Release Notes - 2025-AUG-21
Important Update
Please be aware that Hyperproof’s IP addresses have changed as of August 20, 2025. Unfortunately, we did not communicate the update prior to the change. This will cause failures in your integrations if your organization has Hyperproof’s old IP addresses on its allowlist.
If you have the following IP addresses on your company's allowlist, please update them as follows:
Instance | Old IP address | New IP address |
|---|---|---|
Hyperproof US | 13.88.136.187 52.9.169.38 | 20.184.128.53 Unchanged |
Hyperproof EU | 98.67.144.221 131.189.74.27 | 9.141.172.46 4.185.45.100 |
Hyperproof Gov | 4.149.225.155 52.250.33.250 | 4.154.201.6 4.246.104.90 |
Added
Policies
The Policies grid now has a Settings icon
that allows you to change the order of or hide columns. Columns can also be sorted by clicking the column heading.The Retired section of the Policy Overview tab has clickable version links that take you to the Document tab and display the policy document for the selected retired version.
Group notifications on vendor questionnaires
When sending out a Vendor Questionnaire, users can now select additional individuals or Groups to be notified when that Questionnaire is submitted. Anyone added to receive a notification will be able to view the response in Hyperproof.
Improved
Hypersyncs and integrations
Updated! Hypersync for CrowdStrike. Support for the gov instance of CrowdStrike.
Updated! Hypersync for Microsoft Entra ID. The List of Users and List of Groups proof types now have a Status field with the values active or deleted.
Updated! Hypersync for Okta.
Added a Policy filter for the List of Policies proof.
Added ID, Title, Department, and Manager fields to the List of Users proof.
Added a Description field to the Group Membership proof.
Updated! Hypersync for Jira and Hypersync for Jira Cloud. Added an Issue type filter to the List of Issues proof that allows you to filter for All Issue Types or Epics.
Updated! Hypersync for SentinelOne. Added the ability to send a list of users to an access review.
Program frameworks
Updated framework: Webtrust
Webtrust Principles and Criteria has now been merged into a single program, and all standards within it are updated. It provides a cohesive and adaptable compliance framework that organizations can adopt to ensure the integrity and trustworthiness of their public key infrastructure (PKI) operations. It includes foundational guidance for Certification Authorities (CAs) to establish sound governance, certificate lifecycle management, and operational controls. The framework encompasses criteria for baseline SSL/TLS issuance and robust network defenses, as well as enhanced validation requirements to verify identity and certificate integrity for EV SSL certificates. It also covers assurance for code signing and S/MIME certificates, reinforcing trust in software and secure communications. Broader system resilience is addressed through network and infrastructure security standards, while specific support exists for verified mark certificates that embed brand or logo identity. Additionally, guidance is provided for Registration Authorities operating in support of CAs. Altogether, this suite of principles offers a comprehensive, flexible foundation that any organization can customize into a PKI compliance program.
Updated framework: HIPAA
Health Insurance Portability and Accountability Act (HIPAA) has been updated to include a new set of content. Hyperproof has added 173 new requirements to its HIPAA program, incorporating recent final rules from the Department of Health and Human Services (HHS) and the Federal Trade Commission (FTC). This major update includes the HIPAA Privacy Rule to Support Reproductive Health Care Privacy, which establishes strong protections for protected health information related to reproductive care by prohibiting certain uses and disclosures and adding new attestation requirements. It also integrates the 21st Century Cures Act's Information Blocking regulations (45 CFR Part 171), outlining exceptions, disincentives, and transparency requirements. Additionally, the update aligns 42 CFR Part 2 requirements for substance use disorder records more closely with HIPAA and incorporates the FTC's Health Breach Notification Rule (16 CFR Part 318) for entities not covered by HIPAA.
Illustrative controls for this program have also been updated and expanded. The updated HIPAA program transforms its control set by replacing the previous granular, interpretive controls with a more authoritative and comprehensive structure. This new version uses direct citations from the HIPAA regulations for improved traceability and integrates the nationally recognized NIST SP 800-53 and NIST SP 800-66r2 frameworks for implementation guidance. Furthermore, the program's scope has been significantly expanded to include new regulations such as the 21st Century Cures Act's Information Blocking rules, 42 CFR Part 2 for substance use disorder records, and the FTC's Health Breach Notification Rule, resulting in a more robust and legally defensible compliance program.To use these updated controls, select the requirement, then select the "Controls" tab of that requirement. Select "Create new control" then select the template on the right.
Addressed issues
Fixed an issue in the Vendors module where some vendor freshness expiration notifications were not sent. ( Case # 00010587)
Fixed an issue where users could not export proof from selected audit requests when the audit status was set to “Completed.” ( Case # 00010579, 00010580, 00010586)
Fixed an issue where some group members did not receive status change notifications when assigned to a request using “Assign by Group.” (Case # 00010554)
Fixed an issue in FedRAMP-based programs where toggling the DOCX export checkbox in the requirements tree view caused a page error. (Case # 00010563)
Fixed an issue where daily digest email notifications were not sent to audit managers. (Case # 00010536)
Fixed an issue where custom Hypersyncs failed to import into organizations hosted in Hyperproof EU. (Case # 00010533)
Fixed an issue in the Vendors module where imports silently failed due to category name case mismatches. The system now detects and reports these mismatches clearly. (Case # 00010513)
Fixed an issue where users received unhealthy connection email alerts without any linked integration details, and the Connection health window showed no unhealthy connections. (Case # 00010509)
Fixed an issue where contacts could be incorrectly assigned as audit request assignees when using the bulk edit options on the grid view. (Case # 00010505)
Fixed an issue where Limited Access Users could not view the activity feed on some issues. (Case # 00010477)
Fixed an issue where keyboard-only users encountered an error when creating tasks. (Case # 00010452)
Fixed an issue in the Issues module where users could not change the source object if it was already listed as an affected object. (Case # 00010449)
Fixed an issue where latency in Hyperproof caused delays when opening proofs, changing task statuses, and posting comments. (Case # 00010413)
Fixed an issue where the Program dashboard displayed incorrect control counts and faulty widget links. Totals did not match the actual number of controls, and filters returned inaccurate results. (Case # 00010069)
Fixed an issue where exported user lists showed deactivated users with missing names, incorrect roles, and invalid login dates. (Case # 00010337 )
Fixed an issue in the Work Items module where applying filters in the Issues tab resulted in an inflated issue count. (Case # 00010261)
Fixed an issue where Confluence proof previews failed to load after syncing updated content. After syncing a new version, the PDF viewer showed a “Failed to load PDF file” error until the modal was closed and reopened. (Case # 00010194)