Skip to main content

Cumulative release notes for 2023

This is a condensed version of Hyperproof’s 2023 release notes focusing solely on additions and improvements. Hyperproof operates on a three-week sprint schedule. For other release notes see: Hyperproof release notes

2023-DEC-21

Full release notes: Release Notes - 2023-DEC-21

  • Support for exporting evaluations to CSV and XLSX

  • Improved the Teams functionality and renamed it ‘Scopes’.

  • API calls involving Teams have been deprecated with the change from Teams to Scopes.

  • Access reviews in managed rollout

  • New HypersyncRapid7

  • Updated HypersyncGoogle Workspace Platform. Added support for the List of Chromebook Devices proof type.

  • Updated HypersyncGitHub. Added support for the List of Pull Requests with merger and merger date.

  • Updated HypersyncAWS. Added support for the List of SSO Users proof type.

  • Updated HypersyncJumpCloud. Added support for the Policy Group Results proof type.

  • Updated framework: NYDFS, 2023 amendments is now available. Includes crosswalks and framework upgrade map, but not controls.

  • Updated framework: Australia ISM for IRAP and ASD, December 2023 version is now available. Includes framework update map, crosswalks, and controls.

  • Updated framework: TISAX VDA ISA 5 now includes illustrative controls.

2023-NOV-30

Full release notes: Release Notes - 2023-NOV-30

  • Access reviews in managed rollout

  • Updated HypersyncAWS was updated with 1 new proof. (Case # 00006845)

    • List SAML Providers

  • Updated HypersyncOkta was updated with 2 new proof types. (Case # 00004741, 00004913, 00006903)

    • List of Admins

    • List of Users with MFA

  • Updated HypersyncGitHub updated with 1 new proof. (Case # 00005939)

    • List of Team Members

  • Updated HypersyncGoogle Workspace Platform was updated with 2 new proof types. (Case # 00005608)

    • List of Users - MFA Verification

    • List of SAML Providers

2023-NOV-09

Full release notes: Release Notes - 2023-NOV-09

  • Access reviews in managed rollout

  • Hyperproof users with the ‘User’ role are now taken directly to the Work items tab when they log in.

  • Two new Hypersyncs: Paycor and Wave (via Finch). Added two new proof types: List of Users and List of Change in Employee Status.

  • Updated Hypersync: AWS. Added four new proof types: Asset Inventory, S3 Bucket Lifecycle Configuration, S3 Bucket Object Lock, and S3 Bucket Access Control List.

  • Updated Hypersync: Google Cloud Platform. Added one new proof type: Compute Engine - Persistent Disk Encryption.

  • Updated Hypersync: Google Workspace Platform. Added one new proof type: Cloud Identity - List of Inbound SAML SSO Profiles.

  • Updated file service integration: SharePoint. Added support for Dedicated Teams Sites, including LiveSync. Also reorganized how Hyperproof displays SharePoint content to more closely match what customers see in SharePoint.

  • Updated framework: Cisco CCF Controlsv2.  and crosswalks included.

2023-OCT-19

Full release notes: Release Notes - 2023-OCT-19

  • Audit requests as work items are now available for all organizations.

  • Editable proof facepiles.

  • The last login date field in the People page under Settings.

  • Updated Hypersync: Google Cloud Platform. Added two new proof types.

  • New framework: DORA

2023-SEP-21

Full release notes: Release Notes - 2023-SEP-21

  • Many quality improvements.

  • The Hyperproof API now includes support for tasks.

  • Updated Hypersync: Azure. Added one new proof type.

  • Updated Hypersync: Jamf. Added four new proof types.

  • Updated Hypersync: Google Cloud Platform. Added two new prooftypes.

  • Updated Hypersync: Snowflake. Added two new prooftypes.

2023-SEP-07

Full release notes: Release Notes - 2023-SEP-07

  • The Hyperproof API now includes support for programs.

  • Updated Hypersync: Azure was updated with 11 new proof types: now has support for AWS GovCloud instances.

  • Updated Hypersync: Azure. Added 11 new proof types.

  • Updated Hypersync: Microsoft Entra ID (formerly Azure AD). Added one new proof type.

  • Added two new Webtrust frameworks.

2023-AUG-10

Full release notes: Release Notes - 2023-AUG-10

  • Requirement assessments are now available for all organizations.

  • New framework: Bank Secrecy Act Compliance Program (BSA).

  • New framework: FFIEC Cybersecurity Assessment Tool (CAT).

  • New framework: Adobe Common Controls Framework (CCF).

  • Updated Hypersync: Microsoft Entra ID (formerly Azure AD). Added one new proof type.

  • Updated Hypersync: Azure. Added six new proof types.

