Link Search Menu Expand Document
OpenRMF Professional Help

Version 2.8 (Integration release)

Version 2.8 includes the following feature updates:

  • Create Checklists in a System Package via Templates while still in the System Package area
  • Import a Nessus Audit Compliance Scan (using a DISA benchmark) to make a normal DISA checklist (feature release, still testing)
  • Import CIS benchmark-based .audit definition files (from Tenable Downloads) to create CIS checklists (feature release, still testing)
  • Import a Nessus Audit Compliance Scan (using a CIS benchmark) to make a new custom CIS checklist (feature release, still testing)
  • Export the System Security Plan (SSP) XLSX file with all data within OpenRMF Professional
  • Made exporting the System Security Plan (SSP) Control to Vulnerability detailed XLSX file with all data within OpenRMF Professional much faster
  • Export the System Assessment Report (SAR) XLSX file with all data within OpenRMF Professional
  • Export the Summary Risk Assessment Report (RAR) XLSX file with all data within OpenRMF Professional
  • Export the Full Risk Assessment Report (RAR) XLSX file with all data within OpenRMF Professional, including all open vulnerabilities from the POAM included
  • Report to view Hardware Device listing per System Package
  • Report to view Software listing per System Package
  • Report to show all Locked VULNs across all system package checklists
  • Report to show all Override Severity VULNs across all system package checklists
  • Bug fixes on Templates released in v2.7.3 coming out matching templates correctly on upload of scan data
  • Including 4 new default Overlays: Classified Systems, JSIG SAP, Federal PKI, and ePACS physical access controls
  • In the POAM Listing, show if there are mitigations easily w/o having to expand each one
  • When editing a POAM entry, show the Canned mitigation just above the textbox for adding more mitigations (canned separate so not typed over)
  • Checklist Export to XLSX uses the Vulnerability filter in use for the export
  • When updating Vulnerabilities individually, the “reason for change” says what fields changed
  • Task/Issue/Incident integration off pages inside a System Package for GitHub, GitLab, Jira, and ServiceNow
  • Importing from Nessus Professional (need to test ACAS specifically) to list patch scans and/or audit compliance scans for import directly w/o export/import
  • Tags exported with the checklist listing, from 2.7.2
  • When using a filter, the Filter button shows italics and the title is updated to show it is in use
  • Filter Patch Vulnerabilities to include Closed Items in System Packages and Reports
  • Allow setting LOGLEVEL dynamically to help controls logs as well as trace / debug remotely with customers much easier
  • New feature to Delete Hardware in Hardware Listing removes ALL hardware/device checklists, patch scans, history, and updates all corresponding score information
  • As the license expires from 90 days or less, a warning banner is displayed on the Consent page when logging in to notify users and administrators
  • The sample system package for “OpenRMF Professional Sample” now has vulnerability scan data shown as well as checklists and patch scan data
  • Updated colors for critical and high vulnerability data to show severity correctly with shades of red
  • Added a “create checklist” from the main Template listing … menu
  • Summary PPTX shows vulnerability scan numbers and data as well as current checklist and patch scan information
  • New reports and charts on vulnerability scan information
  • Added API calls for checklist history, update system package, patch scan history, patch scan by device, and compliance generation saved/historical views
  • New API to pull back Patch Vulnerability data with closed items and as XLSX
  • All new API calls on posting vulnerability scan data as well as getting score and score history information by project, by category, and in total
  • Reset Group Permissions (add newer ones as we progress through upgrades) from the Manage System Packages page
  • Page showing all Integrations across System Packages, if any exist
  • Allow reset of scores and checklist count on Manage System Packages page
  • Added a Template Administration role for managing DISA templates, uploading templates, creating custom templates, etc. w/o being the Application Administrator
  • Added a Create Issue system package permission to assign for creating tasks on pages
  • Added a Vulnerability Administrator group permission for access to features and functions within a system package around vulnerability scans
  • Update to Mongo DB 5
  • Update to ELK Stack 7.17
  • Update to Keycloak 15

Copyright © 2021 - 2025 Soteria Software LLC.
Do The Work. Automate the Paperwork!SM