Cumulative release notes for 2024

Hyperproof release notes

Cumulative release notes for 2023

Access reviews

Risks - You can now bulk unarchive risks.

SSO configuration - Added a third option for SSO configuration that requires SSO for all users including administrators.

API / Developer - Added a Vendor API with the ability to add or edit a vendor, send a questionnaire, and add or edit an External contact.

Hypersyncs

Scope assignments and risks - Users can now import a scope assignment linked to a control via the Risk import CSV using the ID of the scope control.

Questionnaire reminders - Users can now send reminders to vendor respondents to complete a questionnaire.

Performance improvements - Made improvements on the Settings > People page and in the following list view areas: issues, requests, and controls.

Access review enhancements - Labels can now be linked to access reviews via the Details tab.

Proof Picker - The Proof Picker now defaults to the evaluated object when opened in an evaluation.

Card view for all work items and risks - Card view is now available for requests, evaluations, and issues (previously only available on tasks) as a companion to the standard grid view. It is also available for risks.

Self-service reporting enhancements - Time series data is now available in MRO. New snapshot tables for the Hyperproof business objects have been added with the "TS_" prefix (TS_CONTROL, TS_RISK, etc), which enables creating reports that compare values (e.g. health, residual risk, etc.) month over month (or any multiple of month over month, e.g. quarter over quarter).

Updated the Azure Hypersync with four new proof types: Azure Database for PostgreSQL Flexible Server - Peerings, Storage Account - Peerings, Virtual Machine - Peerings, and Virtual Network - Peerings.

New and updated programs: NIST 800-171 rev 3 now includes a DOCX SSP Export, Australia ISM, ETSI EN 319 401, CJIS, The Hyperproof Common Control Framework is now mapped to ISO 27001, SOC 2, and NIST CSF.

Access reviews feature is GA. Added support for Okta as a universal gateway allowing compliance managers to automatically import access lists for user access reviews across multiple applications not supported by Hyperproof today. Select from more than 500 applications in the Okta Applications Network.

Attachments on requests - Upload example files to requests to help request assignees understand the request more clearly. Convert attachments to proof where appropriate.

Groups as members of objects - In Settings > People administrators and compliance managers can create groups of users on the new Groups tab. Once a group is created it can be added to object membership, and an object role can be assigned to grant the members of that group permissions for the selected object.

Program Label and Risk Mapping is in Managed rollout (MRO) - Automatically map generic evidence, as labels, and generic risks to controls when creating a new program.

Program PRD (SSD) fields export - For applicable programs, such as StateRAMP, the Program Requirement Detail (PRD) fields or SSP fields, are included in the Program export > Requirement CSV file. If you need to produce the StateRAMP or similar reports in Excel, you can use this data from Hyperproof for that report.

Hyperproof EU is GA

Hyperproof Gov is in managed rollout (MRO)

Self-service reporting -Updated the data model for REQUIREMENT: added columns for SECTION_SUMMARY, SECTION_1, SECTION_2, SECTION_3, SECTION_4 and DESCRIPTION to help build reports matching the grid views and exports from Hyperproof.

SPRS scoring - Dashboard widget improvements, including a segment for unweighted requirements and indicating in the Score widget whether the SSP is in place.

New and updated programs - New: Digital Services Act (DSA) Updated: ISO 9001, DORA, PCI DSS v4.0.1

Updated Hypersyncs -Updated: Okta - Password Policy - Password Policy proof Removed: Hypersync for F5

Access reviews - Added an option to assign each user's direct manager as a reviewer when reviewing an application user list.

SPRS scoring - Added tool tips to enhance the user experience.

Audit notifications - Expanded the number and type of notifications, including:

Date range filters - Custom date fields can be filtered from the Filter pane using a date range filter for a specific date, between two dates (inclusive), before or on a specific date, or after or on a specific date.

Proof previewer for Microsoft Office toggle

Hypersyncs

Programs

Hyperproof EU instance is now in managed rollout.

Self-service reporting is now GA.

