we merged a few of our enterprise patches into the community version to ensure it’s functionality and readiness for a set of big new features coming during the second half of 2015.

what have we in mind for June 2015:

  • hopefully get rid of file configurations (app/Config/settings.php) and move everything to the GUI
    • move all LDAP configurations to the GUI
    • move all “Security Awareness” features to the GUI
    • move Risk configurations to the GUI
  • develop the current “Security Policies” feature to let users document in detail and with a “Word like” editor policies, standards and procedures. policies will be shown in a portal to users according to their LDAP group settings. we hope solving organisations policy management and communication issues with this feature.
  • more user interface work

the new release has the following patches:

  • re-wrote our system record module to ensure records are generated when “status” change
  • re-write the code that manages the “labels” (missing audit, risk expired, etc) and documented every possible label. this will be used extensibly in future versions.
  • security checks for all input fields (to avoid XSS, etc)
  • new-lines character for text fields
  • workflows do not go to “draft” status after an edition form is “canceled”
  • the ACL engine (the module that manages roles permissions) got a few patches that prevent users from abusing access.
  • corrected some dashboards that where showing wrong numbers
  • included help dialogues in every page, reviewed the English grammar on every page.
  • fixed some language issues when using browsers that by default read a different language other than English
  • improved the user interface to make it easier to read (we plan more upgrades in the future)
  • risk scores automatically updated when risk classification values are updated
  • added a few other asset types (Services, Network)
  • simplified the DB’s schemas used to install eramba in order to make it easier to use
  • fixed two crons that were not working properly (dashboards and yearly audit generation)
  • shrank the user interface to make it easier to use with 13 inch screens
  • updated the audit fields on security controls so when they are changed, all future audits reflect this changes
  • is now possible to record an incident (not jus an improvement project) when an audit fails
  • updated our logo!
  • the math used to calculate the project completion was updated to match the one used by default by MS Project.
  • re-organised the menu items to clean up things a little bit

the installation procedure has been well documented on our website, we even made a video showing how is done on a Ubuntu server.

upgrading from our previous release ( requires the following steps:

  • backup your eramba_v2 folder and the current database
  • uncompress the new download package on top of the previous install, overwrite all files automatically
  • apply to your current database the database patch (app/Config/db_schema/XXXXXXX)
  • delete the cache (directory app/tmp/cache/*)
  • enable Debug = 2 (app/Config/core.php)
  • login with your credentials as usual
  • disable Debug = 2 (app/Config/core.php)

thanks & good night from Cadiz

the eramba team