Changes in v2.8.1
Compliance Tasks - [This feature replaces the original Policy Calendar Feature] We originally built the Policy Calendar as a way to track and manage administrative compliance tasks in Dash, but realized that users needed a more fully featured workflow for creating, managing, and handling compliance events. So, in Dash v2.8.1 we have completely reworked the Policy Calendar and have introduced Compliance Tasks. Any previous Policy Calendar events will automatically migrate over to the new Compliance Tasks feature, and clients will be able to enjoy the following features:
Create policy related task as well as custom tasks
Associate tasks with a specific compliance policy
Assign users to compliance tasks
Attach findings and documentation
Set email and Jira task reminders
Separate active and completed tasks
Search tasks and events
Run Dash Scans “on-demand” - Teams can now run Dash scans at anytime by, clicking the “Run Scan” button on the Home Dashboard. This function will run all scans and checks typically performed during Dash daily monitoring.
“Snooze” Compliance Center Issues - Teams can now “Snooze” Compliance Center issues. In individual Compliance Center Issues, users can take the following options:
Snooze a Compliance Center issue for X days - This sends the Compliance Center issue to the “Ignored” state for X days.
Send an email notification to the assigned user - Send the issue to the Assigned User if it still appears after the end of the snooze period.
Compliance Score is Calculated On Each Scan (Daily) - Previously, the Dash Compliance Score was calculated once a week. This made it difficult for users to understand their security progress day-over-day. Starting in v2.8.1, the Dash Compliance Score is calculated after every scan, either daily or whenever a manual scan is conducted.
Improved Compliance Score Calculation - Previously, the Dash “Responsiveness” score was calculated using a time interval that resulted in inconsistent scores. In v2.8.1, we have introduced a new method for calculating “Responsiveness” based on the % of compliance issues your team has worked with over the last month. We believe this will lead to a more consistent compliance score and will continue to improve the Dash scoring process.
Improved Compliance Center “Resolve” Behavior -
Simplified User Roles - Dash has simplified overall user types, into two types of user roles “Administrator” and “User”.
Administrators have the ability to perform all functions across Dash ComplyOps
Users have the ability to perform most actions, but are unable to view “Organization Settings” containing domain name configuration, user invites and other settings. Access to automatic-remediations can be restricted as described below.
Added Options For Automatic Remediation Visibility - Administrators can enable or hide access to “click-to-fix” Dash remediations found in the Compliance Center. Admins can make “click-to-fix” remediations available to “All Users”, “Administrators”, or “Disabled For All Users”.
Updated Lambda Functions Within CF Stack - We have updated Lambda functions to an updated runtime in order to ensure future AWS compatibility.
Added Missing Regions to Dash Filtering - “Do Not Filter” settings under Settings > Monitoring Settings was previously missing certain regions in the original dropdown list. v2.8.1 adds these missing regions.
Improved Dash Filtering for Matched Tags - “Do Not Filter” settings under Settings > Monitoring Settings previously had certain issues with filtering by Tags. v2.8.1 resolves many monitoring/filtering issues related to Tags.
Fixed Bug Related to Policy Routing - We resolved an issue related to unexpected routing and navigation in the Policy Center.
Instructions For Updating To v2.8.1
Create Backup - It is recommended that your team create a backup of your Dash ComplyOps application before performing any update.
Validate License - Due to certain Lambda function and application changes, your team may need to revalidate your application license after updating to v2.8.1. If at the Dash login screen you see an option to “Validate License” and/or you are unable to login, your team should take these next steps
Click “Validate License” button
Enter your Dash License Key - This key can be found under your CloudFormation Stack > Parameters
Once Successfully Validated click “Back”
Clear Browser Application Data - Due to application caching you may not be able to view certain pages and changes to the Policy Center, unless you clear your application. Perform
In Chrome - Right click and select the option “Inspect”
Navigate to the “Application” Tab
Click the “Clear site data” button
Close the Inspect window and refresh the page
Login - You can now login to Dash and see the latest features.