2022

24 December

Improvements:

  • Email Threat Simulator module table components have been updated for a better user experience with lots of small UI changes such as text, column size etc.

  • The switch-case codes have been changed to if else codes for better performance on the platform.

  • Mixpanel and Hotjar have been removed from the platform.

  • Performance improvement and optimization have been made on the Incident Responder Heartbeat mechanism.

  • The landing page automatically refreshed itself in the campaign report summary page every few seconds but since other elements were not doing it, the landing page refresh itself automatically disabled it for a better user experience.

  • An icon on ETS > New Scan > Do not use real accounts widget’s colour has been updated.

  • The table size of Company > Companies > Company Group > New Group has been changed since the “"Rows per page:" text wasn’t fitting into the table.

  • New languages are added to the Phishing Simulator module in order to create campaigns with those languages.

  • A text that shows up on the Incident Responder > Integration > Exchange > Test Connection field was not informational; it’s now a more detailed error message.

  • The Threat Intelligence module icon has been updated.

  • A new improvement is made on GrapeJS where the admin changed the colour of the background on the Landing Page, but GrapeJS wasn’t able to make it, extra codes were added to complete this action in GrapeJS.

Bug Fixes:

  • A bug is resolved when a user reports an email to the Incident Responder and receives an “analysis results” email twice.

  • A bug is resolved where phishing users show as Opened or Clicked but disappear from those menus, and the data on the UI wasn’t matching with the downloaded excel report file.

  • A bug is resolved where the admin downloads all pages on Threat Intelligence but sees the first page of data on the downloaded file instead of seeing all data.

  • A bug is resolved where the admin can’t find the companies to add into the Company > Companies > Company Group group with the available feature.

  • A bug is resolved where the same messages (Allow list already exists) show duplicate on the Domain Allowlist menu.

  • A bug is resolved permanently when the admin launches a phishing campaign, but the campaign goes to “Error” on the platform.

  • A bug is resolved where the reported email count is not matched with the playbook rule in the Incident Responder menu.

  • A bug is resolved where the "Analysis Source" column search function wasn’t working for the searched word in the related column in the Incident Responder menu.

  • A bug is resolved where the Pie Chart information wasn’t matched with the Investigation results in the Investigations menu under Incident Responder.

  • A bug is resolved where the admin wasn’t able to use API calls for the Enrollments page under Awareness Educator.

New Features:

  • A new logic is designed for the "Turn off email forwarding" option in the Phishing Reporter add-in where the end users who have a phishing reporter add-in with this option enabled will be able to report phishing emails sent from the platform and the admin will be able to see who reported the phishing email in the campaign report under Reporters menu in the report.

  • A new Phone Number column has been designed and developed for the admins, so they can import the user’s phone numbers to the platform who needs to use the Vishing module on the platform to phish users by calling their phone numbers.

  • A new logic is developed for the Incident Responder > Integrations > Advanced Settings > URLs feature to be able to add domains as wildcards, such as *.domain.com, to exclude scanning any subdomain under main domains for reported emails.

6 December

Improvements:

  • A new text is added under the “Scan and Delivery Settings” title when starting a new scan in the Email Threat Simulator module.

  • A text that shows up after deleting an enrollment that shows up as “Enrollment has been archived” text is changed to “Enrollment has been deleted”.

  • A navigation icon has been updated for better visibility which the admin can find on the Company > Company Settings page.

  • An improvement was made where the admin now is able to save settings even just adding a note to the reported email in the Incident Responder > Incident Responder menu.

  • An improvement was made to the Email Threat Simulator module by updating the UI components to make sure all modules use the same components platform-wide.

  • An icon is changed from an “eye icon” to a “full screen” icon while previewing the scenarios.

  • A field called Schedule is now a required field in Awareness Educator > Launch page where the admin can’t go to the next page if this field is empty.

  • Threat Sharing module’s components overall have been updated with a new UX design for a better user experience.

  • The required fields in the Email Threat Simulator module is now more visible and the system will alert the user if the user tries to go to the next page without filling up the required fields.

Bug Fixes:

  • A bug is resolved where reported email analysis results show Undetected but one of the analyzer engines shows a Phishing result for the email itself in Incident Responder > Incident Responder > Reported emails page.

  • A bug is resolved where an email analysis result notification email is sent to the user before the analyses haven’t completed.

  • A bug is resolved where the training link wasn’t accessible after editing the reminder settings of the enrollment.

  • A bug is resolved where an admin who has a Reseller role wasn’t able to start a scan in the Email Threat Simulator module.

  • A bug is resolved where the admin wasn’t able to download the page in the Email Threat Simulator menu.

  • A bug is resolved where the admin couldn’t go to the second page when starting a scan in the Email Threat Simulator module.

  • A bug is resolved where the admin sees empty data instead of “Contains” as default in the Conditions page while creating a Playbook rule.

  • A case is resolved where platform logs couldn’t be sent to the destination Syslog server.

  • A case is resolved where platform logs weren’t logged in the Event Viewer program due to misconfiguration on the local on-premise server.

  • A bug is resolved where the admin searches a word in the Incident Responder > Investigation > Details report page to find found emails but the platform also shows other data that is not searched.

  • A bug is resolved where the users weren’t able to receive awarded certificates after completing the enrollment successfully.

  • A bug is resolved where the page couldn’t be reloaded after an error message was seeing on the page under Incident Responder > Advanced Settings.

New Features:

  • A blacklist mechanism is added to the Landing Page phishing link creation field in order to prevent admins from using real brand names such as “Google, Linkedin, Facebook etc.” as phishing links due to privacy.

25 November

Improvements:

  • The text “Users who downloaded attachments” is changed to “Users who opened attachments” which an admin can see this change while launching a training by using the By Campaign option.

  • A case is resolved in the Firefox browser where the data submission HTML page campaigns were not working which means the user’s data that has submitted wasn’t delivered to the platform.

