Secfix
Roadmap
Feedback
Changelog

Changelog

Follow up on the latest improvements andΒ updates.

RSS

September 25, 2024

new

πŸŽ‰Β The Trust Center is now mobile-friendly!

Your customers and prospects can now view your Trust Center seamlessly on any device. Whether they're on a phone, tablet, or desktop, the experience is smooth and responsive.
GDPR healthscore
September 10, 2024

new

Secfix Trust Center is live and available for all customers! πŸŽ‰

You can dive in right now and start creating and publishing your own Trust Center. Check out how our co-founder Grigory customizes the Trust Center for Secfix in under 5 minutes!
With the Secfix Trust Center, you can upload your certificates, policies, and other resources, make them public or restricted, customize most of the content, colors, and logos, add subprocessors with automated suggestions, and add controls applicable to your company within seconds. And as a cherry on top – you can receive access requests for sensitive documents like pentest reports from your prospects.
We've also created a self-starter guide for you: Introduction to the Trust Center.
If you'd like some help getting started or want assistance from our designers, feel free to book a quick chat with us through this Calendly link.
July 17, 2024

new

πŸš€ July Update: New Templates, Bug Fixes, and Feature Improvements

You asked, and we listened.
This release focuses on bug fixes and feature improvements based on your feedback:
✏️
Updates on Manual Evidence:
:
  • Secure Configuration Baselines: Added 2 new templates (in EN and DE).
  • Test of Incident Response Plan: Added 1 new template (in DE).
  • Incident Report or Root Cause Analysis: Added 1 new template (in DE).
  • Tabletop Disaster Recovery Exercise: Added 1 new template (in DE).
πŸ—“οΈ
Enhanced employee end date logic
: If an employee is removed from the IDP (e.g., Office365) and the end date is fetched from the IDP, Secfix will prevent manually overwriting the end date with an empty value or clearing it. However, users can manually change the end date to any other past date.
πŸ”„
Fixed cloud asset sync issue
: Manual changes to cloud asset attributes now persist after syncs.
⚑
Real-time updates on employees page
: Updates are now saved and displayed immediately without requiring a page refresh.
πŸ‘₯
Improved policy update feature
: Automatically pre-selects previously selected groups when uploading a new policy version.
πŸ‡©πŸ‡ͺ
Added German security questionnaires
: Support for German security questionnaires for vendors.
πŸ“„
Simplified risk assessment survey
: Survey questions are now optional, making it easier to skip irrelevant questions.
πŸ’Ό
Fixed user role change issue
: Resolved unintended user terminations caused by role changes.
June 13, 2024

new

πŸš€ Reuse Past Evidence

We’re thrilled to introduce an amazing new feature that will transform your workflow!
Reuse evidence
🌟 Reuse Past Evidence
Now, you can easily reuse past evidence, making your workflow more efficient and streamlined.
For a closer look at this awesome update, check out the following video
πŸͺ„
Additional Enhancements:
  • Dashboard:
    Enhanced health score for ISO27001:2022
  • Reports:
    Added ISO27001:2013 security report
  • Risk Assessments:
    Added a success alert to inform you of the number of added risk scenarios after completing an assessment survey.
  • New Navbar:
    Our app now features a fresh and updated look with a new navbar.
  • Access Page:
    Added missing fields and helpful tooltips.
May 30, 2024

new

May updates

πŸͺ„ Risk Assessments
You can now easily identify risks specific to your organization. The assessment includes questions tailored to the most common risks faced by modern companies
Risk assessment
πŸ“ˆ GDPR Health score report
Now you can review your GDPR health score on your dashboard and access the detailed GDPR security report.
GDPR healthscore
πŸ”‘ Improved access page
Access page
  • βœ… Check the status of MFA & SSO for accounts
  • βœ… Easily assign owners inline
  • βœ… Identify accounts as "External person" or "Not a person"
  • βœ… Add your notes to accounts
πŸ“„ Improved manual evidence
Manual Evidence
  • βœ… Assign an owner to manual evidence
  • βœ… Add your notes to manual evidence
April 26, 2024

