Release Notes Through 2024-02-08
Overview
Cyber Risk Dashboard Now Includes macOS Data Tiles
New macOS tiles have been added to the Cyber Risk Dashboard's Endpoint Security Section to provide insights into:
- Total number of macOS workstations with FileVault turned on
- Breakdown of the various OS versions for macOS Inspectors
- Percentage of macOS workstations with Gatekeeper enabled
- Percentage of macOS endpoints that have Stealth Mode enabled
These insights will help partners stay on top of their macOS workstations' security posture and ensure they abide by security best practices by easily providing visibility into essential encryption, Firewall, OS data and more.
While these tiles are hidden by default, partners can easily enable them and customize this and all sections of this dashboard by clicking on the Tiles menu drop-down in the upper-right corner of each section.
To access the Cyber Risk Dashboard, navigate to an Environment's Single Environment Dashboard and select Cyber Risk Dashboard on the left-hand menu.
Cyber Risk Alert Template
We’ve added a new Cyber Risk Alert Template to track and monitor key security-related configuration settings.
This new alert template allows partners to quickly enable the track and alert on essential security-related configuration information to mitigate critical cybersecurity risks and related configuration changes. With over 173 alert rules across a wide breadth of systems, partners have the ability and flexibility to easily enable the most critical rules in this template in order to strengthen their security posture and mitigate cybersecurity risks.
Navigate to Admin > Actionable Alerts > Templates and type Cyber Risk Alert to find and enable the new Actionable Alert template.
For more information on this and other Liongard-created Actionable Alert templates, please visit our documentation.
User Permission Updates
This release also features enhancements to in-platform user management and user security by narrowing user visibility to certain groups. As of this release, Global and User Admins will be the only roles that will be able to view other users in an Environment and/or Instance.
Below is an updated summary of the user roles' permissions to view users in other Environments. For more detailed information on user permission groups in Liongard, please visit our documentation.
User Role | Can view users in other Environments |
---|---|
Environment Admin | Yes, but only for the assigned Environment |
Global Admin | Yes, all users |
Global Environment Managers | Yes, all users |
User Administrators | Yes, all users |
Environment Readers | No |
Global Readers | No |
Global System Integrators | No |
Microsoft Cloud Inspector Consolidation Update
We're excited to announce the next stage of improvements to our Microsoft 365 monitoring tools in Liongard. In previous releases, we announced the consolidation of our separate inspectors for monitoring Microsoft Teams, SharePoint, OneDrive, and Azure AD into one comprehensive Microsoft 365 Inspector that covers them all. This means less switching between tools and a more streamlined way to monitor your Microsoft 365 services.
To that end, as of this release, the Microsoft Teams, SharePoint, OneDrive, and Azure AD inspectors will cease automatic and manual runs, and the new creation of these Inspectors will not be possible. Existing data prints from these inspectors will be retained on the platform for 18 months; however, all related metrics will now reference the historical data in the Microsoft 365 inspector.
If you're currently using our inspectors for Teams, SharePoint, OneDrive, or Azure AD, don't worry! We will automatically transfer all your existing reports, alerts, and settings to the new combined Inspector. This means you will still have all your important information, but it will now be accessible in one place.
For more details on this phase of the Microsoft Cloud Inspector consolidation, please visit our Knowledge Base article.
Microsoft Cloud Inspector Updates and Enhancements
Dynamic Role Synchronization
Liongard has also made improvements focusing on enhancing data integrity and relevance of the data returned by the Microsoft 365 Inspector. This update involves a crucial shift in how Liongard defines privileged user roles, transitioning from a static, predetermined list to a dynamic, API-driven approach.
This transition results in a dynamic list sourced directly from the Microsoft Graph API, which guarantees that the privileged roles identified in Liongard are always in sync with those defined in Microsoft Entra Identity. There are a number of benefits that come with this critical change:
- The Inspector will now be more adaptive to Microsoft Changes: The Inspector will now automatically update the definition of privileged users in Liongard as Microsoft modifies its criteria.
- Enhanced Data Integrity: As Microsoft updates its criteria for what constitutes a privileged user, our system automatically adapts. This seamless integration means that Liongard's definitions remain current without necessitating manual code modifications.
- Streamlined System Maintenance: This update not only ensures data integrity but also simplifies the maintenance of role definitions, providing a more efficient and responsive system that adapts to changes in real time.
Integration of Last-Login Data for Users in Microsoft Entra ID
Alongside these improvements to the Microsoft 365 Inspector is the integration of Last-Login data for users in Microsoft Entra ID. This feature, available for Microsoft Entra ID P1 or P2 license holders, provides crucial insights into user activity and enhances security monitoring within the Microsoft 365 Environment.
