Secutor Prime
Change Log
Version 3 (build 3022)
- Bug fix: Existence check for Windows files.
Version 3 (build 3021)
- Bug fix: Index out-of-bounds error on Required Action notes.
Version 3 (build 3020)
- Integrated support for 32- and 64-bit Windows assessment targets from a single Prime install.
Applies to both local and remote assessments (Prime Pro, Prime Auditor)
- Added support for patch54_test probes
- Improved support for remote assessments over SSH connections (Prime Pro, Prime Auditor)
- Bug fix: Expand Group behavior on FileEffectiveRights tests
- Bug fix: Set filtering
Version 3 (build 3018)
- Content updates (new patch definitions, new vulnerability tests)
- Stability fixes for Windows 7 and Vista
- Added not-result logic for displaying vuln content in XCCDF
- NEW: Removed unnecessary 'moot' lines from OVAL Notes.
- NEW: XML File Content test support (Solaris content).
- NEW: Unix password test support (Solaris content).
- Bug fix: Abnormal termination in Simple Mode on Windows 7 x64
- Bug fix: handling of non-String WMI values.
- Bug fix: Resolving external variables for user tests
- Bug fix: Hanging on error issue.
- Bug fix: Not loading Vista libs on Windows 7 assessments.
Version 3 (build 3015)
- Content updates
- Minor bug fixes
Version 3 (build 3014)
- Content updates
- Bug fix: Status change following remediation not correctly displayed
- Performance enhancements in OVAL interpreter
- Fixed typos in some CPE descriptions
Version 3 (build 3011)
- Content update: New patch definitions and minor edits to benchmark text.
Version 3 (build 3010)
- Content update: New patch definitions for multiple Microsoft operating systems.
- Redundant information removed from XCCDF results files.
Version 3 (build 3008)
- Content update: New patch definitions for multiple Microsoft operating systems.
- Content update: Vulnerability definitions for Windows and Solaris.
- Bug fix: File --> Export --> Magnus was exporting to the incorrect format.
- Bug fix: Count mis-match on vulnerability totals.
- Bug fix: Naming convention on results files.
- Bug fix: Greatly improved render time on the vulnerability report.
Version 3 (build 3006)
- Bug fix: Count mis-match on assessment totals.
- Bug fix: Concurrency conflict while writing multiple results files.
Version 3 (build 3005)
- New simplified interface, allowing a complete assessment to be done with just a single click.
- New tool for cleaning up old content files (Tools --> Remove Old Content).
- Multiple content updates.
2.0.4 (build 3003)
- Bug fix: Tracking of connection information while running remote assessments.
- Bug fix: Some Linux/Unix commands were not able to be executed under some conditions.
- Bug fix: Application would not launch when Accessibility features are installed and active.
- Improved handling of OVAL Vulnerability content files.
2.0.4 (build 3002)
2.0.4 (build 3001)
- OVAL compatibility updated to v5.5.
- Upgrade to support POSIX regex.
- Bug Fix: REG_BINARY "00" bug.
- Bug Fix: Update to better handle Solaris package tests.
- Bug Fix: Removed innappropriate library call when running local Unix tests.
2.0.4 (build 1418)
- Content update: New patch tests for Windows benchmarks.
2.0.4 (build 1417)
- Bug fix: Under certain circumstances the application would hang on rules that
refer to a REG_BINARY value.
2.0.4 (build 1416)
- Bug fix: handling return condition when a queried account SID does not exist.
2.0.4 (build 1415)
- Added the new Microsoft content to the distribution.
- New processing directives necessary to properly handle the new content.
2.0.4 (build 1414)
- Content update: Distribution synced to match the FDCC 1.1 release.
- Content update: Remediation, reference, and other information added to enhance the FDCC 1.1 content.
2.0.4 (build 1412)
- Bug fix: CCE ID's not showing up in CVS exports.
2.0.4 (build 1408)
- New Deviation Profile report with GPO references added to Deviation Manager.
- CPE fix for XP Firewall on XP,SP3.
- Dropped usage of ">" and "<" in OVAL notes.
2.0.4 (build 1404)
- Content update: corrections to remediation items for XP and Vista.
2.0.4 (build 1405)
- Bug fix: Native library aborts destructively when native debugging is enabled and a registry query returns a very long REG_SZ value.
2.0.4 (build 1404)
- Content update: corrections to remediation items for XP and Vista.
2.0.4 (build 1402)
- Bug Fix: New patches would not import on first assessment.
- Bug Fix: Permit registration of Deviation Profiles after first registration for threads that perform multiple serial assessments.
- Added OVAL Notes to Findings for failed patches.
- Bug Fix: Patch tree did not show up for the Server 2003 Tree View.
