Upcoming Features:
- Consent Metrics (11825):
- We’ve introduced consent metrics to provide detailed insights into consent-related data.
- All Regulations Option for Quiklink Rules Configuration (11762):
- Quiklink rules are configurable for all regulations, offering more comprehensive rule management.
- Multi-Selection of Vendors (11815):
- Multi-selection of vendors, supporting vendor assessment-only functionality.
- Import/Export of Vendors (11824):
- Import and export vendors in bulk, simplifying the process of adding vendors with minimal information and saving them without immediate assignment to a system or request type support. Additionally, this feature allows the export of vendors to a CSV file.
- Internal Comments in Verification Review (11835):
- The capability to include internal comments in the verification review reject request response, enhancing communication and record-keeping.
- Task Table Update (11837):
- When tasks are closed via an API, the last modified information is now recorded in the task table.
- Cookie Panel Dropdown (10994):
- A dropdown for the cookie panel type has been added, improving user interaction.
- GAP Assessment Regulation Removal (11850):
- You no longer need to select a regulation when landing on the GAP assessment page. Instead, you can create a “named” assessment.
- Consent Requests Dropdown Style Update (11890):
- The selection view on the consent requests dropdown section has been updated to match the product’s style for a cohesive user experience.
- Audit Log Enhancement (11852):
- A consent summary has been incorporated into the Audit log, providing a comprehensive overview of consent-related activities.
- Global JavaScript Variable Update (11832):
- The Cookie Consent plugin has been refined, including the renaming of the global JavaScript variable for improved integration and functionality.
- Persistent Page During Cookie Re-Categorization (11932):
- To enhance user experience and continuity, active pages will now be retained during the cookie re-categorization process.
- Oracle Database Integration (10912):
- The Oracle database has been added to the list of supported databases for data scrambling, enhancing data security and compliance.
- Scramble Database Table Transition (11768):
- We have transitioned to new database tables for defining the scramble job and storing historical data, optimizing data management.
- Scramble History and Dashboard (11769):
- The Scramble feature now includes a basic history and dashboard page, offering a comprehensive view of data scrambling activities.
- Scramble Job Details Page (Completed, Failed, In Progress) (11770):
- We’ve introduced a dedicated job details page for completed, failed, and in-progress data scramble jobs, streamlining data management and analysis.
- Scramble Job Details Page (11771):
- A new job details page has been created for data scramble activities, facilitating better monitoring and control. This includes Database information section, Details to include full error details, table, fields and configuration in read only mode with pagination. No filtering added at this time.
Security Updates:
Our proactive security measures continue to ensure robust protection. No reported security breaches or attacks are associated with the addressed issues.
- Stored XSS on the portal name functionality corrected (11895)
- Stored XSS on Domain and Ban Email list corrected (11913)
- Stored XSS on Access Control Page under Privacy portal corrected (11944)
- HTML injection vulnerability in Verification Questions corrected (11908)
- Stored XSS on Request forms functionality (11893)
- Stored XSS on Privacy Portal details (11945)
- Blacklist based file upload bypass (11901)
Security Patch:
- No security patches are included in this release.
Infrastructure Updates:
- There are no infrastructure updates in this release.
Bug Fixes:
- Send Test Email Button (11670):
- The “Send test email” button on the email settings page is no longer throwing an error while successfully sending emails.
- Domain Ban Email List (11907):
- Unwanted translation tabs have been removed from the domain ban email list.
- Download Request Report (11800):
- CSV download request reports no longer include blank rows that previously interfered with sorting capabilities.
- Quiklinks Visibility (11763):
- Org portal users can now consistently see Quiklinks with Azure AD OpenID Connect, resolving sporadic visibility issues.
- Cookie Plugin Preview (11723):
- The cookie plugin preview now functions as expected, ensuring a seamless user experience.
- Account and Verification Sidebar Styling (11963):
- Styling on the account and verification sidebars now consistently matches the product’s style.
-
GPC Signal not working as expected with GTM Integration (12045)
Hot Fixes:
- The following issues have been addressed from the 6.8.0 release:
- Cookie Auto Scan (11931):
- Cookie auto scan functionality now works correctly.
- Task Emails for System Owners (11905):
- System owners no longer receive task emails with auto-rejection rules set up due to rule priority.
- Naming Correction (11933):
- Duplicate naming for “Right to Object/Opt Out” has been corrected to “Right to Opt Out” and “Right to Object” to align with descriptions.
- Vendor System Editing (11929):
- Users can now edit brands, entities, and dependencies for a new vendor system.
- Open Vendors File Upload (11978):
- Open vendors can now successfully upload files.
Upcoming Features:
- Infrastructure Upgrade: Upcoming upgrades for components such as Spring Cloud, Spring Boot, JDK, Swagger/JUNIT, and related elements are set to improve performance and security.
- Assessment Improvements:
- SSP Generation for CMMC (Cybersecurity Maturity Model Certification).
- Framework Assessments for AI with Scanning Capabilities.
- DOD Scoring for CMMC Assessments.
- Data Mapping Enhancements.
- Privacy Risk Register allowing organizations to track and mitigate risk across multiple projects or initiatives.
- Email Template Editor: An advanced template editing and viewing feature for email templates will be introduced, enabling tailored communications.
- Verification Questions Enhancement: The verification question system will be fortified, offering different questions based on request type, origin, and attributes. Support for conditional questions, answer formatting, and required fields will be included.
- Data Privacy Assessment Editor: Organizations will gain the ability to customize assessment questions within the Data Privacy Assessment module, enabling tailored evaluations.