Added a new bulk Delete option on the Proof page. You can filter by date range to find, select, and delete proof in bulk.

Added filter by date range options on the Filter pane for system-provided date fields.

Added email notifications to access reviews to let reviewers and sysadmins know when to review and update user access records.

Added a Hypersync and Automated Control Testing for Google Sheets.

Updated Hypersync: Jira - The Issue Details proof now includes Jira Activity history.

Added the proof property isPrivate to the public proof API.

Updated the following programs:

Added an Activity Feed to the People page that tracks changes to users, and allows comments and @mentions.

Added an option to the Proof page to bulk update privacy settings on proof.

Added date range filtering for proof based on the Uploaded on date. Options include specific date, between two dates (inclusive of the selected dates), before or on a specific date, after or on a specific date.

Added access review imports for 4 new applications via Hypersync: AWS, Azure Kubernetes, Jira Cloud, and KnowBe4.

Program health and the task template table for repeating tasks are now available in the data warehouse for Self-service reporting.

Enhanced email notifications with a more attractive template and consistent content including descriptions and due dates.

Updated evaluations to sort them in requirement order when displayed in requirement assessments.

Updated frameworks:

Evaluations -

SPRS scoring for CMMC and NIST 800-171 frameworks is generally available and shows on all new and existing programs that use these frameworks.

Access reviews

Scopes - Import controls with scopes from a CSV

Self-service reporting - Vendor Health, Risk, and Tolerance are now available in the data warehouse

Help menu - Removed the Need Help? button from the user interface and consolidated access to help articles under the primary Help button.

Proof preview - Added a zoom option for PDFs and an option to expand the viewer to full screen.

Access reviews - Added support for Hypersyncs based on Finch-powered services adding 24 new applications to the list of supported apps.

Email notifications - Improved rich text formatting, added the name of the user who triggered the notification to the From addresses, and added due dates to the Subject lines.

ProofProof roles and permissions - Proof contributors can now edit proof names and upload new versions of proof.

ServiceNow task integration - Now available for all users!

Asana task integration - Now has an option to filter projects by team when creating a new task.

Access reviews - Implemented automated directory and user access list import using Hypersyncs for Okta, Microsoft Entra ID, Google Workspace Platform.

SPRS scoring for the CMMC and NIST 800-171frameworks is in managed rollout.

Self-service reporting - Risk Health and Audit Health are now available in the data warehouse.

The Explore-by filter pane is now available in the Vendor dashboard.

You can now filter the program dashboard by scopes.

Added the ability to mark proof as private.

Hyperproof API - Added support to get proof from controls and labels.

Improved the Evaluation status widget on the Assessment dashboard to display all statuses without needing to scroll.

The new object Viewer role is now available as an option to select when bulk editing membership on controls and labels.

Custom logo in email notifications is generally available.

Added a Vendor dashboard to track Health Status, Risk Level, Outstanding Questionnaires, and Upcoming Renewals.

Import evaluations into an assessment is now available.

Self-service reporting is in managed rollout.

Added a Viewer object role to provide read-only access to Hyperproof objects.

Added a Risk API.

Limited Access User role that only displays the objects where the user is specifically granted access via the object Facepiles.

Custom logo in email notifications is in managed rollout.

Single sign-on in Hyperproof now supports the configuration of multiple identity providers (IDP), such as Okta, Microsoft Entra ID (formerly Azure AD), or JumpCloud, for one email domain.

When adding a custom field, you can now add up to 500 values for single-select or multiple-select field types.

Exporting proof calculates and displays the size of the proof selected up to a maximum of 1.5 GB. When that maximum is reached, you must start a new export.

System use notification to display at every log-in or after a specified number of days.

Requirement assessments display the full requirement text as a default field.

ServiceNow Task integration is now in managed rollout. 

Updated Hypersync: JumpCloud. Added proof type: List of Activity Logs.

Support for changing targets on tasks and repeating tasks.

Support for self-service reporting (managed rollout)

Additional banners and status change buttons for access reviews.