system package list report to allow ordering by specific vulnerability types and numbers
- Allow grouping by security check / vulnerability in the POAM report area for listing information
- Added a report to show top devices with open checklist and patch vulnerabilities by vulnerability type
- Added a chart showing the number of patches by operating system for a system package
- Added a chart showing the number of patches by Family for a system package
- Added a chart showing the top 20 checklist vulnerabilities open for a system package
- Added a chart showing the top 20 patch vulnerabilities open for a system package
- Added a chart to show the number of checklists by Technology Area
- Added a chart to show total POAM items by type
- Fix for filtering bulk edit checklist vulnerability listings by checklist type
- Fix for filtering POAM from the Evidence listing page when clicking on the POAM Item Id specifically
- Fix for showing checklist history when there are a large number of edits (missing a database field index)
- Fix for mitigations and mitigated spelling incorrectly on a few pages and log entries
- Latest DISA Checklist Templates as of October 26, 2023
More information on the software release and its availability as well as training can be found at their website www.soteriasoft.com.