2024.1 Release Notes

Forge

Includes import of SteelCloud CIS baseline policies, viewing, modifying for custom baselines, and export for distribution to Commander and Shields.

Increased vulnerability coverage using scripts for validation and remediation of a control, for this release only a SteelCloud syntax with PowerShell scripts are supported. See documentation for details on how to customize scripts.

New functionality for comparing policies to view differences available within the Policy Manager. When upgrading SteelCloud baseline and custom affected policies the Difference Viewer will automatically show to provide a view of differences between the versions. It can also be used to compare differences between policy versions.

The Policy Manager received several visual upgrades
Auto collapse when editing and creating policies
The addition of filters to the hierarchy structures
Added expand and collapse to all tree items
Updated components with more detailed tooltip information
Layout adjustments for improved readability
Procedural changes for custom baselines
all custom baselines are created as major versions
only custom baselines can be created from a SteelCloud Baseline Policy
Changed the “Do Not Process Control” action to “Remove Control” when editing a custom baseline policy

Improvements around moving policies.
Improvements to the Scan Only and Manual Review indicators
Security Policy part items that had its baseline compliance value set to “Should be Removed”, was showing strange information.
Setting Applies for All Users on new Registry Entry parts was not saving.

Two-factor authentication for user accounts, using a time-based one time password
Improvements to the Shield database encryption.
Added capability on Desktop Client for login to connect to alternative Commanders.

Importing CIS policies from Forge for assignment to groups and distributed to Shields for running scans and remediations

Increased coverage using scripts.

Add FQDN (when applicable) to Endpoint Setup information. Also included in reports.
Enhancements to Continuous Monitoring
Ability to assign a schedule profile that contains one or more timed triggers
New area for Access Groups permissions for tree infrastructure
Administrators can assign access groups to the infrastructure groups to restrict user access to Endpoiaccessallation enhancements

(Commander) Allows users to use their own certificate for Commander communication with Shields and Clients
(Shield) Ability to add Shields to specific infrastructure path during install

Updated to match the changes in Forge

Added configuration for two-factor authentication per user
Added 2 permissions to support new features; Can Modify Schedule Profiles, Can Edit Access Groups

Add the ability to set the default for CKL generation to CKLB or CKL.
Add the ability to set up Commander’s database backup schedule and maximum number of backups retained.
Additional two-factor authentication configuration

Added capability to modify Group ID (support upcoming DISA vulnerability ID changes)
Added field for Finding Detail.s, it will be appended to the exported reports

New report available of all Endpoint information and recent results in CSV file
Support new checklist format from STIG Viewer 3.0 for CKLB (set as default) for checklists generation and for import to a Result Template.
Results Template now has a custom Finding Details text field per control that will add to the processed status results.
Includes finding details when generating a Results Template from a checklist.
Server name added to Client connected Title Bar

Fixed the Certificate Entry control parts for Shields will search in all locations for the provided thumbprint
Fixed Registry Entry triggers to check HKCU for all users.
Enforced “Can Modify Results Templates permission when making changes to templates.
Fixed restored Endpoints for performing immediate jobs.