  • The “First Name” and “Last Name” columns were removed from the Phishing Reporter page where these columns were not contained any data.

  • A case is resolved where a user’s Diagnostic Tool service shows as Offline but should have been Online on the Phishing Reporter page.

  • The tracking unique IDs have been added to the platform-wide to use Google Analytics effectively.

  • The 64 characters are increased to 256 characters in Regex fields in Playbook rules due to customers' needs of usage of the regex field.

  • The texts have been updated on the RIO Summary dialogue where the admin can see this widget in the Incident Responder menu.

  • An improvement was made where the Test Connection logic is changed and the admin will see the required fields as red after clicking the Test Connection button in DNS Provider create a page under Phishing Simulator > Settings > DNS Services.

  • An improvement was made where the admin won’t need to click the “I accept terms and license” option every time Edit a shared post.

  • The icons background shadow wasn’t the same as the other widgets in the Investigation Details page which can be found in Incident Responder > Investigations > click on an investigation report.

  • An improvement was made where a Required warning message is added to the Filters field in the “Investigate” option in the Playbook rule. The filters field can not be emptied now.

  • An improvement was made where a Required warning message is added to the Source field in the “Investigate” option in the Playbook rule. The source field can not be emptied now.

  • An improvement was made where the Test Connection button text wasn’t looking proper after clicking on the button while creating a DNS Service or Domains under the Phishing Simulator > Settings menu.

  • The New Relic has been removed from the platform and decided to use another integration for monitoring purposes.

  • The training package upload limit has been increased from 40MB to 100MB where admin can see this upload field from Awareness Educator > Training List > + NEW > Training page.

  • A specific domain that hosts the campaign files has been changed to another domain for hosting the same files with another domain from HTML codes in all the Email Templates and Landing Pages.

  • The getaccesslink[.]com domain has been changed with the authsecurelogin[.]com domain which the platform uses to generate a tracking link for attachment based campaigns.

  • An improvement was made on GrapeJS button codes that will now work suitably with Outlook applications.

Bug Fixes:

  • A bug is resolved where the admin edits the enrollment where the auto-enroll feature is enabled and changes the reminder settings which was causing the training link doesn’t work.

  • A bug is resolved where the admin tries bulk delete on the Phishing Reporter page but receives a 500 error message.

  • A bug is resolved where the Phishing Reporter XML add-in wasn’t working in Outlook 2016 application.

  • A misconfiguration is resolved where the Outlook Add-in couldn’t be downloaded from the platform due to the platform machine moved from a data center to a new data center.

  • A bug is resolved where Outlook Phishing Reporter add-in wasn’t working in some user clients.

  • A bug is resolved where the Actions field was empty after selecting the “analyse” option in the Playbook rule in Incident Responder > Playbook menu.

  • A bug is resolved where the admin changes the name of the uploaded file on the email template creation page but the file is broken after that and doesn’t display the original content inside of the file.

  • A bug is resolved where the admin wasn’t able to add a target user to the target group.

  • A bug is resolved where the admin sees the “Path2” error message after go to Phishing Reporter menu.

  • A bug is resolved where the admin wasn’t able to launch and receive a training enrollment.

  • A bug is resolved where the admin wasn’t able to use the XML phishing reporter add-in and report a suspicious email to the platform.

  • A bug is resolved where there was data inconsistency between the UI and the downloaded excel report on the phishing report.

  • A bug is resolved where admin starts investigation but doesn’t start for all the users in the email server.

  • A bug is resolved where the total target user count shows as 0 in the Summary page when launching a training with the By Campaign option.

  • A bug is resolved where the EWS integration wasn’t working for the Incident Responder module.

  • A bug is resolved where the admin with Company Admin or Reseller role can’t start an Email Threat Simulator scan with “without password” scan option.

  • A bug is resolved where the admin wasn’t able to export the data list on the Email Threat Simulator report.

  • A bug is resolved where the admin wasn’t able to upload a file to the phishing email template.

  • A bug is resolved on /api/Enrollments/search endpoint where the admin receives “no permission to access” although has permission to.

14 November

The following release notes are for the Awareness Educator module only and published on 14 November 2022.

Improvements:

  • A performance improvement has been made on the user email delivery code to perform much faster with MongoDB.

  • A control mechanism is added where admin is no longer able to delete a training enrollment report if the enrollment status is “Scheduled” or “Sending”.

  • A performance improvement has been made on worker service where this service takes scorm events and saves them to the database.

  • A performance improvement has been made to the job worker where it creates the award certificate and sends it to the user.

  • An improvement is made when the admin downloads the table of the enrollment reports and sees the excel columns and platform columns are not matched.

  • A license has been upgraded for the EO.PDF library for better usage and performance.

  • The message that the admin sees is improved for a better user experience when the uploaded training package size exceeds the default platform limit size.

7 November

Improvements:

  • The video component is removed in the GrapeJS editor since it is not developed and there were not enough use cases to develop the video component to be used in templates in the platform.

  • If an admin deletes the Role which is used by other system admins, the system will warn the admin who deletes the active role with one pop-up message instead of two different pop-up messages.

  • If an admin schedule a campaign from Campaign Manager, the Scheduled date will be shown on the Summary page under Settings > Starting field.

  • If SSL enabled for a phishing domain then multi subdomain creating isn’t allowed due to technical limitation on SSL certification.

  • The required option is removed for the Description field when creating a company.

  • The add users to the group button’s tooltip is updated from “Add Users” to “Add users to the groups” where the admin can see it from Company > Target Users page.

  • The Switch Company option will be now hidden for the other system admins who don’t have a Reseller role.

  • If the attachment-based campaign is sent to the target user and the target user opens the attachment file without by clicking “Download Pictures” to understand if a user opened or not, the user will be seen as “Opened Attachment” but will not be seen in “Opened Email” menu. A control mechanism is added to resolve this user experience.

