Release notes

1.2.0 (August 2021)

Highlights: New features and improvements

Synchronization improvements

Canopy now introduces a number of synchronization protocol improvements to make sharing data between Canopy and Portal more useful. This will allow stale and deleted data to be more easily removed from Portal. For further details, see the Canopy release notes

Contact field support

A new Contact field (custom field) type was added to Canopy, and has also been added to the Portal. This will allow requests and questionnaires to have contact specific fields. On Portal, this allows users to add a contact manually, or to search for users via LDAP (if this configuration is enabled).

Self-managed access controls

Portal now introduces self-managed access control, to allow users to invite their team members to collaborate with them on requests and projects.

Bugs

No bug fixes were included in this release.

1.1.0 (May 2021)

Highlights: New features and improvements

Single sign on support via SAML2

Portal adds support for SAML2. This will allow administrators to integrate Portal with SAML2 based authentication backs, and can be used for Single Sign-On.

List search and filtering

It’s now possible to search and filter many of the lists in the user interface. Search filters and combo boxes can be used to narrow down the content that you want to view.

Searching is limited to titles at the moment. This will be expanded in the future.

Bugs

  • [CANP-383] Generated SoWs cannot be downloaded by non-admin users

  • [CANP-261] Typed field components do not render/behave completely like their normal counter parts

  • [CANP-280] Projects view phase start/end dates display “invalid date”

  • [CANP-286] Display issue on assessments view

  • [CANP-291] ReportsList uses report filename as key which is not unique

  • [CANP-309] Ansible requires python2 by default

  • [CANP-312] Questionnaire descriptions are not encoded correctly in Portal

  • [CANP-313] Scoping questions incorrectly sorted

  • [CANP-314] Login screen doesn’t handle narrow windows

  • [CANP-317] Long questions in request wizard wrap incorrectly

  • [CANP-318] Projects page stuck loading if no organizations

  • [CANP-322] Portal’s new request button doesn’t show for users with per organization access

  • [CANP-323] Tests are included in generated python package

  • [CANP-325] Normal users cannot download reports

  • [CANP-326] Normal user cannot upload file to a request

  • [CANP-327] Request cancel does not warn about unsaved changes

  • [CANP-328] Text fields in Request wizard doesn’t allow multiple lines or wrapping.

  • [CANP-330] Long request titles break views

  • [CANP-336] Request list date font style different to other sections

  • [CANP-340] Missing section header for “Organization access” under Admin User Create/Edit

  • [CANP-341] Clicking on an example/evidence in the finding view collapses the target

  • [CANP-342] Evidence title text has a larger font that the target title

  • [CANP-344] loadNoOrganizationsMessageSaga and loadRequestConfirmationTextSaga logs error during normal operation

  • [CANP-350] Reports always shown as draft under project reports list

  • [CANP-353] Organisation list is not sorted

  • [CANP-359] Assessment and Project list “fixed height”

  • [CANP-360] Finding header block rating and status spacing issue

  • [CANP-361] Pre block layout and formatting issues in content fields

  • [CANP-370] Design issues in Dashboard

  • [CANP-377] Fix treatment of reports as generated reports

  • [CANP-382] User uploaded files to a request cannot be downloaded by the user

  • [CANP-384] Fix treatment of generated SoWs

  • [CANP-386] Safely rendered html breaks layout

  • [CANP-388] Errors and warnings in request wizard

  • [CANP-389] Retest update field not being displayed on finding view

  • [CANP-391] Assessments list sorted incorrectly

  • [CANP-392] Assessment view incorrect end date label

Improvements

  • [CANP-239] Third step design issues

  • [CANP-295] Steps and content same width in request wizard

  • [CANP-296] Introduce storybook

  • [CANP-349] Correct build warnings

  • [CANP-355] Project list view: table filtering

  • [CANP-363] Create filter components for all tables

  • [CANP-364] Create component that safely renders HTML without layout issues

  • [CANP-365] Debounce text filter

  • [CANP-368] Login view redesign with SAML button

  • [CANP-238] Date pickers behaviour

  • [CANP-240] Fixed buttons

  • [CANP-241] Fixed app bar

  • [CANP-229] Wizard confirm step summarise request

  • [CANP-215] Wizard confirm step summarise request

  • [CANP-230] Wizard fixed height for consistent button placement

  • [CANP-215] Wizard fixed height for consistent button placement

  • [CANP-182] Customisable request confirmation text

  • [CANP-321] SAML authentication

  • [CANP-331] Assessments top-navigation and assessment list

  • [CANP-348] SAML login support in UI

  • [CANP-215] Wizard UI snag list

  • [CANP-218] Request wizard submit improvement

  • [CANP-224] Date selector behaviour and styling improvements

  • [CANP-292] File download icon styling

  • [CANP-293] Delete button in request create/edit view

  • [CANP-310] Remove auto-logout when user is not assigned to an organization

  • [CANP-332] Improve Breadcrumb component use

  • [CANP-334] Remove assessments from and update Project list view

  • [CANP-335] Change “+Request” button text to “New Request”

  • [CANP-337] Reposition buttons in the admin UI

  • [CANP-338] Create Date component for all formats

  • [CANP-339] User profile view inconsistencies and suggested improvements

  • [CANP-345] Create interactive table for stories and decorators

  • [CANP-347] Extract user admin list and details components

  • [CANP-385] Top nav menu item ordering

  • [CANP-387] Make all table rows’ dividers consistent

  • [CANP-222] Login box improvements

  • [CANP-231] Warn on unsaved state when closing wizard

  • [CANP-236] Wizard design issues

  • [CANP-257] Responsive layouts

  • [CANP-305] Test request flow

  • [CANP-343] Add table filtering to list views

  • [CANP-369] Fix front design issues

1.0.0 (November 2020)

This is an initial production release. Access to Portal at this time is restricted to our early adopters. If you would like to be an early adopter, please contact support@checksec.com

Highlights: First release

Portal represents a new way forward in relation to organizing, tracking and sharing results from security assessments. It aims to provide an alternative to the traditional static document based approach, whilst also allowing users to share documents should then need to maintain their current approach.

Document based reports have been written into auditing and compliance standards, and as such it will be some time before the industry can fully move away from them.

With this initial release of Portal, users are able to:

  • Login and access one or multiple Organizations.

  • Get an overview of their requests, assessments and key recent findings via the Dashboard.

  • Request a new assessment via the “+Request”, and update existing assessment requests.

  • View findings and reports from Assessments.

  • Modify your profile.