With the introduction of this data, partners will be able to easily track user engagement and identify inactive accounts, enabling enhanced security oversight and improved compliance management. This new data provides partners with accurate user activity data that is essential in pinpointing inactive users and optimizing licensing costs.
Minor Updates and Bug Fixes
Platform and Feature Minor Updates and Bug Fixes
- Power BI Connector Update: Improved the Liongard Power BI Connector's performance for pulling Liongard metrics by making fewer but larger API requests. Partners wishing to take advantage of the updated version of the connector with the performance improvements will need to download the latest version of the Liongard Power BI Data Connector.
- Columns showing the Issuer Organization Name and when the certificate has been valid since added to the Cyber Security Dashboard TLS/SSL on Domain and Expiring TLS/SSL Certificate drill-down tables
- Resolved an issue that could cause a "Failed to retrieve metrics" error when opening an environment's overview page
- Resolved an issue where a user account could not be deleted if the user had saved any UI preferences for the Cyber Risk Dashboard
- Resolved an issue on the Timeline page that prevented the display of metric values for any timeline entry other than the latest entry
- Newly added Cyber Risk Dashboard tiles by Liongard within the last 30 days are now highlighted
- Made improvements to the loading times of the Single Environment Dashboard page's counts for Systems, Change Detections, and Total Open Alerts
- Inspector Names in the Cyber Risk Dashboard drill-down are now hyperlinked and redirected to their associated system details page
- Fixed error that resulted from deletion of the first section of a newly created report template
- Fixed a bug causing our chat feature to disappear
- Adding the ability to refresh tiles that were initially unable to load data
- Resolved an issue preventing Antivirus (Auto) Flexible assets from being enabled in Liongard for the IT Glue integration.
- Fixed HaloPSA ticket description and comment formatting to properly display line breaks and hyperlinks
- Updated the description for the Global Environment Manager role to remove mentions of Users since this role does not allow managing Users
- Updated the Admin > Integrations left navigation page to include externally built integration to Rewst and a landing page with pertinent information about the integration
- An update to user permissions now allows Global Environment Managers to manage which Metrics are visible to all users on the Single Environment overview page
Inspector and API Minor Updates and Bug Fixes
- Active Directory
- Improved the Group Policy Object (GPO) query logic to now return for each GPO in the AD inspector
- API
- Added API documentation for the Cyber Risk Dashboard API
- CloudFlare
- Resolved CloudFlare 403 error for "CloudFlare - Feedwire License" Inspector Metric, addressing permission issues within the target system
- Continuum RMM
- Corrected the metric query for the "Continuum RMM: Total Agents Count" Metric
- Datto BCDR
- Fixed an issue that led to Datto BCDR inspectors failing with "Error message: Cannot read properties of null (reading 'size')"
- Duo Security
- Resolved an issue that led to duplicated Duo inspector discoveries. Also removed all duplicate discoveries caused by the issue
- Hyper-V
- Fixed an issue causing some Hyper-V inspectors to fail with 404 errors
- Internet Domain
- Improved the Domain Inspector's stability and enhanced logs by transitioning to use the HTTPS API for DNS data queries exclusively
- Resolved an issue that resulted in false Change Detections related to text case changes
- macOS
- Resolved an issue causing macOS Inspectors to fail with an error
- Improved the reliability of the macOS Inspector with VPN services
- Microsoft 365
- Resolved an issue that led to inspections unintentionally failing due to SharePoint license restrictions
- SonicWall
- Resolved an issue preventing partners from changing an existing launch point's assigned Agent
- Windows Server
- Fixed an issue preventing network test data from appearing in the Windows Workstation Inspector
Are you a Liongard Certified Professional?
Liongard Academy, our learning and resource center, and our Liongard Certified Professional (LCP) Certification are live!
Our LCP certification program is the quickest way to learn how to leverage Liongard to the fullest. Not only will you get a sweet new certificate to show off on LinkedIn, but it will also validate your automation expertise as a Liongard Expert!
Check out our other coursework, including "Introduction to Liongard" and "How to Write a Metric Learning Path." For more information on role-specific training, check out our Team Training documentation.
Sign up today at Liongard Academy.
As always, feel free to share any feedback or questions in the Liongard Lounge, our Slack community, in the #liongard-academy channel!
Liongard Library
Have you checked out the Liongard Library yet? Share custom Metrics and learn best practices from other Partners to get the most out of the platform. Access it in the Support drop-down menu in your instance.
Visit the Liongard Library today!
Updated 9 months ago