  • An improvement was made in listing the time zone under Campaign Manager > + NEW page where the name of the countries wasn’t fit to read properly.

  • An improvement was made where the admin will see proper information messages after clicking on the Details button for the users who have “In Quque, Not Delivered, Error, Cancelled, Processing” in the Users menu in the training report.

  • An improvement was made where the Status column is removed since it contains only one status from the Trash menu under Awareness Educator > Enrollments page.

  • The main icon, test connection and texts have been improved for Create New DNS Provider page where admin can find from Phishing Simulator > Settings > DNS Services.

  • The “?” question mark option has been removed from the Dashboard and moved the features to the Resource Center.

  • An improvement made where the admin goes to the last page which is Summary when launching the training, the launch button text has been changed from the “Save” to the “Launch” for a better user experience.

  • The search and sorting buttons have been removed from the Type column in the Training List, Enrollments, and Trash pages since this column contains only one type of data.

  • The resend button has been updated on the campaign report under Sending Report menu when selecting multiple users to resend.

  • The Subject information of the campaign is now will be available in the Preview pop-up after clicking on the button from Campaign Manager to see details of the campaign.

  • The Attachment file information of the campaign is now will be available in the Preview pop-up after clicking on the button from Campaign Manager to see details of the campaign.

  • The colours of the Find Incident select box have been changed for a better user experience where the admin can find it by clicking the Threat Sharing > Your Community > Post Incident button.

  • The “Rules” menu has been removed from the Incident Responder > Playbook menu for better user experience.

  • The “Exlude IP Address” description has been updated for height, css, subtitle for better user experience.

  • The Create Company Group dialog has been updated for better user experience where Resellers can use this feature under Companies menu.

  • The all campaign template codes has been updated from RGBA to HEX codes since Outlook Application doesn’t read the RGBA code.

Bug Fixes:

  • A bug is resolved where the Microsoft 365 XML add-in wasn’t working in volume type of license of Outlook Application.

  • A bug is resolved where the admin enables the Randomizer option to configure it and then disable it but the system prevents admin to launch the campaign by not letting go to next page.

  • A bug is resolved where the admin search a company and then remove the search but after admin search a new company, the old search appears on Switch Company feature.

  • A bug is resolved where the admin starts an investigation and chooses the ‘move to trash’ option but the “moved to trash” function does not work for the found emails in the investigation.

  • A bug is resolved where the admin goes to the end of the 451 pages and sees a 500 error message in Incident Responder > Reported Emails portal.

  • A bug is resolved where IBMX-Force integration result is Expired for reported email’s Details page where admin can see it by clicking the Details button of a reported email in Incident Responder menu.

  • A bug is resolved where the deletion action doesn’t work automatically after admin starts an investigation by selecting “delete” option to delete the emails.

  • A bug is resolved where the notify user doesn’t work automatically after admin starts an investigation by selecting the “notify user” option to notify the users.

  • A bug is resolved where the permanently delete option doesn’t work after admin starts an investigation with “permanently delete” option.

New Features:

  • Threat Intelligence module has been released where the customers can checks in seconds if there are any exposed email data for their email domains.

  • Allowed List feature has been released where the customers needs to verify their email domain to be used in the platform.

20 October

Improvements:

  • The Description of the training will be seen on the Summary page under the “Training that user will be redirected to” field while the admin launches the training to the target groups.

  • An improvement is made where the admin disables the “delete email” option and then generates the add-in for Gsuite and deploys. The admin is still able to see the “delete email” confirmation pop-up although it’s been disabled.

  • An improvement is made in GrapeJS HTML processing. The background color codes have been changed from RGBA to HEX, so Outlook Apps can read the color codes.

  • An improvement is made and the root cause was found and resolved permanently that the service was writing too many logs into the log file.

  • An improvement is made where the platform is integrated with the New Relic service to monitor errors/logs of the platform.

  • An improvement is made where the ‘search’ icon is removed from the platform from searchable fields for a better user experience.

  • An improvement is made where the admin could take a “delete” action if the email would be failed to report. The admin will now report the email and if it's successfully reported, then the admin can take a “delete” action from the pop-up that the button will display.

  • An improvement is made where if an admin tries to edit or delete a scenario or template under the Phishing Simulator, the admin will now see a “You are not authorized” message for a better user experience.

  • An improvement is made in Phishing Simulator > Settings > Domain > + NEW where the “domain” button and “test connection button” has been updated for a better user experience.

  • An improvement is made in Phishing Simulator > Settings > DNS Services page where the admin will see additional warning messages if try to delete the default setting.

  • An improvement is made where the admin sees the Sorting buttons on Score column in Exam Results > Details page in Enrollment report.

  • A performance improvement is made where the platform logging all the “cmi.suspend_date, cmi.launch_data, cmi.comments, comments_from_lms” data in LMSCommit body package, it will discard the previous ones and will take the latest one as reference.

  • An improvement is made where admin download the pages in Awareness Educator module and sees random column sorting when compare from the UI and Excel that is downloaded. The column sorting will be same in Excel and UI.

  • An improvement is made to give ability to product manager of the platform to change the file size of training package that admin will upload to the platform. The admin only can upload training packages maximum to 100MB.

  • A performance improvement is made for Opened, Clicked users data to be to operated independently.

  • An improvement is made to give ability to the product manager of the platform to add which type of file extensions would not be uploaded to the platform in Awareness Educator.

  • An improvement is made on UA Parser library working logic to prevent creating performance issue on the awareness educator module.

  • A performance improvement is made where LMSInitialize requests will be operated independently without waiting for each others to be operated in the database for Awareness Educator module.

Bug Fixes:

  • A bug is resolved in Company Settings > Notification Templates where the admin creates a new notification template and selects pre-defined types but the email template body does not automatically load with the default template.