new

Secfix release notes 24.04.2024

πŸ†• New features
HRIS Integration:
  • Improved Sync: Enhancements to the synchronization process between HRIS and IDP to ensure accurate user data.
  • Force Sync on Reconnect: Automatically syncs HRIS data when reconnection occurs.
  • Employee Status Alignment: Standardizes employee status to always reflect Secfix as the source.
πŸ›  Fixes & Improvements
  • User Sync Bug Fix: Resolved issues with syncing users between IDP and HRIS following customer feedback.
  • Control Status Calculation: Fixed bugs in control status calculations for Security Reports and ISO27001 Health Score, centralizing status calculations on the backend.
  • Cloud Tags Bug Fix: Resolved issues with cloud tag management in inventory.
  • Enhanced Company Representation: Updated to display the company name prominently.
  • Security Report Improvements: Addressed missing status icons and text in security report summaries.
  • New Filters: Introduced 'New Person/Not Person' as a filter option on the employee page.
  • HR Merge Date Corrections: Corrected date displays in HR merge user table.
  • Autocomplete and UI Fixes in Risk Register: Improved the controls field with an autocomplete list and enhanced UI.
  • Connection Page and Me Page Enhancements: Improved UI on the Connection page and reduced duplicate calls to the data/me endpoint.
  • Employee Task Visibility: Fixed an issue where tasks for terminated employees were not visible on hover.
  • Progress Bar Color Correction: Addressed a bug causing the progress bar to display as grey when progress is at 100%.
  • Access Page Search: Resolved a bug that stopped the search functionality on the Access page when displaying 100 results.
April 26, 2024

new

Secfix release notes 18.04.2024

πŸ†• New features
  • HRIS integration
    : BambooHR and Personio are now integrated, allowing the manual creation of new Secfix accounts synced with HRIS if they are not available on IdP. Note: HRIS is available on-demand only for early adopters.
  • Dashboard compliance health score
    : Track compliance with ISO27001 directly on your dashboard.
  • Expanded Summary items on dashboard
    : Additional links under Summary for quick access to Manual Evidence, Automated Tasks, Risks, Policies, Vendors, Employees.
  • Risk snapshots and history
    : New features for tracking changes over time.
  • Improved import for risk management
    : Now includes options to import Treatment Strategy and Residual Score.
Fixes and improvements
  • Treatment tasks: Tasks can now be closed without resetting an approved risk to not approved. Added the possibility to delete treatment tasks directly from their tab.
  • Sorting enhancements: Improved sorting functionality on Risks, Vendors, Employees, Access, and Inventory tables.
  • Login page: design improvement.
  • Employee profile enhancements: Overhauled design and extended filtering capabilities on the employee page.
  • Employee onboarding (/me) page: Improved status update behavior on security training and policy tasks.
  • Access page: Pagination fix.
  • Groups page: Updated to show only active employees (specifically for Florian from Consor).
  • Enabled editing Serial No/ID to be empty.
  • Enhanced group functionality to only show active employees when a group is selected.
  • Fixed issues with imported risks that affected risk approval.
  • Employee list: Fixed the filter for groups not functioning correctly.
March 20, 2024

new

Secfix release notes 14.03.2024

πŸ†• New features
  • My tasks page:
    new and improved look for employee-facing tasks on Secfix.
  • Sorting
    : users can now sort risk register and vendor management entries to better view information.
Fixes and improvements
  • Issues on My tasks when uploading evidence with multiple custom trainings enabled.
  • Task status update on My Tasks.
  • Access management pagination.
  • Hide GDPR task from employees who shouldn't have this task.
  • Issue with duplicate summary emails being sent.
  • Issue with summary email policy count.
  • Issue with summary email displaying risks that didn't need attention.
March 13, 2024

new

Secfix release notes 06.03.2024

πŸ†• New features
  • Treatment tasks tab in Risk register
    : Users now have a dedicated tab in the risk register to manage risk treatment tasks.
  • Inventory
    : Users can now bulk edit the owner of multiple inventory assets simultaneously with just a few clicks.
  • GDPR training
    : Users subscribed to a GDPR add-on can now complete GDPR training on Secfix, in addition to regular security awareness training. GDPR Training is available in English and German.
  • Summary email notification
    : Weekly summary digests are sent via email to Secfix admin users every Monday. It covers outstanding automated tasks, manual evidence, policies, vendors, risks, and employee tasks.
  • Dashboard v.1.0
    : The first iteration of our dashboard allows users to stay up-to-date about manual evidence progress and risk management online. Also it gives users quick access to helpful features and easy booking of feedback sessions with our co-founder.
Fixes & improvements
  • Added empty state for the Discover Vendors tab.
  • Fixes on vendors' logos and renaming.
  • Date format fixed.
  • Owner selection improvements.
  • Task isn't readable if the text is too long.
  • If the vendor had an owner unassigned, the table didn't get updated.
  • Pagination issue with Jira integration.
  • Hotfix on cloud assets sync.
  • Hotfix on manual evidence expiry check.
  • Hotfix AWS -> fetch cloud asset tags.
  • Exclude cloud resources that have the SecfixNonProd (=true), SecfixNoAlert tags on the inventory.
  • Exclude/hide not applicable resources with tags SecfixNonProd (=true), SecfixNoAlert from automated tasks.