ER 2.9.0 Release Notes

The Release Notes provide information about new features, platforms, data types, enhancements, bug fixes and all the changes that have gone into Enterprise Recon 2.9.0.

For a quick view of the changes since the last Enterprise Recon release, see Summary of Changes.

Contents:

1. Highlights
   • New and Improved Features
     • Integration Enhancements for Box Targets
     • Bulk Download for Box Targets

   • New and Improved Data Types

   • Early Access
2. Important Notes
   • Critical: One Way Upgrade to Enterprise Recon 2.9.0
   • Critical: End of Support for KCT Datastore Format
   • End-of-Support Platforms and Features in Enterprise Recon 2.9.0
   • Upcoming End-of-Support Platforms and Features
3. Enterprise Recon 2.9.0 Changelog
   • What’s New?
   • Enhancements
   • Bug Fixes

New and Improved Features

Integration Enhancements for Box Targets

The Box Inc is the enhanced Box module that uses the custom app with server-side authentication using JSON Web Tokens (JWT) for authorization. This change removes the requirement to generate a unique access code for each Box location to scan, simplifying your automation and integration with the Enterprise Recon API framework.

The Box Inc module also enables you to easily scan the Box user accounts in selected groups as well as all user accounts in your organization's Box Inc domain with the virtual "All Users" group.

From Enterprise Recon 2.9.0, the Box Inc module replaces the previous Box Enterprise module.

See Box Inc for more information.

Bulk Download for Box Targets

BETA Included in the enhanced Box module is a new powerful feature designed to optimize API call usage. The Enable Box Bulk Download parameter in Enterprise Recon 2.9.0 allows bulk download of files to address the limitation of one API call per file when scanning Box Targets.

This feature improves scanning efficiency and allows you to effectively manage sensitive data risks in your organization without worrying about the API call limitations.

New and Improved Data Types

NEW Mailing addresses are personally identifiable information (PII) of an individual as they are used for billing, registration, official correspondence, and more. With the new Singaporean Mailing Address data type in Enterprise Recon 2.9.0, you can scan, detect, and remediate general mailing addresses as well as P.O. Box addresses in Singapore.

Passport number coverage has also been expanded with the addition of the new Singaporean Passport Number data type that can identify Singaporean passport numbers stored in unsecured locations across your organization.

Early Access

The Early Access stage allows Ground Labs to collect a round of usability and performance feedback before a feature is made generally available.

If you would like to request access to any of the Early Access features, please get in touch with the Ground Labs Support Team for assistance.

Early Access Features

• Apache Hive - Enables sensitive data discovery on Apache Hive (and Cloudera Hive) database Targets.

Important Notes

CRITICAL: One Way Upgrade to Enterprise Recon 2.9.0

Certain data sets, storage formats and components for the Master Server have been updated in Enterprise Recon 2.9.0. Therefore once the Master Server is updated from Enterprise Recon 2.8.0 (and below) to ER 2.9.0, the datastore is not backward compatible and downgrading ER 2.9.0 to an earlier version is not supported.
Please contact the Ground Labs Support Team for assistance with upgrading the Master Server.

CRITICAL: End of Support for KCT Datastore Format

From Enterprise Recon 2.0.28, new installations of Enterprise Recon utilize CentOS 7 and RDB datastore format, which features improved reliability, better performance, and reduced internal fragmentation.

If your existing Master Server installation is based on CentOS 6 or utilizes the KCT datastore format, please upgrade to CentOS 7 and migrate your datastore to RDB format before upgrading to Enterprise Recon 2.9.0 to continue using Enterprise Recon without interruption.

The Ground Labs Support Team is available to assist customers who wish to upgrade and migrate existing installations of Enterprise Recon.

End-of-Support Platforms and Features in Enterprise Recon 2.9.0

The following platforms and/or features have reached end of support in Enterprise Recon:

• Box Enterprise
  • To continue scanning the Box environment, you are recommended to use the Box Inc protocol which uses the custom app with server-side authentication using JSON Web Tokens (JWT) for authorization.
  Existing reports and/or match locations for the deprecated Targets will still be accessible in Enterprise Recon.

Please see End-of-Support Platforms for more information.

Upcoming End-of-Support Platforms and Features

The following platforms and/or features will reach end of support and be removed in a subsequent release of Enterprise Recon:

• Linux 2.4 Node Agents
  To continue scanning Linux server Targets, install the Linux 2.6 Node Agent instead.
• Microsoft Windows Server Targets
  • Windows Server 2008 R2 64-bit
• macOS Workstation Targets
  • macOS Mojave 10.14
• Email Targets - Exchange Domain
  • Exchange Server 2010
• Database Targets - Microsoft SQL
  • Microsoft SQL 2008

Changelog

The Changelog is a complete list of all the changes in Enterprise Recon 2.9.0.

