we merged a few of our enterprise patches into the community version to ensure it’s functionality and readiness for a set of big new features coming during the second half of 2015.
what have we in mind for June 2015:
- hopefully get rid of file configurations (app/Config/settings.php) and move everything to the GUI
- move all LDAP configurations to the GUI
- move all “Security Awareness” features to the GUI
- move Risk configurations to the GUI
- develop the current “Security Policies” feature to let users document in detail and with a “Word like” editor policies, standards and procedures. policies will be shown in a portal to users according to their LDAP group settings. we hope solving organisations policy management and communication issues with this feature.
- more user interface work
the new release has the following patches:
- re-wrote our system record module to ensure records are generated when “status” change
- re-write the code that manages the “labels” (missing audit, risk expired, etc) and documented every possible label. this will be used extensibly in future versions.
- security checks for all input fields (to avoid XSS, etc)
- new-lines character for text fields
- workflows do not go to “draft” status after an edition form is “canceled”
- the ACL engine (the module that manages roles permissions) got a few patches that prevent users from abusing access.
- corrected some dashboards that where showing wrong numbers
- included help dialogues in every page, reviewed the English grammar on every page.
- fixed some language issues when using browsers that by default read a different language other than English
- improved the user interface to make it easier to read (we plan more upgrades in the future)
- risk scores automatically updated when risk classification values are updated
- added a few other asset types (Services, Network)
- simplified the DB’s schemas used to install eramba in order to make it easier to use
- fixed two crons that were not working properly (dashboards and yearly audit generation)
- shrank the user interface to make it easier to use with 13 inch screens
- updated the audit fields on security controls so when they are changed, all future audits reflect this changes
- is now possible to record an incident (not jus an improvement project) when an audit fails
- updated our logo!
- the math used to calculate the project completion was updated to match the one used by default by MS Project.
- re-organised the menu items to clean up things a little bit
the installation procedure has been well documented on our website, we even made a video showing how is done on a Ubuntu server.
upgrading from our previous release (2.0.4.008) requires the following steps:
- backup your eramba_v2 folder and the current database
- uncompress the new download package on top of the previous install, overwrite all files automatically
- apply to your current database the database patch (app/Config/db_schema/XXXXXXX)
- delete the cache (directory app/tmp/cache/*)
- enable Debug = 2 (app/Config/core.php)
- login with your credentials as usual
- disable Debug = 2 (app/Config/core.php)
thanks & good night from Cadiz
the eramba team