ER 2.12.0 Release Notes

The Release Notes provide information about new features, platforms, data types, enhancements, bug fixes and all the changes that have gone into Enterprise Recon 2.12.0.

For a quick view of the changes since the last Enterprise Recon release, see Summary of Changes.

Contents:

1. Highlights
   • New and Improved Features
     • Quickly Search and Select Targets and/or Target Groups as Scan Locations

   • New and Improved Data Types

   • Early Access
2. Important Notes
   • Critical: One Way Upgrade to Enterprise Recon 2.12.0

   • Critical: End of Support for CentOS 7 Master Server

   • Upcoming End-of-Support Platforms and Features
3. Enterprise Recon 2.12.0 Changelog
   • What’s New?
   • Enhancements
   • Bug Fixes
4. Features That Require Agent Upgrades

New and Improved Features

Quickly Search and Select Targets and/or Target Groups as Scan Locations

To improve the scan location selection process when starting a new or modifying a scheduled scan in the Select Locations page, Enterprise Recon 2.12.0 introduces the following functionalities:

• the search filter criteria dropdown (used in conjunction with the name/keyword search bar) to specify whether to search for Targets, Target Groups, or both,
• the name/keyword search bar and search button to enter keyword(s) and get partial and full matches of that keyword according to your search filter criteria, and
• the Filter Target Type dropdown to select the specific Target type(s) to include in the search results.

To use these functionalities, refer to the Start a Scan section.

New and Improved Data Types

NEW Blood type data, just like any other health data managed through digital systems, can be misused and exploited when left unsecured. The new Blood Type data type in Enterprise Recon 2.12.0 enables organizations that deal with or handle medical-related personal data to detect the eight supported main blood types, and remediate these vulnerabilities within their organization's digital systems.

Enterprise Recon 2.12.0 also brings expanded coverage to Turkey-based national ID data types. The new Turkish Tax Identification Number data type can detect the 10-digit Turkish Tax Identification Number (TIN), and the updated Turkish Identification Number can now detect Turkish identification numbers that begin with "8".

Early Access

The Early Access stage allows Ground Labs to collect a round of usability and performance feedback before a feature is made generally available.

If you would like to request access to any of the Early Access features, please get in touch with the Ground Labs Support Team for assistance.

Early Access Features

• Apache Hive - Enables sensitive data discovery on Apache Hive (and Cloudera Hive) database Targets.

Important Notes

CRITICAL: One Way Upgrade to Enterprise Recon 2.12.0

Certain data sets, storage formats and components for the Master Server have been updated in Enterprise Recon 2.12.0. Therefore once the Master Server is updated from Enterprise Recon 2.11.1 (and below) to ER 2.12.0, the datastore is not backward compatible and downgrading ER 2.12.0 to an earlier version is not supported.
Please contact the Ground Labs Support Team for assistance with upgrading the Master Server.

CRITICAL: End of Support for CentOS 7 Master Server

Master Server installations with CentOS 7 as the base operating system are no longer supported in Enterprise Recon version 2.12.0. Consequently, upgrading a CentOS 7-based Master Server to version 2.12.0 through an online update is no longer possible.

If you have existing installations of CentOS 7-based Master Server, you will need to create a backup of your Master Server datastore and datastore configuration file, and migrate to Enterprise Recon on the new operating systems to continue receiving support for new features and product updates.

See How To Install the Master Server Appliance (from ISO) or How To Install the Master Server on RHEL 8 (from RPM).

Upcoming End-of-Support Platforms and Features

The following platforms and/or features will reach end of support and be removed in the upcoming Enterprise Recon 2.13.0 release:

• macOS Workstation Targets
  • macOS Monterey 12
• Email Targets - Exchange Domain
  • Exchange Server 2013
• Server Targets - Confluence On-Premises
  • Confluence Data Center 7.4 LTS
  • Confluence Data Center 7.19 LTS
• Server Targets - SharePoint Server
  • SharePoint Server 2013
• Network Storage Locations - Hadoop Clusters
  • Apache Hadoop 2.8.0 and older
• Database Targets
  • MySQL 5.7 and older
  • Oracle Database 18c and older

Changelog

The Changelog is a complete list of all the changes in Enterprise Recon 2.12.0.

What’s New?

• New Data Types
  • NEW Blood Type
  • NEW Turkish Tax Identification Number

Enhancements

• Improved Features:
  • Updated data compression and image processing libraries for increased application security.
  • Minor UI enhancements.

Bug Fixes

• The "Reason" column in Match reports exported from the Investigate page displayed an empty description for the remediated match locations. The issue would occur if the Match Report for the impacted match location(s) was downloaded after scanning another location(s) in the same Target.

• Scans for Google Workspace (Google Drive) Targets included folders that were neither selected from the probing Target workflow nor entered in the "Path" field as scan locations. This issue would only occur if a selected folder's label (e.g. "my-folder") is a prefix of another folder (e.g. "my-folder-2024") that was not selected for scanning, resulting in both folders being scanned.

• A non-existing file or folder location path in SharePoint Online, SharePoint Server, Google Mail, and Amazon S3 Targets could be probed via the Enterprise Recon Web UI and API and scanned successfully.

• The "Test" button did not change to a "Commit" or "+ Add Customised" button when attempting to add a valid SharePoint Online or SharePoint Server list as a Target location.
• Using an invalid username or password when adding Google Workspace Targets would return a generic "Too many redirections" error. This fix improves error messaging for incorrect Google Workspace Target credentials.

Features That Require Agent Upgrades

Agents do not need to be upgraded along with the Master Server, unless you require the following features in Enterprise Recon 2.12.0:

• A non-existing file or folder location path in SharePoint Online, SharePoint Server, Google Mail, and Amazon S3 Targets could be probed via the Enterprise Recon Web UI and API and scanned successfully.
• Updated data compression libraries for increased application security.
• The "Test" button did not change to a "Commit" or "+ Add Customised" button when attempting to add a valid SharePoint Online or SharePoint Server list as a Target location.

For a table of all features that require an Agent upgrade, see Agent Upgrade.

Ensuring we are delivering the best technology for our customers is a core value at Ground Labs. If you are interested in future early builds of Enterprise Recon with forthcoming features, please email your interest to product@groundlabs.com.