Platform Version 10.0.0
5 November 2020
Release 10.0.0 includes Framework Mapper, Forgot Password message for inactive users, as well as bug fixes.
NEW! Control Framework Mapper
The Framework Mapper feature now available to all customers on the Vendor Profile page. You can easily map your Third Party’s CyberGRX results across standardized, proprietary, or custom frameworks. A few of the supported frameworks include NIST 800/CSF, NERC CIP, HIPAA, APRA CPS 234, etc. Please review the FAQ for further information.
Inactive Users Selecting Forgot Password
To better align with new registration flows, inactive users and users that have not registered will no longer receive password reset emails when they click “forgot password.” Inactive users who select “forgot password” will be redirected to a self-guided reset password flow (first screenshot). Note: Inactive users will not receive an email with the required verification code, but they can select “Didn’t get an email?”. That link will bring them to the “Didn’t get a password reset email” page (second screenshot). This page provides step-by-step instructions to troubleshoot next steps.
Updated Explore Risk Exposure Graph
The scatterplot has been modified to accommodate the MITRE based use cases.
New User Created Error:
Users were receiving a nondescript red error box when creating a user without assigned roles. It is now impossible for a user to be created without at least one assigned role, removing the scenario creating this bug.
Inconsistent T2 Validated Assessment Auto-Provisioning
We have fixed the issue in which a T2A assessment was being auto provisioned for a T2V order. Now a T2V is ordered and the T2V assessment is created appropriately.