Changelog
For Application Updates Please Note:
All customers with a Dash application version below v3.0.0 should follow instructions provided for migration and update or reach out to Dash team for next steps. Dash application updates are applied with minimal customer invention for versions v3.0.0 and above.
Changes in v3.X.X
New Features
Added ComplySource (Beta) - This new version of Dash provides a Beta version of ComplySource, our new Infrastructure-as-Code (IaC) scanning functionality. ComplySource enables teams to connect Github, Bitbucket, and GitLab repositories and scan IaC related files (including Ansible, Terraform, CloudFormation, Dockerfiles, and K8S files) for security and compliance issues. Included in this functionality are the following changes:
Added a new tab in Compliance Center to display ComplySource scans results
Added pages to view Git commits with security scan results
Added pages to view issues scanned IaC files in git repositories and other pages
Added sections and pages to the Action Center with documentation connecting GitHub/Bitbucket/GitLab repositories with ComplySource software and the Dash app.
Added SOC 2 mappings for ComplySource findings
Migrated To SaaS Architecture - Dash is now available as a SaaS application with application infrastructure fully managed by Dash. This enables our team to provide quicker updates and better maintain services for all Dash ComplyOps customers.
Enhancements
Added queue logic for Dash scanning - AWS accounts will now be scanned in-order and with better results
Increased parser limits - Allowing for Dash ingest larger datasets from ComplySource and similar services
Improved Compliance Center loading - Performance improvements have been made to the Compliance Center and individual issue pages to improve loading
Bug Fixes
Fixed issue with counting of EC2 instances.
Improved database startup process after update.
Improved auto-start for application jobs and database services.
Instructions For Updating To v3.0.0
The Dash team has contacted Dash customers with steps for migrating data and using the latest v3.0.0 Dash ComplyOps application. Please contact the Dash team for questions on updating to v3.0.0.
Updates after v3.0.0 will be applied with minimal steps from Dash users.
Changes in v2.9.4
New Features
Updated Account Monitoring and Connection Setup - We have implemented new logic for connecting AWS accounts to Dash monitoring. We have removed specific AWS Organization dependencies and monitoring now includes the following features:
Any AWS account can now be connected to the Dash application. Accounts are connected in the “Settings” by connecting a IAM role via CloudFormation
Each AWS account that is connected to Dash is automatically scanned on recurring scans
This new monitoring functionality replaces previous monitoring functionality therefore all clients updating to v2.9.4 must reconnect accounts for the monitoring setup.
Enhancements
Performance Improvements and Caching - Previously, connecting many AWS accounts or having a large numbers of Compliance Center issues, sometimes led to slower application performance or longer loading times. We have implemented a new caching system that improves loading times and application performance.
Caching is disabled unless there are several hundred compliance issues or more
When caching is enabled, the application preloads/fetches certain results and shows a notice to the user in the Compliance Center.
Improvements to AWS Config Setup - The AWS Config integration has been improved and now has basic multiple account support. Additional AWS regions are supported across the AWS Config integration and results now refresh every 4 hours.
Improved Setup Process - We have changed the setup flow for the Dash application, adjusting for new monitoring options. We have also removed any unnecessary setup steps to streamline the process.
Bug Fixes
Specific Redshift issues have had their descriptions and recommendations updated to provide better clarity around the issues.
Fixed bug where system displayed a different number of issues on the dashboard page and vs compliance center.
Fixed bug for where fast navigation inside app showed blank page on Cloud Overview
Fixed bug with the automatically closing issue if no issue items
Fixed specific Slack integration issues have been resolved in this version
Changes in v2.9.0
New Features
New Billing Process - This version introduces a simpler billing process via AWS Marketplace SaaS Contracts. This new billing process, provides teams with a more predictable monthly bill based on the organization’s cloud resources. Please read the further attached “Instructions For Updating To v2.9.0”
New GDPR/Privacy Policies - We have added a Privacy Policy and Data Protection Policy into the Policy Center. These policies enable teams to create GDPR necessary standards and address privacy standards within the organization.
Compliance Center Findings Report - Teams can now download a report in the Compliance Center providing an inventory of active and resolved compliance issues. We believe this functionality will help teams to better prepare for and provide evidence to auditors and internal security team members.
Enhancements
Improved Home Dashboard Performance - We made several improvements to the home dashboard enabling functions to update with data without refresh.
Updated Dependencies - We have updated several application dependencies for the Dash application.
Bug Fixes
Task Management - Fixed an issue where duplicate tasks.
Instructions For Updating To v2.9.0
Create a Backup of existing application - To ensure that all Dash application data is available, it is important that your team creates a Dash backup. This backup will save all configuration in case of a stack or application issue.
Follow the instructions in the “Backing Up Existing Application Data” section to create a backup and confirm it’s availability.
Confirm that the backup is visible in the settings and then proceed to Step #2.
Subscribe to the New Dash Listing - Navigate to to the new Dash ComplyOps listing on AWS Marketplace.