  • A bug is resolved in Incident Responder > Integration > Virustotal where the admin input invalid data to the Cache option and then disable it and save it. The system won’t let the admin save it although the Cache option is disabled after the invalid input.

  • A bug is resolved where the uppercase letters that the email address contains are automatically converted to lowercase for Incident Responder (Heartbeat, Investigation) which previously was causing not to start an investigation on the related email address.

  • A bug is resolved where admin deletes the ‘Enrollment’ report and then sees the deleted enrollment’s status as ‘Scheduled’ in the Trash menu.

  • A bug is resolved where the training is delivered to all users but for some users it was showing as ‘Processing’ although the email is delivered successfully on Sending Report menu.

  • A bug is resolved where admin not enable the Certificate option before launch the training but sees certificate email template on the Enrollment report page.

  • A bug is resolved where the “View Report” button not shows up if an error occurse while launching the phishing campaign under the Phishing Simulator > Campaign Manager menu.

  • A bug is resolved where admin enable the “confirmation” option before generate the O365 xml button along with the “delete” option button. The admin reports an email and sees “delete” message as pop-up but “confirmation” pop-up should have been seen by the admin as pop-up.

  • A bug is resolved where admin stops the enrollment quickly but the emails still benign delivered to the users.

  • A bug is resolved where the admin schedule a training and then delete a user from the target group which is used in the scheduled enrollment. The admin goes to enrollment of scheduled and sees the deleted target user exists in the enrollment.

  • A bug is resolved where admin launch a training with auto-enroll feature enabled and then add a new user to the group and then removes it. The user’s status wasn’t correct as expected.

  • A bug is resolved where a user who opened the attachment is shown in Opened Attachment and No Response menu at the same time.

  • A bug is resolved where a timezone was wrong on the reported email in Incident Responder.

  • A bug is resolved where the admin saw an error while starting an investigation.

New Features:

  • The admin now is able to add users to one or multiple groups with one click from Company > Target Users page by using the “Add users to group” option under the Action column.

30 September

Improvements:

  • Awareness Educator:

    • A bug is resolved where the admin sees the Certificate email template on the training report although not enabled the certificate option before launching the training.

    • A bug is resolved when the admin adds and removes the target user to a group where a scheduled training report is launched and sees incorrect user count on the training report.

  • Phishing Simulator:

    • A bug is resolved where the admin sees the Certificate email template on the training report although not enabled the certificate option before launching the training.

    • A bug is resolved when the admin adds and removes the target user to a group where a scheduled training report is launched and sees incorrect user count on the training report.

  • Incident Responder

    • A bug is resolved where the admin sees the Certificate email template on the training report although not enabled the certificate option before launching the training.

    • A bug is resolved when the admin adds and removes the target user to a group where a scheduled training report is launched and sees incorrect user count on the training report.

Bug fixes:

  • Awareness Educator:

    • A bug is resolved where the admin sees the Certificate email template on the training report although not enabled the certificate option before launching the training.

    • A bug is resolved when the admin adds and removes the target user to a group where a scheduled training report is launched and sees incorrect user count on the training report.

  • Phishing Simulator:

    • A bug is resolved where the admin sees the Certificate email template on the training report although not enabled the certificate option before launching the training.

    • A bug is resolved when the admin adds and removes the target user to a group where a scheduled training report is launched and sees incorrect user count on the training report.

  • Incident Responder

    • A bug is resolved where the admin sees the Certificate email template on the training report although not enabled the certificate option before launching the training.

    • A bug is resolved when the admin adds and removes the target user to a group where a scheduled training report is launched and sees incorrect user count on the training report.

New Features:

  • Awareness Educator:

    • A bug is resolved where the admin sees the Certificate email template on the training report although not enabled the certificate option before launching the training.

    • A bug is resolved when the admin adds and removes the target user to a group where a scheduled training report is launched and sees incorrect user count on the training report.

  • Phishing Simulator:

    • A bug is resolved where the admin sees the Certificate email template on the training report although not enabled the certificate option before launching the training.

    • A bug is resolved when the admin adds and removes the target user to a group where a scheduled training report is launched and sees incorrect user count on the training report.

  • Incident Responder

    • A bug is resolved where the admin sees the Certificate email template on the training report although not enabled the certificate option before launching the training.

    • A bug is resolved when the admin adds and removes the target user to a group where a scheduled training report is launched and sees incorrect user count on the training report.

30 September

This release has been published on 30 September 2022 for the New UI Generation Product that contains release notes for only the Awareness Educator module.

Improvements:

  • The admin is now able to find a keyword after adding empty space after the keyword where the system automatically removes the empty space that is used after a keyword.

  • The database functions now use UTC instead of using database timezone for showing dates and times accurately on the platform.

  • A performance improvement has been made to the training report synchronizing the data on each menu accurately and efficiently.

  • A performance improvement has been made to the ‘Sessions’ column in the Progress menu in the training report.

  • A performance and index maintenance improvement has been made to UserEmail UserEmailTracking and TargetUserEmail tables in the database.

  • A performance improvement has been made where a try-catch method is added to prevent the TargetUser worker to be crashed.

  • An improvement made where admin will not see a technical warning message if there are no users existing in the target group that a training launched with auto-enroll option.

  • A performance improvement has been made on the Geolocation service.

  • The LMSSetValues requests which contains information about the user’s training progress is removed from the platform where LMSCommit is added instead for a better standard of Scorm.

  • A control mechanism is added to the RabbitMQ service to try to work again automatically after one minute if it stops for a reason.

  • A performance improvement has been made in training send consumer service.

Bug fixes:

  • A bug is resolved where the admin sees the Certificate email template on the training report although not enabled the certificate option before launching the training.

  • A bug is resolved when the admin adds and removes the target user to a group where a scheduled training report is launched and sees incorrect user count on the training report.

