We have made significant improvements to our online Evidence Library. As well as storing supporting evidence and useful files in the online Library, it is now simpler for SureCloud Platform users to attach evidence documents to Forms and easier to keep track of the documents which relate to a particular form. Recent enhancements include:
The new pop-up box displays all files from the Evidence Library that you have access to, rather than taking you to the Library. Therefore it is now easier to keep track of the evidence that has already been added, if a response requires more than a single item of evidence. You can also add files and comments directly to the Evidence Library and then add them as evidence to your Form, via the same pop-up box.
The Evidence pop-up box is better at differentiating between comments and file names and allows comments to be general or associated with a particular file.
Forms now display the Evidence file name and accompanying comments whereas previously only the number of evidence documents attached to a response was provided.
When drilling into a Form, you will notice a new ‘Documents’ tab which displays the Evidence Library content relevant to that particular Form. (Note that evidence files displayed are subject to the user having the appropriate permissions). Previously, this information was only available through the reference tab for each file in the Evidence Library and therefore was not easily accessible.
Users of the Vulnerability Manager area in the SureCloud Platform will now see that additional filtering options have been added. These include the ability to filter the high-level ‘Vulnerability Summary’ data (see screenshot).
As you may already be aware, the Vulnerability Summary areas summarise vulnerabilities based on their percentage count towards overall risk and total number of vulnerabilities within the platform, specific scan or assessment.
A number of additional task policy configuration options have been added to the ‘Task Policies’ area of the Platform. Firstly, users will now receive additional information via email when an Event Manager Task policy is triggered and secondly a ‘real-time’ email alert will be sent via the Platform when a new critical vulnerability is detected on a scan or assessment.