2023-JUL-20

Full release notes: Release Notes - 2023-JUL-20

  • Added support for using screenshots as proof.

  • Users can now “paste an image” as proof

  • Added support for connection health.

  • New framework version: AICPA SOC 2 - 2017 Trust Services Criteria (With Revised Points of Focus – 2022).

  • New framework: Cybersecurity Capability Maturity Model (C2M2) v2.1.

  • New framework version: FedRAMP rev 5.

  • New framework version: SCF rev April 2023.

  • New framework version: Microsoft SSPA DPR v8.

  • New framework version: NIST 800-171r2.

2023-JUN-29

Full release notes: Release Notes - 2023-JUN-29

  • Audit requests as work items in MRO

  • Audit requests now have facepiles

  • Audit requests can now be made private

  • New Hypersync: F5 (formerly ThreatStack). Users can collect the following proof types: List of Users and List of Rules.

  • New framework: The Americans with Disabilities Act (ADA) and Web Content Accessibility Guidelines (WCAG) v2.2. This program combines Title I and Title III of the Americans with Disabilities Act (ADA) with the Web Content Accessibility Guidelines (WCAG) v2.2.

2023-JUN-08

Full release notes: Release Notes - 2023-JUN-08

  • Tasks now have an explicit facepile that identifies who has direct and/or inherited access and allows users to be added/removed.

  • New framework: ISO 21434:2021. This framework addresses the cybersecurity perspective in the engineering of electrical and electronic (E/E) systems within road vehicles.

  • New framework: IBM Cloud Framework for Financial Services. This framework is designed to help address the needs of financial services institutions with regulatory compliance, security, and resiliency during the initial deployment phase and with ongoing operations.

  • New framework version: PCI v4 SAQ A.

  • New framework version: BSI C5 v2020.

  • Many bug fixes and quality improvements.

2023-MAY-11

Full release notes: Release Notes - 2023-MAY-11

  • New Hypersync: Wiz. Users can collect proof based on the following proof types: List of Users and List of Vulnerabilities.

  • New framework: ISO 17025. This framework specifies the general requirements for the competence, impartiality, and consistent operation of laboratories.

  • New framework version: TX-RAMP 2.0.

  • New framework version: Webtrust for CAs - Extended Validation SSL v1.8.

  • Administrators can now import contacts. To do so, go to Settings > People, and then click Import.

  • Users can now delete tasks. To do so, go to My Work > Tasks, select one or more tasks, and then click Delete.  Like other bulk edit actions, Delete is grayed out if you don’t have permission to delete that task.

  • Changed the Starts repeating property of repeating tasks to be editable again. Previously, this property was intentionally made to be read-only. Thanks to your feedback, we learned that many users need this option!

  • Updated the left navigation menu when it is in a collapsed state. Icon labels have been replaced with tooltips.

  • Improved how proof works with scope assignments. Where a list of proof is shown, the list can now be sorted by scope name by clicking the column header. Proof can now be searched via scope name.

2023-APR-20

Full release notes: Release Notes - 2023-APR-20

  • Updated Hypersync: GitHub. The Organization Members proof type now has a new configuration field, Filter people, which allows users to select Member, Owner, or Outside Collaborator.

  • New framework version: Webtrust Principles & Criteria for CAs v2.2.2 (latest version)

  • New framework version: Webtrust: SSL Baseline with Network Security v2.7 (latest version)

2023-MAR-30

Full release notes: Release Notes - 2023-MAR-30

  • Requirement assessments are now in MRO.

  • Control assessments are now available for all users.

  • Risk Register now supports multiple registers.

  • Advanced mitigation is now available for all users.

  • Improved My Work dashboard.

  • New Hypersync: Checkmarx SCA. Users can collect the following proof types: List of Users, List of Vulnerabilities, and List of Projects.

  • Updated Hypersync: GitHub. The Branch Protection proof type now includes a Require Status Checks to pass before merging field, a field very suitable to automatic control testing.

  • Updated Hypersync: Crowdstrike. The List of Hosts proof type now includes an optional Platform criteria filter, allowing users to filter down to a smaller set of data.  Hyperproof now handles the scenario where a user’s criteria bring in more than 10,000 hosts, which exceeds Crowdstrike’s API limit.

  • New framework: CMS IS2P2 v3.0: CMS Acceptable Risk Safeguards 5.0x and Information Systems Security and Privacy Policy.

  • New framework: CMS MARS-E v2.2: CMS Minimum Acceptable Risk Safeguards for Exchanges (MARS-E) Harmonized Security and Privacy Framework.

  • New framework upgrade map: PCI DSS 3.2.1 → 4.0.

2023-MAR-9

Full release notes: Release Notes - 2023-MAR-09

  • M2M API authentication - Hyperproof now supports two API client types: service account and personal. For more information, see Enabling M2M API authentication.