New Features:

  • The admin now able to edit settings such as Reminder, Mark As Test, Auto-Enroll of an Enrollment which Auto-Enroll option enabled.

  • If an admin stops the training send to users, the status of Enrollment will be 'Stopped' instead of 'Finished'.

  • Processes running as beat/cron were transferred to a separate worker service, thus enabling the Awareness Educator worker service to work simultaneously on different machines.

  • An improvement has been made on error messages on the error queue.

  • The training report will now show Certificate HTML page instead of Certificate Email Template to the admins.

  • A performance improvement has been made on email sending queue to send emails much faster.

  • A '- COPY' word will be added end of the training name after an admin duplicate a training to make the duplicated training more visible by adding '- COPY' word.

  • 'Clicked Link' status has been added to the Users menu in order to see users who clicked the training link but not started to training session.

  • The training status of a user who didn’t complete the training longer than 24hr will be updated from In Progress to Not Completed status automatically in Progress menu

  • The admin will see more user friendly and clear warning message when deletes a certificate that is used already in enrollments.

  • A performance improvement has been made on processing PDF files to be generated for the target users who successfully earned.

  • A performance improvement has been made on LMSCommit endpoint by sending user data over LMSCommit request every 1 minute instead of random times.

  • A cache mechanism is added to some pages to be cached by the user’s browser for 1hour to load it much faster when re-visit the related page.

  • A performance improvement has been made to deliver training emails to many users that are waiting to be sent to the queue by creating multiple parallel queue services.

  • The default email provider that is provided by the platform by default which is Sendgrid is integrated with the platform to show admin if the training email is sent to user or not from the training report in 'Sending Report' menu.

20 September

Improvements:

  • The ‘+’ icon was centered in the ‘+ CREATE NEW TRAINING’ button on the Training List page.

  • We have resolved a specific campaign that was giving an Error status after launching it. It was an Attachment based campaign where it contains 0-byte file that admin uploaded.

  • We have updated a pop-up message to ‘Are you sure you want to delete this training report? message when an admin deletes a training.

  • We made an improvement where the admin will not see the additional same information as the tooltip when hovering over a Tag that is already visible in full.

  • We made improvements on the {COMPANYLOGO} merge tag to be used more effectively on Notification Templates and Certificate fields. The merge tag is fed from the Main Logo option under the White labeling of a customer.

  • The admin is now able to see the logo that is used via {COMPANYLOGO} merge tag while previewing the Certificate.

  • We made an improvement to prevent admins to choose past dates and times when scheduling training or phishing campaigns.

  • An improvement is made to show full error messages to the admin if there would be an error instead of seeing the ‘Something went wrong’ generic message.

  • The message that shows up after try to delete a role that is used by the system users has been updated.

  • The pop-up colors has been updated for every pop-up message when delete something on the platform.

  • The ‘Preview’ button has been added to the notification templates that is under Company > Company Settings > Notification Templates to preview the templates.

  • The ‘Roles’ word has been changed to ‘User Roles’ under the Company > System Users menu.

  • A user icon has been updated on the custom role creation page where admin can find under the Company > System Users > User Roles > + NEW page.

  • We have updated a description to ‘Enter certificate information, create a template, and customize it.’ on the Create New Certificate page.

  • We have updated descriptions of the Cover Image field while creating a new training.

  • We have updated a description to ‘You do not have any training content’ on the Training List page if there is no training content.

  • We have updated an icon to an ‘email icon’ on Opened Email widget on the training report.

  • An improvement was made to show a more proper message to the admin if an admin search blacklisted words on the Search field on the Target Users > Import a File > Validate > search field.

  • We have updated the description on the Training Report > Users > Users who have Not Responded status > Details page.

  • We have updated a word for Schedule on the Training > Send > Summary page.

  • We have changed the business logic of Campaign Reports > Sending Report > Delivery Status > Details > Sender IP feature to show the Sender IP of the email server which sent the email to the target user instead of showing the platform’s main IP address.

  • We have added some codes to the clickable button to make it work with Outlook applications.

  • We have resolved a case where the admin is not able to Edit an HTML page and sees an ‘Unresponsive Page’ pop-up message.

  • The admin now able to see the logo itself that is fetched over a merge tag ({COMPANLOGO}) when preview the notification templates or certificate.

  • The target user was receiving pictures as ‘noname’ attached after launch a phishing campaign, it’s resolved now.

  • The admin now able to see Attachment type of the campaign on the launch summary page of a fast launch phishing campaign.

  • The admin now able to see Campaign Language of the campaign on the launch summary page of a fast launch phishing campaign..

  • We have disabled the ability to write HTML codes in the audit logs, which are generated when a phishing template or landing page is edited and an email is reported to the Incident Responder module.

  • We identified the differences with the design on the platform and made these changes in the interface.

Bug fixes:

  • A bug was resolved where the admin wasn’t able to choose the same day while scheduling training or phishing campaigns.

  • A bug was resolved where the User Stats pie chart under the User Stats column in Campaign Reports was showing the wrong data count for the Data Submission type of phishing campaign.

  • A bug was resolved where the admin see an empty white space after clicking Add New Widget button on the dashboard.

  • A bug was resolved where the admin sees the same widget twice on the Dashboard after clicking Add New Widget button.

  • A bug was resolved where the admin sees only two languages in the Language column on the Phishing Scenarios page although there are many languages available to filter.

  • A bug was resolved where admin doesn’t enable the Certificate feature while launching the training but sees the Certificate email template on the training report although not enabled.

  • We have resolved a bug where the admin enters a wrong IP address format to Exclude IP Address where the warning message doesn’t disappear even admin removes the wrong IP address.

  • A bug was resolved where the admin clicks on the Method field on Scenario or Landing Page edit page and after scrolling down or up, the Method field wasn’t scrolled properly.

