New Release Announcement - Dashboard Package 1.11

We are pleased to announce the new release of Dashboard Package version 1.11.0 with

Custom rules tagging - 

Users now have the ability to create custom tags for rules and use them for multiple purposes. The custom tags work the same way as the Industry-standard tags. i.e. users can create tiles (Both in Health & Engineering Dashboard) for custom tags, filter violations based on custom tags, create action or continuous improvement plan using them.

One common use case for the custom tags is that the users can now customize the rules they want to use for Top priority violations. 

Cross-component authentication management in SAML-SSO -

We have enhanced the authentication management in SAML in order to support Dashboard reporting and Rest API access. Users can now generate the Report directly from the Dashboard or refresh cache in the SAML environment.

Please Note: This Dashboard reporting feature in SAML will also require the 1.11 version of Report Generator, which we will release shortly. Please stay tuned on that.

Enhancement for Parameterized rules -

It is now possible to see the Threshold values (Parameter Name & values) for Parameterized rules in Engineering Dashboard, helping users interpret the parameterized rules clearly.

The parameter name and value will appear in the Source code/Bookmark page.

Background fact tile in Engineering Dashboard -

The CAST Engineering Dashboard introduces the ability for users to create Background Fact tiles. Earlier, users had the options to create Background Fact tiles only on Health Dashboard. Users now can do the same in The Engineering Dashboard. The background fact tiles also enable users to redirect to an external URL( if configured).

Advanced Search – Transaction list is now ordered by Risk level -

In Advanced search, transactions are now ordered by risk level i.e. the Transaction Risk Index (TRI) value: TRI is an indicator of the riskiest transactions of the application. The TRI number reflects the cumulative risk of the transaction based on the risk in the individual objects contributing to the transaction. With this, it is now easier for users to focus on violations for top riskiest transactions.

Filtering capability in Action Plan view -

In the Action Plan list, it is now possible to filter the records by Priority, Status and Comment columns. The count for 'added', 'pending' and 'solved' will, therefore, adjust automatically depending on the selected filter.

This brings a significant usability improvement for the users, users can now work with the action plan list with greater ease.

Please Note: We are not done yet with this feature, In the next release, we would like to add filter capability for Rules, Object Name columns as well.

Industry Standard Tiles in Engineering Dashboard -

The Engineering Dashboard now supports the Industry-standard tiles for quality standard Tags, which means users now have the ability to create tiles for various Industry-standard  - CISQ, OWASP, CWE, STIG, etc. The tiles allow the drill-down to the respective pages.

Advanced Show More – Usability Improvement while browsing more violations -

The behavior for “Show More” has been enhanced in this release. Now when choosing to show the additional violations using +10,+100, or All options, the list of violations will anchor to the next set of violations automatically. The Show More button is available in various pages throughout the Engineering Dashboard.

Basic search result will now exclude Critical Rules when “Only Critical Violation” is selected 

The Basic Search will now exclude rules flagged as critical from the search results when the Only critical violations filter is active. When searching for a non-critical rule and the Only critical violations filter is active, a message will be displayed stating No results were found to match your search. In previous releases, non-critical rules were included in the search results even when the Only critical violations filter was active.

Source code can now be hidden in Engineering Dashboard for users with insufficient privileges

A new role has been implemented in this release: “CODE_RESTRICTED”.

This role can be granted to users who do not have the right to view source code in the Engineering Dashboard. Source code will be hidden to those users in below-mentioned cases -

• when drilling down in the Risk Investigation view
• when drilling down in the Action Plan and Exclusion lists
• when clicking More Violation Paths for security-based rules

Excel Download option in Application Investigation Page -

Excel download option is now enabled in Application Investigation page, allowing users to download excel for the rules and count of violations for a particular object.

Enhanced Navigation to items in Action Plan and Exclusion List -

The icons displayed in the violation lists in the Application Investigation, Risk Investigation, and Transaction Investigation view to depict violations that have been added to the Action Plan or Exclusion list are now clickable.

Clicking the icons will take you directly to the Action Plan/Exclusion list and highlight the violation, earlier it was difficult for users to find the item in the action plan or exclusion if they wished to modify the item.

Dashboard Reporting: Report Category and Report Types are now configurable -

The new version is available for Download on ExtendNG site.

Direct Download links - 

Health and Engineering Dashboard

Engineering Dashboard

Health Dashboard

Please check out the Release Note for more information.