Product Enhancements
MSQL Data Gathering Configuration
A new tab for MSQL has been added to the license manager data configuration page. This allows you to enter information about your MSQL databases so OpsCompass can include MSQL databases in configuration and compliance scans. The same functionality has also been added to the license-manager module in the OpsCompass CLI.
Mitigations and Exceptions Filter
In this release, we have updated the filters in the Mitigations and Exceptions feature so customers can now filter by exception, checks, resources, and creator in addition to the type and status. These filtering options make it easier for customers to find what they are looking for.
New Authorization Flow for Microsoft 365 Exchange and SharePoint Tenant Scanning
We introduce a new flow for authorizing OpsCompass to scan Exchange Online and SharePoint tenant settings. Now we use an Azure AD Application to gather the Exchange and SharePoint data rather than using a username and password to connect to the Exchange Online and SharePoint Online PowerShell environments.
To use this scanning flow, follow the steps to connect a Microsoft 365 tenant to OpsCompass. After the initial Azure AD authorization step, which authorizes OpsCompass to read resources like users and groups, you can authorize this second OpsCompass Azure AD application.
After authorized, to allow OpsCompass to read your Exchange Online settings, you’ll need to add the new application to the “Global Readers” role for your tenant. OpsCompass provides you these details during the setup process.
Oracle Database CIS Benchmark
OpsCompass offers Oracle 19c CIS Benchmark support! Users can now track their Security Compliance status of their Oracle Database Instances within OpsCompass. OpsCompass implements over 100 different compliance checks based on the benchmark recommendations, covering User Access Auditing, Least Privilege Access Recommendations, Connection Restrictions within your instance, as well as best practices for database parameter settings. For more information on installing data gathering scripts, or if you are interested in trying out Phase 2 of support, please contact your OpsCompass representative.
Bug Fixes / Enhancements
- With the CLI, when you update your data gathering scripts, we’ll no longer warn you that your scripts are out of date.
- On the Mitigations and Exceptions page, when you select multiple records the page should tell you the correct number of records you’ve selected.
- When filtering the Drift view by a change date range, the dates in the filter summary should match the dates in the filter view.
- When creating or editing Drift Concerns, the fields no longer take up the full window width available to them.
- When you click on the “Notifications” bell while you have no notifications, you now see a message that you have no notifications.
- We updated the recommended action when an AWS S3 bucket allows non-HTTPS traffic to recommend making a policy blocking non-HTTPS traffic for all S3 actions.