  • A bug was resolved where the admin duplicate an Attachment type campaign and the duplicated campaign doesn’t have any attachment from the previous campaign.

  • We have resolved a case where the admin uploads the .eml file to the email template and then after saving it, the images are broken.

  • We have resolved a case where the admin sees multiple messages each other if there would be any error on the Company > Company Settings > Proxy Settings edit page.

  • A bug is resolved where the admin sees the Email Template name on the launch summary page of training and then sees a different Email Template on the training report. The discrepancy is resolved.

  • A bug is resolved where the admin sees the tooltip twice when hovering over the tags columns.

  • We fixed an error when clicking the "Reset to Default" button while making whitelabeling settings.

  • We fixed a bug in the Zen Spamhaus integration that was causing the buttons to appear incorrectly.

  • We fixed an error that occurred while downloading the phishing reporter outlook addin.

New Features:

  • Exclude IP Address feature now supports IPv6 individual IP addresses. The admin now can exclude IPv6 IP addresses from reports.

25 August

23 August

Improvements:

  • The PS > Campaign Manager > New Phishing Campaign > Advanced Settings > Distribution placeholder was including words which weren’t fit the box and due to that the placeholder has been removed.

  • The scroll bar was populating even though there was no need for a scroll bar, it has been resolved for PS > Scenarios > New Phishing Scenario > Email Template.

  • We made a performance improvement for downloading the campaign report in seconds.

  • We made an improvement to update the user count automatically after the admin create the campaign by using Save For Later or Schedule feature in Campaign Manager.

  • A success icon was moved into the success message bar after clicking on the ‘Test Connection’ button for many places in the platform rather than showing the icon outside of the bar.

  • We made an improvement on the colors of each widget on the Summary page of a campaign report for a better user experience.

  • The tag column that is in the Email Template and Landing Page wasn’t the same look as other Tag columns in the platform, we made it the same look as others.

  • The admin was seeing the name and surname of the user after the user was deleted in Target Users and System Users menu; it now shows the email address of the user instead of the name and surname.

  • We made an improvement where the admin can see which company has started the campaign in the Campaign Manager menu instead of seeing Custom word under the Created By column.

  • The LDAP feature now supports IP based communication. The admin can enter the active directory IP address to integrate with the platform.

  • We changed the customization label and text for simulation emails on the Phishing Reporter AddIn customization page for a better user experience.

  • We limited the character input limit to 1000 characters when setting the user password.

  • We ensured that the error messages in SAML integration are displayed in detail on the interface.

Bug Fixes:

  • We have resolved a bug where the admin can see data inside of the Attachment menu but data does not populate in the Attachment Widget on the phishing campaign report.

  • A bug was resolved where the admin couldn’t see Scenario Name and Difficulty on the Summary page while creating a campaign from the Campaign Manager.

  • A bug was resolved where the admin was able to click the Next button even doesn’t fill up the mandatory fields while launching the campaign via the fast launch option.

  • A bug was resolved where the admin was seeing 1900 dates in the Start Date license field by default when creating a company.

  • A bug was resolved where the admin was seeing the ‘null’ word in the description field after creating the email template in the phishing simulator module.

  • We fixed a bug that caused the icon not to appear in test connection feature for integrations.

  • We fixed a typo in the new integration create page in Incident Responder module.

  • We fixed a bug while saving whitelabeling settings.

  • We fixed a bug in the Microsoft 365 addin that caused the deletion of the original email is not function.

  • We fixed a bug in the Threat sharing module that caused the button to not work if the invitation was rejected.

  • We ensured that the auto-action is selected as "No action" by default when an investigation is duplicated.

New Features:

  • The Awareness Educator module which is designed to send training to users via email to increase cyber security awareness in the company has been published for all of our customer's use.

  • The admin can choose a timezone for the company profile.

  • We have published two new phishing simulator widgets called ‘Most Engaged Campaigns’ and ‘Most Phished Users’ for the phishing simulator license customers to see on the Dashboard of the platform.

August - 1

Improvements:

  • We added the ability to disable the default role in SAML settings. Unwanted users can now be blocked from accessing the interface by disabling this feature.

  • We provided immediate deactivation of the access token of a user who is deleted from the platform.

  • We made performance improvements while listing reported emails on the Incident Responder module.

  • We changed a few texts on the Exclude IP Address page for a better user experience.

  • We made an improvement to show Email and Landing Pages to be the same category as the selected method type when creating a scenario under Phishing Simulator > Scenarios page.

  • We changed the ‘adress’ text to ‘address’ under the PS > Settings > Exclude IP Address page.

  • We will now show the email address of the user who is going to be deleted on the pop-up message after admin clicks on delete button for System User or Target User.

  • We made an improvement and removed ‘Submitted Data’ column from campaign report for Click Only based phishing campaigns.

  • We made an improvement about earned rights. If an admin use shared Email and Langin Page in a scenario and then if the owner who made available these Email and Langin Pages remove the availability for the admin, the admin since used these templates, still will be able to use it.

  • The all ‘adress’ word has been changed to ‘address’ all over the platform for better user experience.

  • We changed the placeholder to let the admin to know that SIEM also supports IP and Domain syntax on the creation page under SIEM Address title under the Company Settings > SIEM Settings

Bug Fixes:

  • We fixed a bug that caused sending “join requests” multiple times to the community in the Threat Sharing module.

  • We fixed a bug that caused an error when inviting a member to a community in the Threat Sharing module.

  • We fixed a bug that caused expiring investigations to start on Microsoft 365.

  • We fixed a bug where the admin was seeing 0 target user until refresh the page after the campaign is launched under phishing scenarios > camping manager page.

  • We fixed a bug where the admin wouldn’t click the Save button on the Summary page after making changes on creating a phishing scenario page.