- Disabled ability to pull patch content from the Internet.
- Excel spreadsheet generator now auto-calcs the XP and Vista counts.
- Fixed raw score on summary reports.
- Fixed bug on vuln result imports (causing no or incomplete scoring).
- Fixed scope processing for Deviation Profiles.
- Fixed the Prime no-assessment-on-profiling bug.
- Fixed deviation profiling bug when profiling FW content.
2.0.4 (build 1401)
- Content update: Auto-update synced to latest SCAP release.
- Content update: Remediation content synced to latest SCAP release.
- Library Update: Initial support for integrated 32/64-bit assessments.
- Library Update: Initial support for running Prime on non-Windows platforms.
2.0.4 (build 1399)
- Bug Fix: CPE check when first switching benchmarks would show none applicable.
- Bug Fix: Improper tag in XML export.
- Library Update: support for new test types in latest S-CAP content update.
- Library Update: potential memory leak plugged.
- Library Update: performance enhancements.
2.0.4 (build 1396)
- New report: SP800-53 audit report that shows failures only.
- Content update: corrected scoring information in patch content.
- Bug fix: corrected formatting issue in report transform.
2.0.4 (build 1394)
2.0.4 (build 1393)
- Bug fix: "Profile Now" button would not save deviation changes if the current deviation had not already been made active via the "Set As Current" button.
- Library Update: Re-enabled ability to employ fully-extended profiles in the driving content.
2.0.4 (build 1391)
- Bug fix: pre-existing Deviation Profiles were not compatible with new NIST requirements. These will also work now.
2.0.4 (build 1390)
- Modification to the FDCC Excel spreadsheet generated by Prime to facilitate processing by NIST.
2.0.4 (build 1389)
- Usability enhancements to the FDCC reporting tool.
- Updated Help to reflect the recent changes.
2.0.4 (build 1388)
- Updated the FDCC Deviation report to match the recent changes in the reporting requirements.
- Added a tool to create the consolidated FDCC reporting Excel spreadsheet.
- Performance optimizations in the assessment engine.
2.0.4 (build 1385)
- More updates to multiple patch tests.
2.0.4 (build 1384)
- Bug fix: Embedded signature algorithm prevented download of news item updates.
2.0.4 (build 1383)
- Added functionality: Settings option to automatically run the last assessment when Secutor Prime is started.
- Updated: News/Information browser now only downloads digitally signed items.
2.0.4 (build 1382)
- Added functionality: Initial Network Access Control (NAC) integration points (Cisco).
- Added functionality: News/Information browser.
- Content fixes for IE7 remediation.
- Content fixes for Visual Studio-related patch definitions.
- Bug fix for registry key existence checks.
2.0.4 (build 1381)
- Remediation content updated for IE7.
- Minor usability changes in the content selection dialog.
- Initial non-Windows support for Secutor Prime Pro: Remote authentication now SSH capable.
2.0.4 (build 1377)
- Bug Fix: Assessment actions no longer blocked by local firewall settings as seen on a number of installations.
- New feature: simple update log for tracking auto-update actions.
- New feature: enhanced debugging for windows native libraries.
- Update: Update system enhanced to dymanically track different install platforms.
- Update: Windows native interface updated to simplify non-Windows usage of Secutor Prime.
2.0.4
- Changed version number scheme to conform to validation process.
- FDCC report updated to stay in sync with NIST requirements.
- Minor changes to assessment library to match recent content changes.
- Added initial remediation content to match NIST S-CAP content. Further updates will be made as the content is completed and validated.
- Added schema files to auto-update system.
- Bug fix: Transformed FDCC report incorrectly referenced image files.
- Bug fix: Progress bar just a wee bit off.
- Bug fix: Two missing files in validation schema directory.
2.0.3
- Reverted to version 1.0 final on all NIST content.
- Interpreter changes to process style changes in 1.0 NIST content.
- Added schema files to distribution package.
- Added automatic validation against schema when selecting benchmarks.
2.0.2
- Updates to remote authentication.
- Tracking and cleanup of manually created remote connections.
- Interpreter changes to keep in sync with latest content updates.
2.0.1
Bug fix release.
2.0.0
- FDCC Reporting format.
- Remote assessment ability.
- CPE-based benchmark selection enabled when target is remote.
- New assessment options: Compliance acceptance and warning levels.
- Reorganized menus.
- Shrink/Expand control button added to "Assessment Conditions" panel.
- Additional usage disclaimer (ignorable) added to remediation.
- Profile auto-selected when the benchmark only contains a single profile.
- Bug fixes: OVAL exporter.
- Bug fixes: Deviations manager.
- OVAL and XCCDF interpreters updated.