Changes in v2.9.4
Updated Account Monitoring and Connection Setup - We have implemented new logic for connecting AWS accounts to Dash monitoring. We have removed specific AWS Organization dependencies and monitoring now includes the following features:
Any AWS account can now be connected to the Dash application. Accounts are connected in the “Settings” by connecting a IAM role via CloudFormation
Each AWS account that is connected to Dash is automatically scanned on recurring scans
This new monitoring functionality replaces previous monitoring functionality therefore all clients updating to v2.9.4 must reconnect accounts for the monitoring setup.
Performance Improvements and Caching - Previously, connecting many AWS accounts or having a large numbers of Compliance Center issues, sometimes led to slower application performance or longer loading times. We have implemented a new caching system that improves loading times and application performance.
Caching is disabled unless there are several hundred compliance issues or more
When caching is enabled, the application preloads/fetches certain results and shows a notice to the user in the Compliance Center.
Improvements to AWS Config Setup - The AWS Config integration has been improved and now has basic multiple account support. Additional AWS regions are supported across the AWS Config integration and results now refresh every 4 hours.
Improved Setup Process - We have changed the setup flow for the Dash application, adjusting for new monitoring options. We have also removed any unnecessary setup steps to streamline the process.
Specific Redshift issues have had their descriptions and recommendations updated to provide better clarity around the issues.
Fixed bug where system displayed a different number of issues on the dashboard page and vs compliance center.
Fixed bug for where fast navigation inside app showed blank page on Cloud Overview
Fixed bug with the automatically closing issue if no issue items
Fixed specific Slack integration issues have been resolved in this version
Changes in v2.9.0
New Billing Process - This version introduces a simpler billing process via AWS Marketplace SaaS Contracts. This new billing process, provides teams with a more predictable monthly bill based on the organization’s cloud resources. Please read the further attached “Instructions For Updating To v2.9.0”
Compliance Center Findings Report - Teams can now download a report in the Compliance Center providing an inventory of active and resolved compliance issues. We believe this functionality will help teams to better prepare for and provide evidence to auditors and internal security team members.
Improved Home Dashboard Performance - We made several improvements to the home dashboard enabling functions to update with data without refresh.
Updated Dependencies - We have updated several application dependencies for the Dash application.
Task Management - Fixed an issue where duplicate tasks.
Instructions For Updating To v2.9.0
Create a Backup of existing application - To ensure that all Dash application data is available, it is important that your team creates a Dash backup. This backup will save all configuration in case of a stack or application issue.
Follow the instructions in the “Backing Up Existing Application Data” section to create a backup and confirm it’s availability.
Confirm that the backup is visible in the settings and then proceed to Step #2.
Subscribe to the New Dash Listing - Navigate to to the new Dash ComplyOps listing on AWS Marketplace.
Login to your AWS account
Select your Dash pricing plan > Subscribe to new Dash listing
You may be directed to a form page to “Add Organization” (with fields for Organization Name, Organization Contact Email, etc)
You can skip this page, since your team has an existing organization/license
Update CloudFormation Stack - Update your Dash application CloudFormation stack to v2.9.0.
Unsubscribe from Old Dash Listing - Once you have confirmed that the new application is operational, unsubscribe from the old Dash application listing.
Login to AWS
In the top search bar navigate to “AWS Marketplace Subscriptions”
Navigate to "Dash ComplyOps" (SaaS listing, not SaaS Contract) > Click the "Manage" button
Click "Actions" > "Cancel Subscription" > Confirm Unsubscribe
Changes in v2.8.1
Compliance Tasks - [This feature replaces the original Policy Calendar Feature] We originally built the Policy Calendar as a way to track and manage administrative compliance tasks in Dash, but realized that users needed a more fully featured workflow for creating, managing, and handling compliance events. So, in Dash v2.8.1 we have completely reworked the Policy Calendar and have introduced Compliance Tasks. Any previous Policy Calendar events will automatically migrate over to the new Compliance Tasks feature, and clients will be able to enjoy the following features:
Create policy related task as well as custom tasks
Associate tasks with a specific compliance policy
Assign users to compliance tasks
Attach findings and documentation
Set email and Jira task reminders
Separate active and completed tasks
Search tasks and events
Run Dash Scans “on-demand” - Teams can now run Dash scans at anytime by, clicking the “Run Scan” button on the Home Dashboard. This function will run all scans and checks typically performed during Dash daily monitoring.
“Snooze” Compliance Center Issues - Teams can now “Snooze” Compliance Center issues. In individual Compliance Center Issues, users can take the following options:
Snooze a Compliance Center issue for X days - This sends the Compliance Center issue to the “Ignored” state for X days.
Send an email notification to the assigned user - Send the issue to the Assigned User if it still appears after the end of the snooze period.
Compliance Score is Calculated On Each Scan (Daily) - Previously, the Dash Compliance Score was calculated once a week. This made it difficult for users to understand their security progress day-over-day. Starting in v2.8.1, the Dash Compliance Score is calculated after every scan, either daily or whenever a manual scan is conducted.
Improved Compliance Score Calculation - Previously, the Dash “Responsiveness” score was calculated using a time interval that resulted in inconsistent scores. In v2.8.1, we have introduced a new method for calculating “Responsiveness” based on the % of compliance issues your team has worked with over the last month. We believe this will lead to a more consistent compliance score and will continue to improve the Dash scoring process.
Improved Compliance Center “Resolve” Behavior -
Simplified User Roles - Dash has simplified overall user types, into two types of user roles “Administrator” and “User”.
Administrators have the ability to perform all functions across Dash ComplyOps
Users have the ability to perform most actions, but are unable to view “Organization Settings” containing domain name configuration, user invites and other settings. Access to automatic-remediations can be restricted as described below.
Added Options For Automatic Remediation Visibility - Administrators can enable or hide access to “click-to-fix” Dash remediations found in the Compliance Center. Admins can make “click-to-fix” remediations available to “All Users”, “Administrators”, or “Disabled For All Users”.
Updated Lambda Functions Within CF Stack - We have updated Lambda functions to an updated runtime in order to ensure future AWS compatibility.
Added Missing Regions to Dash Filtering - “Do Not Filter” settings under Settings > Monitoring Settings was previously missing certain regions in the original dropdown list. v2.8.1 adds these missing regions.
Improved Dash Filtering for Matched Tags - “Do Not Filter” settings under Settings > Monitoring Settings previously had certain issues with filtering by Tags. v2.8.1 resolves many monitoring/filtering issues related to Tags.
Fixed Bug Related to Policy Routing - We resolved an issue related to unexpected routing and navigation in the Policy Center.
Instructions For Updating To v2.8.1
Create Backup - It is recommended that your team create a backup of your Dash ComplyOps application before performing any update.
Validate License - Due to certain Lambda function and application changes, your team may need to revalidate your application license after updating to v2.8.1. If at the Dash login screen you see an option to “Validate License” and/or you are unable to login, your team should take these next steps
Click “Validate License” button
Enter your Dash License Key - This key can be found under your CloudFormation Stack > Parameters
Once Successfully Validated click “Back”
Clear Browser Application Data - Due to application caching you may not be able to view certain pages and changes to the Policy Center, unless you clear your application. Perform
In Chrome - Right click and select the option “Inspect”
Navigate to the “Application” Tab
Click the “Clear site data” button
Close the Inspect window and refresh the page
Login - You can now login to Dash and see the latest features.