  • We fixed a bug where admin wouldn’t enter a domain into the SAML such as ‘abc.com’

  • We fixed a bug where the admin was seeing an ‘undefined’ message in the description of a scenario after duplicating it.

  • We fixed a problem that was causing admin to see 500 error messages on a single particular campaign report.

  • We fixed a bug where the admin wouldn’t be redirected to the related page after clicking on the widgets on the dashboard page.

New Features:

  • We added Syslog integration. Selecting Syslog from SIEM settings ensures that audit logs are transmitted in Syslog CEF format.

  • We have added an option to the Phishing Reporter AddIn that ensures simulation emails are not reported to the Platform.

  • We have developed IPv4 subnet to be supported for Exclude IP Address feature under PS > Settings page.

July - 1

Improvements:

  • SIEM now supports IP addresses in URL (e.g https://1.1.1.1:80) format for communication.

  • A text has been changed for better user experience in a tooltip in Exclude IP feature under Phishing Simulator > Settings page.

  • Exclude IP address feature now supports processing the previous campaign reports after an IP address is added to the exclude IP address feature.

  • The ‘Type’ option has been removed from the Scenario creation page for the Email Template and Landing Page page for a better user experience.

  • The title of each Email Template or Landing Page will be changed automatically depending on the method type of the scenario while creating a scenario in phishing simulator > scenarios > + NEW page.

  • The ‘Pause’ and 'Resume 'feature has been removed from the phishing simulator module due to not using actively by the admin users on the platform.

  • We improved the logging capabilities in the incident responder module. Investigation start actions create detailed error logs.

  • The number of password characters set to log in to the platform has increased to 1000 for a user to use a password in that maximum length.

Bug Fixes:

  • A bug was resolved where the admin was seeing ‘Invalid Request’ after leaving empty Distribution settings empty on creating a campaign under Phishing Simulator > Campaign Manager > + NEW page.

  • A bug was resolved where the admin was seeing empty data on the attachment based campaign reports.

  • A bug was resolved where the IP address column under the Details page didn’t show up in the Submitted Data menu in a campaign report.

  • A bug was resolved where the border radius wasn’t fit in the error state in Exclude IP Address feature under Phishing Simulator > Settings page.

  • A bug was resolved in the campaign report under the Sending Report where the admin was seeing a user as Not Delivered even the user received the email successfully.

  • A bug was resolved where the admin wasn’t able to see the attachment based template’s category ‘attachment’ when creating a campaign under Phishing Simulator > Campaign Manager > + NEW > Summary page.

  • We fixed a bug that was causing the REST API client secrets to be saved incorrectly.

  • We fixed a bug that cause getting “Internal Server Error” while sending warning messages for the found emails in the Incident Responder module.

  • We fixed a bug that cause getting “Internal Server Error” while bulk deleting the system users.

New Features:

  • We implemented the cache function for VMRay and Virustotal analysis engines. The caching function can reduce the API usage limit and provides faster analysis for reported emails.

  • We implemented the bulk delete option for Companies and Company Groups.

  • We implemented the bulk delete option for Phishing Reporter > Users page.

June - 2

Improvements:

  • For better user experience, a lock mechanism has been implemented for the system admin to delete its own account.

  • For better user experience, the Phishing Reporter word has been changed to Reporters in the phishing campaign report.

  • For better user experience, In Queue and Processing status won’t be considered as Not Delivered on the Summary - Email Delivery table in the phishing campaign report.

  • If an attachment name is longer than a specific number of characters, the attachment file name will shown shorter.

  • An admin won’t need to choose Landing Page for attachment based campaigns. The platform will add automatically tracking link to the attachment files that is added to the phishing campaign.

  • A logic was removed which wasn’t allowing the admin to launch the same campaign twice in the five minutes to prevent accidental launches.

  • The Duration that shows how long it took to send the campaign email to all users is now shown in the day, hour, minute, and seconds (2d, 2h, 2m, 2s) format.

  • A star emoji will be displayed in default notification templates in order to understand which notification is made as default.

  • The admin won’t see No Permission Access Resource when displaying the email template or landing page on the campaign report even if the reseller removes access to these email or landing pages.

  • The unauthorized system admins is now not able to Edit or Delete phishing domains or dns services under the Phishing Simulator > Settings page. The admin is able to do these actions for its own Domain or DNS services.

  • If a target user is in the Bounce list, the platform will show the user as Not Delivered and when the admin clicks the Details button in Campaign Report > Sending Report menu to get more information about why this user is in the Bounce or Blocked list, the platform will give the correct status if the user is in Bounce or Blocked status.

  • All paths of pages in the platform were changed and not all pages will be displayed in the ‘https://domain.com/module-name/page-name’ format for a better user experience.

  • We disabled the delete icon for the current logged user’s account. So the logged user can not delete their own account.

  • We improved uploading a company logo to view instantly when the upload finishes.

  • We added the code signing certificate to Phishing Reporter AddIn and Diagnostic tool for improving reliability.

  • We disabled the delete button if the email is already deleted on the investigation details page to prevent false-positive errors from occurring.

  • We changed the Re-Analyze algorithm in the Incident Responder module to check if the new integrations were added for analysis.

  • 'Select All' feature now works with Company Settings > Target Users > + NEW + Add from LDAP > LDAP Groups page in order to choose all LDAP groups with one click button when setting up LDAP synchronization.

  • Small minor changes were made to the LDAP feature for a better user experience.

Bug Fixes:

  • A bug was fixed where the email address was showing phishing campaign’s from address in the SMTP Test message in campaign manager instead of showing the admin’s email address.

  • A bug was fixed where the ‘save for later’ button wasn’t working after the admin clicked on it in the campaign manager.

  • A bug was fixed where the platform was giving 500 error messages after clicking the Details button in sending report menu in the campaign report while the emails were in Queue or Processing.

