Release Notes - 2024-MAR-14
Added
Custom logo in email notifications is now available for all organizations
Administrators can now choose to add a custom logo to Hyperproof-generated email notifications, including vendor emails. Configure your logo on the Settings > General page. Once uploaded, an administrator can send themselves a test notification to see how the logo looks in our emails. Custom logos can be turned off at any point if you no longer wish to have your logo included in notification emails.
Note that images will be scaled such that 200px is the largest dimension but aspect ratios will remain the same. See the Custom Logos idea in the Ideas portal.
Vendor dashboard
Hyperproof added a Vendor dashboard to track overall vendor trends including key information around outstanding questionnaires and upcoming renewals.
The dashboard contains the following widgets:
Health Status
Risk Level
Outstanding Questionnaires
Upcoming Renewals
For more information, see Understanding the Vendor Register dashboard.
See the Dashboard for Vendor Module idea in the Ideas portal.
Assessment Imports
Users can now create and update evaluations for an existing assessment using the Import link on the Evaluations tab in an assessment. The import process for evaluations is similar to other imports in Hyperproof, such as audit requests. Note that the summary field can’t be specified in an import since it’s generated automatically from the details of the object being evaluated. Keep in mind the following:
If you import an evaluation without a system-generated ID, Hyperproof creates that evaluation in the assessment.
If you import an evaluation with an existing system-generated ID, Hyperproof updates the evaluation.
If you import an evaluation into an archived assessment, the behavior for system-generated IDs is the same and the assessment remains archived.
For more information, see Importing evaluations.
See the Allow bulk uploads for Assessments idea in the Ideas portal.
Self-service reporting - Managed Rollout
From Settings, administrators can enable self-service reporting by creating one or more service accounts for our Snowflake data warehouse to use with best-in-class BI tools like Tableau, Looker, and Microsoft Power BI to build reports and dashboards.
For more information, see Self-service reporting.
Viewer object role
From any object facepile, object Managers can add users in a new role called “Viewer” providing read-only access to the object. For more information, see Viewer role.
See the Object level Read-Only role idea in the Ideas portal.
Public Risk API
Hyperproof is releasing a new public API for Risk, allowing our Risk customers to add and edit existing risks in the Hyperproof Risk module, as well as pull existing risk information directly from your Hyperproof Risk Register. See our API documentation for more information.
See the Allow managing Risks via API idea in the Ideas portal.
Improved
Hypersyncs and integrations
LiveSync- When turning off LiveSync for a file synced as part of a folder, a confirmation message displays all files affected by the change. When an entire folder has LiveSync turned on, turning off LiveSync for one file in that folder turns off LiveSync for all files in the folder.
For more information, see Turning off LiveSync.
Salesforce Hypersync - Reports listed when configuring the Hypersync using the reports service now display both the report name and the report unique name. When selecting a report, you can use the search-as-you-type option in the Report Name field to filter the list of reports. Any report name or unique name containing the text typed is included in the filtered list.
Proof filter pane
The filter on the proof page has been updated to allow filtering by Owner and Uploaded By fields.
Changes in functionality
Analytics sunsetting
Hyperproof plans to retire the Analytics module on March 28, 2024. After this date, you cannot access or use the Analytics module. Note that the in-app dashboards are unaffected by this change. Analytics will be replaced soon with a Self-service reporting module based on a Snowflake data warehouse provided by Hyperproof. For more information, see the Analytics Module Sunsetting announcement.
Hyperproof API
When uploading proof to a control, label, or task using the API, the API response contains the proof metadata, including the ownedBy field. This is the owner of the proof. The value returned is the entire user object instead of the owner ID. In the April 4, 2024 release (postponed one release), API calls that return proof metadata will only return the owner ID in the ownedBy field as is already noted in the API documentation.
Use the owner ID returned in the response to look up the User information in the Users API. API details are available at https://developer.hyperproof.app/.
Tenable Hypersync
The Security Vulnerabilities proof type for the Tenable Hypersync has been removed from Hyperproof due to an issue with the Tenable API. Existing Tenable Hypersyncs that collect Security Vulnerabilities proof will continue to run but may not be successful. New Hypersyncs can't be configured to collect Security Vulnerabilities proof.
Addressed issues
Added a link on the Rapid7 Hypersync configuration window to additional Rapid7 / InsightVM Console documentation to assist users with connection issues. (Case # 00007790)
Fixed an issue with control notes when multiple users edited the same notes from the grid view, only the edits by the first user to save were retained and other users’ changes were lost. (Case # 00007811)
Fixed an issue where exporting archived vendors generated an empty file both in CSV and XLSX format. Archived vendors can no longer be selected for export. (Case # 00007896)
Fixed an issue where KnowBe4 Hypersyncs were failing due to too many requests. (Case # 00007931)
Fixed formatting and title issues with the System Security Plan (SSP) report. (Case # 00007860)
Fixed an issue where the AWS Security Hub Insights proof could not be retrieved and generated an error similar to the following:
Received error from AWS while calling getFindings with parameters.(Case # 00007966)Fixed an issue where bulk editing members on a large number of controls didn’t save the changes. (Case # 00007842, 00007934, 00008022, 00008016)
Jira Issue Details proof file names autogenerated by Hyperproof are now truncated in the 160 to 180 character range depending on where there is white space between words. Truncating where there is a natural break in the words makes the file names more user-friendly. (Case # 00007998)
Fixed an issue where a scrollbar displayed in the Request status widget on the Audit dashboard blocked the links to the requests when viewing the dashboard using Firefox. (Case # 00008015)
Fixed an issue where the list of reports displayed in the Salesforce Hypersync was limited to 2000 reports. Now the user can begin typing the name of the report and the list is filtered as they type. (Case # 00007812)
Fixed an issue where custom applications timed out after 30 seconds when collecting proof. The timeout has been increased to 300 seconds.
Fixed an issue importing a user access list where the CSV file had fields with erroneous data, but the error was not reported and the import would not complete. Now the error is reported so it can be addressed.
Improved the error message generated if a user attempts to log in to Hyperproof but is using an incorrect email address. The error message now includes the email address Hyperproof received. (Case # 00008065)
Improved the proof upload process to resolve an issue uploading a Confluence file. (Case # 00008087)
Fixed an issue where some users accepting invitations to Hyperproof were taken to a security warning page instead of to the Hyperproof login page. (Case # 00008103)
Fixed an issue where the GitLab Hypersync generated communication errors when collecting the Merge Request Settings proof. To address this issue, when configuring the Hypersync the branch option displays the first 50 branches where you can use the search-as-you-type option to filter for the branch you need. (Case # 00007795)