  • New framework: OWASP ASVS.

  • New framework: PIPEDA.

  • Updated crosswalks: PCI DSS 4, LGPD, CSA 4, ISO 27001-2022, and TISAX

  • The automated testing feature is now available for all users! See Automated control testing.

  • Updated Hypersync: Microsoft Entra ID (formerly Azure AD). The List of Users proof now includes the last password change date.

2023-FEB-16

Full release notes: Release Notes - 2023-FEB-16

  • Added support for exporting issues to Excel.

  • The Hypersync SDK is now available! The SDK has documentation including instructions for getting started. Documented samples and templates are also available to speed up your development. We also have a Community forum topic exclusively for the Hypersync SDK where you can post questions and provide feedback.

  • New Hypersync: GitLab Self-Managed.

  • Updated Hypersyncs: GitHub, KnowBe4, Qualys.

  • The Confluence integration now supports LiveSync for on-prem Confluence deployments.

  • New framework: ITAR Compliance Program.

  • Updated framework: SCF.

2023-JAN-26

Full release notes: Release Notes - 2023-JAN-26

  • Hyperproof Community: The user community—a place where you can find solutions, ask questions, and engage with a growing community of Hyperproofusers—is now live! (https://community.hyperproof.io/ )

  • The Community has replaced the support portal.

  • New Hypersync: Azure Kubernetes Service. Users can collect the following proof types: List of AKS Clusters and List of Deployments.

  • Hyperproof’s API support for personal M2M auth is now available in a Managed Rollout (MRO) state. Contact your CSM if you’re interested in trying it out.

  • The Hypersync SDK will be available in the next few days. Check the new Hyperproof Community forum for more information!

  • The 27001:2013 Framework Update Feature is live and available for all ISO 27001:2013 users! See Using the framework update feature.

  • Two types of Framework updates are available, depending on when the user created their program:

    • Users who started their 27001:2013 programs before January 2022 will see the update available from Hyperproof’s old version of ISO 27001:2013 to Hyperproof’s latest version of ISO 27001:2013.

    • Users who have Hyperproof’s latest version of ISO 27001:2013 will see the update available for ISO 27001:2022

  • Users can now import schedule-based repeating tasks from a CSV via the My Work tab. All fields, including custom fields, are supported.

  • Added support for private issues.

  • In Control assessments there is now an Affected Objects section within the Evaluations tab where users can link additional related objects.

  • Updated Hypersync: Crowdstrike. Added support for two new proof types: List of Hosts and Endpoint Detections.

  • Updated Hypersync: GitHub. Added support for a new proof type: List of Issues.

  • Updated Hypersync: Zendesk. View of Tickets proof type now supports testing of the Ticket Status value.

  • For customers with the scopes feature turned on in their instance, users of the Controls dashboard in the Analytics module can now view the dashboard with scope assignments expanded. To do this, open the Filter panel, and then click Expand scopes.

2023-JAN-05

Full release notes: Release Notes - 2023-JAN-05

  • Issues and My Work - Added support for bulk editing all properties in the My Work issues grid.

  • Issues and My work - Added a Repeating tasks tab in My Work, where users can view and edit all of their repeating tasks in one place.

  • Risk - Advanced risk mitigation is now available for MRO!  With this change comes an improved Risk Health panel that also includes the ability to directly set actual values (i.e. override the calculated values). The risk heatmap found on the Risk dashboard has also been improved. Admins can initiate a migration to the advanced features in Settings → Risk Mapping.

  • Actual risk has now been renamed to Residual risk to better match common taxonomy. Likelihood and Impact have also been renamed to Inherent Likelihood and Inherent Impact.

  • Control assessments - Custom fields can now be attached to evaluations. This feature remains in MRO.

  • New Hypersync: Crowdstrike. Users can collect the following proof types: List of Users, List of Groups, Prevention Policies, and Sensor Update Policies.

  • Framework update feature - In the control detail view, if the control is linked to a requirement that will be removed as a result of a framework, Hyperproof now explicitly indicates that to control members.

  • Framework update feature - Updated the user interface to make it clearer which requirements will be removed when the update is completed.

  • New framework: Korean ISMS-P

  • New framework: NIST 800-218

  • New framework: DHS 4300A Sensitive Systems Handbook

  • Updated framework: SOX

  • Improved how scope assignments work in the Proof Picker. Users can now filter down to the proof for just one scope, plus, when looking at all proof for the control, each proof lists the scope(s) that it is linked to. Additionally, the breadcrumb lets the user easily navigate between these different views.

  • Added support for Generic SAML as an SSO provider.

  • Users can now only change the control owner property if they are a manager of the control.