Skip to main content

Release Notes - 2022-DEC-08

Improved

Issues and remediation

  • Added support for exporting issues to a CSV file, including custom field values. For more information, see Exporting issues.

Control assessments

  • Evaluations are now displayed in My Work below the Evaluations tab, making it easier for users to access their active evaluations.

  • Tasks are now available for evaluations.

  • This feature remains in Managed Rollout (MRO).

Rich text edit

  • Rich text is now available for most multi-line text fields throughout Hyperproof. It’s not currently available on vendor questionnaires and when editing requirements in custom programs.

Automations

  • Added support for creating repeating tasks for scopes! Users with the Scopes functionality enabled can now configure a single repeating task that applies to multiple scopes. Opening the repeating task shows a Scopes tab where users can view and/or edit which scopes the repeating task applies to.

  • Hyperproof now displays detailed test failure information for each failing row in the proof, making it easier to zero in on the failures.

  • For more information see Assigning a task to a scope assignment control.

Hypersyncs and integrations

  • New Hypersync: KnowBe4. Users can collect the following proof types: List of Users, List of Groups, Training Campaigns, and Training Activity.

  • Updated Hypersync: Jira.  Added support for two new proof types: List of Users and List of Groups. These proof types are available in both Jira Server and Jira Cloud.

  • Updated Hypersync: Microsoft Entra. Improved the connection to request a smaller set of scopes.

Program frameworks

  • New framework: PCI 4.0. Note that upgrade maps are not yet defined. These will be updated soon.

  • New framework: GLBA. The Gramm-Leach-Bliley Act (GLBA) requires financial institutions—companies that offer consumers financial products or services like loans, financial or investment advice, or insurance—to explain their information-sharing practices to their customers and to safeguard sensitive data.

  • New framework: BSI C5. Cloud Computing Compliance Controls Catalog (C5) is a German government-backed attestation scheme introduced in Germany by the Federal Office for Information Security (BSI).

  • “Diff” views are now available for updated frameworks; the removed text is red, and the added text is green.

Addressed issues

  • Hyperproof administrators now receive a notification when an organization invitation is accepted.

  • The risk grid now displays Impact Rationale and Likelihood Rationale.

  • Programs, controls, and labels now have the new facepile experience that is explicit about direct members and inherited access. As part of this change, users will inherit contributor permissions instead of read-only permissions.

  • In the proof uploader, problems caused by permissions issues are now reported.

  • Fixed an issue where some proof (Jira, AWS) timed out / couldn’t be previewed.

  • Fixed an issue where setting up an automated test on a label could cause an expected error.

  • Fixed an issue where contacts could be set as issue assignees. Now they can’t.

  • Fixed an issue with scope assignments where the owner of the original single control (from before scope assignments were enabled) becomes a non-removable member of the parent control.

  • Fixed an issue where the orphaned controls badge showed an incorrect count of controls.

  • Fixed an issue with control import where the testing status property was not importing.

  • Fixed a permissions issue affecting prospect Achievers, where users could see Issues they did not have access to.

  • Fixed an issue where an archived organization could generate notification emails.

In this section: