SureShield Tech Update July 2024

Tech Updates
July 1, 2024

Stay protected from cyber threats with SureShield’s cutting-edge solutions. Discover our latest innovations today:

1. Dashboards and Navigation Updates

The SecurityShield main dashboard has been revamped to display all security data and assets on this page rather than limiting the view to only CRITICAL and HIGH-SEVERITY vulnerabilities and assets.

We have also added the REMEDIATION EFFECTIVENESS widget to the dashboard, allowing for a quick review of remediated vulnerabilities. This widget shows whether the remediations successfully fixed the vulnerabilities and provides counts of fixed instances.

The other SecurityShield data management pages have been reorganized into separate menus at the top, replacing the previous single dropdown menu.

2. Remediation Effectiveness summary in Vulnerability and Asset details pages

The vulnerability details page, accessible by clicking on the vulnerability ID in the vulnerabilities grid, now features a summary grid showing the remediation effectiveness of the vulnerability on assets where the vulnerability has been addressed. This grid’s “IS FIXED” column indicates whether the remediation successfully resolved the vulnerability.

Similarly, the asset details page, accessible by clicking on the host name in the assets grid, also features a summary grid showing the remediation effectiveness of different vulnerabilities on the asset. The “IS FIXED” column in this grid indicates whether each vulnerability on the asset is remediated successfully or not.

3. Remediation Task Management actions

The options to IGNORE, FORWARD, and REASSIGN remediation tasks are now available on the main dashboard. Previously, these options were only accessible on the TASKS detail page.

4. Scanner installer download issue in Firefox

Issues with incomplete file downloads of the security scanner installer in the Firefox browser have been resolved. Now, both the Microsoft Windows and Linux scanner installers can be successfully downloaded using Firefox.

ComplyShield

1. Dashboards and navigation updates

The ComplyShield main dashboard has been revamped to display all controls, policies, worksheets, and POA tasks on this page, rather than limiting the view to only pending/in-progress items.

Also, we have added the REMEDIATION EFFECTIVENESS widget to the dashboard, allowing for a quick review of remediated vulnerabilities. This widget shows whether the remediations successfully fixed the vulnerabilities and provides counts of fixed instances.

The other SecurityShield data management pages have been reorganized into separate menus at the top, replacing the previous single dropdown menu.

When assessing a control, if a Plan of Action (POA) task is created without updating the control status, the tool will automatically set the status to NON-COMPLIANT. Similarly, if any POA task is marked in progress, the tool will automatically update the corresponding control status to REMEDIATION-IN-PROGRESS.

Opening evidence worksheets was timing out due to the API call to the application server taking too long to respond. We have now optimized the API to return data more quickly.

A new Compliance Executive summary report has been added to the IRIS reporting module to include additional implementation status statistics charts based on feedback from the partners.

The old ISO 27001:2013 compliance framework module has now been replaced with the 2022 version.

PartnerShield-1

1. Rainmaker module with Consent Request workflow for scans

The Rainmaker addon module in PartnerShield serves as a comprehensive tool tailored for partners and Managed Service Providers (MSPs), designed to streamline prospect management processes while enhancing customer engagement. Its functionality extends to nurturing prospects through automated checks and facilitating the seamless sharing of reports, thereby augmenting the likelihood of converting prospects into clients. In addition to prospect management, Rainmaker empowers partners to capitalize on upselling opportunities by offering additional modules or services to their existing customer base.

The ATTACK SURFACE EVALUATION engagement tool, which allows partners to scan a prospect’s external-facing IT systems, requires consent from an authorized person within the prospect’s organization. The tool now includes a workflow for requesting and obtaining this consent through a link sent via email. The prospective user can click the link, verify their email address, and provide consent to initiate the scan. The screenshot below illustrates the consent form that is displayed upon clicking the email link.

2. The Remediation Project Manager (RPM) module is ready for the Partner to start preparing Compliance and Security remediation project proposals

The Remediation Projects Manager (RPM) is a specialized automation module designed to enhance the efficiency of project proposal creation and lifecycle management for partners such as Managed Service Providers (MSP) and Managed Security Service Providers (MSSP). Once activated for a partner, the RPM seamlessly integrates with SureShield applications to streamline the process of generating comprehensive and customer-ready Scope of Work (SOW) project proposals.

Please email us at support@sure-shield.com with questions, suggestions, or feedback. Thank you for being a part of our tech community.

Best regards,
Thomas Leahy
SVP, SureShield Inc.

0 replies on “SureShield Tech Update July 2024”