Login to your AWS account
Select your Dash pricing plan > Subscribe to new Dash listing
You may be directed to a form page to “Add Organization” (with fields for Organization Name, Organization Contact Email, etc)
You can skip this page, since your team has an existing organization/license
Update CloudFormation Stack - Update your Dash application CloudFormation stack to v2.9.0.
Download the latest 2.9.0 CloudFormation template here.
Follow the Dash update instructions to update your stack using the 2.9.0 CloudFormation template.
Login to Dash and confirm that you are able to access the Dash application
Unsubscribe from Old Dash Listing - Once you have confirmed that the new application is operational, unsubscribe from the old Dash application listing.
Login to AWS
In the top search bar navigate to “AWS Marketplace Subscriptions”
Navigate to "Dash ComplyOps" (SaaS listing, not SaaS Contract) > Click the "Manage" button
Click "Actions" > "Cancel Subscription" > Confirm Unsubscribe
Changes in v2.8.1
New Features
Compliance Tasks - [This feature replaces the original Policy Calendar Feature] We originally built the Policy Calendar as a way to track and manage administrative compliance tasks in Dash, but realized that users needed a more fully featured workflow for creating, managing, and handling compliance events. So, in Dash v2.8.1 we have completely reworked the Policy Calendar and have introduced Compliance Tasks. Any previous Policy Calendar events will automatically migrate over to the new Compliance Tasks feature, and clients will be able to enjoy the following features:
Create policy related task as well as custom tasks
Associate tasks with a specific compliance policy
Assign users to compliance tasks
Attach findings and documentation
Set email and Jira task reminders
Separate active and completed tasks
Search tasks and events
Run Dash Scans “on-demand” - Teams can now run Dash scans at anytime by, clicking the “Run Scan” button on the Home Dashboard. This function will run all scans and checks typically performed during Dash daily monitoring.
“Snooze” Compliance Center Issues - Teams can now “Snooze” Compliance Center issues. In individual Compliance Center Issues, users can take the following options:
Snooze a Compliance Center issue for X days - This sends the Compliance Center issue to the “Ignored” state for X days.
Send an email notification to the assigned user - Send the issue to the Assigned User if it still appears after the end of the snooze period.
Enhancements
Compliance Score is Calculated On Each Scan (Daily) - Previously, the Dash Compliance Score was calculated once a week. This made it difficult for users to understand their security progress day-over-day. Starting in v2.8.1, the Dash Compliance Score is calculated after every scan, either daily or whenever a manual scan is conducted.
Improved Compliance Score Calculation - Previously, the Dash “Responsiveness” score was calculated using a time interval that resulted in inconsistent scores. In v2.8.1, we have introduced a new method for calculating “Responsiveness” based on the % of compliance issues your team has worked with over the last month. We believe this will lead to a more consistent compliance score and will continue to improve the Dash scoring process.
Improved Compliance Center “Resolve” Behavior -
Simplified User Roles - Dash has simplified overall user types, into two types of user roles “Administrator” and “User”.
Administrators have the ability to perform all functions across Dash ComplyOps
Users have the ability to perform most actions, but are unable to view “Organization Settings” containing domain name configuration, user invites and other settings. Access to automatic-remediations can be restricted as described below.
Added Options For Automatic Remediation Visibility - Administrators can enable or hide access to “click-to-fix” Dash remediations found in the Compliance Center. Admins can make “click-to-fix” remediations available to “All Users”, “Administrators”, or “Disabled For All Users”.
Updated Lambda Functions Within CF Stack - We have updated Lambda functions to an updated runtime in order to ensure future AWS compatibility.
Bug Fixes
Added Missing Regions to Dash Filtering - “Do Not Filter” settings under Settings > Monitoring Settings was previously missing certain regions in the original dropdown list. v2.8.1 adds these missing regions.
Improved Dash Filtering for Matched Tags - “Do Not Filter” settings under Settings > Monitoring Settings previously had certain issues with filtering by Tags. v2.8.1 resolves many monitoring/filtering issues related to Tags.
Fixed Bug Related to Policy Routing - We resolved an issue related to unexpected routing and navigation in the Policy Center.
Instructions For Updating To v2.8.1
Create Backup - It is recommended that your team create a backup of your Dash ComplyOps application before performing any update.
Update Stack - Update the existing Dash CloudFormation Stack by downloading the latest v2.8.1 CF template and update the CloudFormation stack following the Dash update instructions.
Validate License - Due to certain Lambda function and application changes, your team may need to revalidate your application license after updating to v2.8.1. If at the Dash login screen you see an option to “Validate License” and/or you are unable to login, your team should take these next steps
Click “Validate License” button
Enter your Dash License Key - This key can be found under your CloudFormation Stack > Parameters
Click “Submit”
Once Successfully Validated click “Back”
Clear Browser Application Data - Due to application caching you may not be able to view certain pages and changes to the Policy Center, unless you clear your application. Perform
In Chrome - Right click and select the option “Inspect”
Navigate to the “Application” Tab
Click the “Clear site data” button
Close the Inspect window and refresh the page
Login - You can now login to Dash and see the latest features.