What’s New?

• New Data Types
  • NEW Singaporean Mailing Address
  • NEW Singaporean Passport Number

• Added:

  • BETA Enable bulk downloading of files to optimize API call usage when scanning Box Targets.

Enhancements

• Improved Features:
  • Clearer messaging for errors related to Inaccessible Locations in Salesforce, MongoDB, SharePoint, and Microsoft 365 cloud Targets.
  • Custom data types can now be selected as part of the Data Type criteria when creating and/or modifying Risk Profiles. See Risk Scoring and Labeling Criteria - Data Types Criteria for more information.
  • Improved handling of user inputs in the Web UI and during the generation of CSV files (e.g. reports) for increased application security.
  • Third-party library upgrade for increased application security when scanning Exchange Domain Targets.
  • Improved UI and clearer error messaging format when importing a large list of invalid Global Filters.
  • Improved handling of UTF-16 encoded supplementary characters for a more compatible data processing and character validation.
  • Clearer error messaging when uploading an ER2 license file that has been previously uploaded and committed.
  • (i) Expanded encrypted PDF files scanning capabilities, and (ii) overall improvements to the handling of PDF files version 1.5 and above.
  • The Box module has been updated to use the custom app with server-side authentication using JWT for authorization. You can also easily scan the Box user accounts in selected groups as well as all user accounts in your organization's Box Inc domain with the virtual "All Users" group. See Box Inc for more information.
  • You can now scan disabled and inactive mailboxes in Exchange Online Targets.
  • Minor security and UI enhancements.

Bug Fixes

• Scans for Windows Share Targets with a large number of users or groups would remain at 0.00% "Scanning" state from the start of the scan but would eventually be completed.
• (i) The "Status" for scan schedules that started and paused automatically during the Automatic Scan Pause Window while at least one other scan was still in the "Automatically Paused" state would be incorrectly displayed as "Scheduled" instead of "Pause" in the Schedule Manager page, and (ii) the impacted scan schedules would not be displayed in the Scan History page. The issues would only occur until the other scans resumed the "Scanning" state. For the fix to take effect, de-activate or cancel the impacted scan schedules and re-scan the impacted Target locations.
• In certain scenarios, scans for Salesforce, MongoDB, SharePoint, and Microsoft 365 cloud Targets with Inaccessible Locations could not be completed successfully and would result in "Scan failed to start" error.
• Added an event entry in the Activity Log when a user accessed the Activity Log via the Enterprise Recon Web UI or API.
• The vertical scrollbar for the errors would not be available and the "Import" and "Cancel" buttons would not be in view in the Import Filters dialog box if there was a long list of errors when attempting to import filters in the Global Filters page.
• UTF-16 encoded supplementary characters (e.g. musical symbol G Clef "𝄞", mathematical symbol "∂", emojis like "🚀", "🏠", etc...) in location paths would be displayed as question marks when adding or probing any of the Microsoft 365 cloud Targets via the Enterprise Recon Web UI or API.
• Probing teams that contained special characters (e.g. "#", "%", "&", etc...) in the name would result in the "Specified Team does not appear to exist" error for Microsoft Teams Targets.
• Duplicate Target Groups would be created for each Agent host machine that was added as a Target using the "Verify All" feature in the Agent Admin page. This error would occur when verifying thousands of Agents and selecting the "Create a target defaulting to group <Target Group Name>" option to add Agents to the same Target Group.
• The number of match locations could be more than the number of scanned locations in the Scan History page and/or in the Target Consolidated and Isolated Reports when scanning archive and/or MS Excel file formats. For the fix to take effect, rescan the impacted Target locations.
• Folders within TAR GZ (.tar.gz) files were scanned as files and logged in the Scan Trace Log Detail page.
• The Web UI would generate a failure and restart if a value was provided in the "Target Group (optional)" field (for Windows Agents) or in the "(Optional) Target initial group" field (for all other Agents) during the Node Agent configuration process. The failure would occur when attempting to verify the configured Agents in the Agent Admin page.
• The checkbox for data types that have both Robust and Relaxed Search modes and have been added with Robust Search configuration remained selected even though they were unchecked when modifying the data type profile via the Enterprise Recon Web UI.
• The Target Group's Current Consolidated Report and Latest Scan Reports displayed only the details of each Target's first scan results instead of the details of each Target's scan history or latest scan results.

BETA This is a Beta feature. Ground Labs does not give any warranties, whether express or implied, as to the suitability or usability of its Beta features. If you have any feedback on bugs or usability of the Beta feature, please email your feedback to product@groundlabs.com. Your assistance on this is highly appreciated.

Ensuring we are delivering the best technology for our customers is a core value at Ground Labs. If you are interested in future early builds of Enterprise Recon with forthcoming features, please email your interest to product@groundlabs.com.