  • A bug was fixed where a logo in the notification template wasn’t fetched from the customized whitelabeling page.

  • A bug was fixed where the system admin couldn’t create a target user manually under Company Settings > Target Users menu.

  • A bug was fixed where the current company logo wasn’t updating itself when an admin upload a new different logo on the company edit page.

  • A bug was fixed where an admin was able to add the same IP address twice to Exclude IP Address menu.

  • A bug was fixed where the available field was showing empty but instead should fill as ‘My Company Only’ automatically by default after duplicating the system type campaigns.

  • A bug was fixed where the Resend button was unclickable in the campaign report.

  • A bug was fixed where an empty page shows up after clicking + NEW button in the campaign manager.

  • A bug was fixed where the Scroll wasn’t working in the Email Template table in the campaign report.

  • A bug was fixed where an admin chooses a different timezone to schedule the campaign in that specific timezone. The admin is now able to use different timezone to schedule the campaign in the campaign manager.

  • A bug was fixed where the method type (Attachment, Click Only, Data Submission) of the campaign wasn’t shown on the Campaign Manager > + NEW > Summary page.

  • We fixed a bug when previewing a reported email header.

  • We fixed a bug when sending a custom message for reported emails.

  • We fixed a bug when listing found users on the investigation details page.

  • We fixed a bug when starting an investigation.

  • We fixed a bug that blocks using notify feature multiple times on the playbook action page.

  • We fixed a bug that shows the analysis result at the end of every notification template.

New Features:

  • Exclude IP Address, interactions from added IP addresses will not be registered to your campaign statistics. This is useful if an analyzer tool analyzes the phishing links that are generated specifically for the target users' which gives wrong data on the campaign report.

  • We added a feature to detect if the users disabled Phishing Reporter AddIn or the Outlook disabled itself.

  • We added “Google Web Risk” Integration to the Incident Responder module to analyze URLs in emails.

  • We added new two widgets for the phishing simulator module on the dashboard. The widgets represent the last 5 campaign statistiscs and the other one represents the most phished five users.

June - 1

Improvements:

  • We improved the template creation process when an admin duplicates any template in the platform, The Available For field is automatically filled up as ‘My Company Only’ by default.

  • A scroll down has been added to Campaign Reports > Sending Report > Details pop-up message that contains long elements in it for a better user experience.

  • A column called Type in Company > Company Settings > Notification Templates page has been removed for a better user experience.

  • ‘Data Submission’ word has been removed from the Campaign Reports > User Stats pie chart if the campaign is attachment based because the word didn’t belong to the attachment based pie chart.

  • An admin is now able to view the second 'landing page' on campaign reports or scenarios after clicking the View button.

  • The admin was seeing the snackbar message that shows up for 10 seconds when an action is taken by the admin on the platform. The admin was seeing this message after logout and login process which must do this action quickly under 10s, now the message will disappear automatically after logout and login process without a matter of 10s duration time.

  • The Duration field now shows how long it took to send a phishing email to all users in 2d 3h 24m 4s format under the Campaign Reports > Enter a report > Email Delivery page.

  • The colour for several status codes in the Campaign Reports > Sending Report > Delivery Status column has been updated for a better user experience.

  • The + Create New Instance button under Campaign Manager > Actions column will now open an additional page for the admin to change target groups, schedule or mark as test options and then the admin is able to launch the same campaign to target groups that are chosen in seconds.

  • The System Users and SAML Settings will be removed after the company is deleted from the platform in order to use these System accounts or SAML settings in the future.

  • The Campaign Reports > Sending Report > Actions > Details pop-up page now sorts the information based on the date.

  • We disabled the stop button for expired investigations.

  • We made performance improvements for investigation actions such as deleting emails and sending warning messages.

  • We removed unused functions for Diagnostic Tool customization.

  • We disabled the “See Details” button in the interface when Fortisandbox does not generate a pdf report for URL analysis.

Bug Fixes:

  • A bug was fixed where the View Report button wasn’t visible during the sending process under the Campaign Manager > Instances page.

  • We fixed a bug that blocks starting an investigation for only a selected user.

  • We fixed a bug when reporting a mail.

  • We fixed a UI bug encountered on the Investigation details page.

  • We fixed a bug in detecting the correct Sender IP address.

  • We fixed a bug when the Diagnostic tool detects the correct AddIn status.

  • We fixed a bug that the Diagnostic tool auto enables AddIns when this option is not enabled.

New Features:

  • A ‘Cancel’ button has been added to the dashboard widgets in order to cancel the action that the user may not want to perform.

  • LDAP feature is now supported by the platform for admins to fetch target user’s information (email, name, surname, department etc) from Microsoft Active Directory and import or synchronize to the platform.

  • Notification Templates now support the Make Default feature for admins to make default a notification template that the system will use as the default template since there might be more than one template.

  • Admin is now able to add Tags to the notification templates in order to search based on Tags to find the related template much easier.

  • We added the feature of sending “Suspicious Email Analysis Report” for reported Simulation mails.

  • We added the ability to send different notification emails for all selected actions in Playbook.

  • The admin is now able to use the same phishing url that has been used before with more than one phishing campaign.

May - 2

Improvements

  • The access token size has been optimized.

  • The platform now supports multiple different characters to be used in any fields.

  • When creating a second landing page in the landing page template customization page, the second html page look will be cloned from the first landing page look.

  • The config.js file for security purposes has been blocked to be accessed.

  • The ‘macro’ word has been removed from ‘Send a trackable macro file’ text since the attachment campaigns works without macro. The attachment based templates works with 1px invisible image http requests.

  • The Campaign Reports > Campaign > Sending Report > Delivery Status codes were not updated automatically after the campaign lifetime is ended. The campaign lifetime has been updated to 365 days by default.

  • The Available For field now automatically filled up as ‘My Company Only’ by default when an admin duplicate the scenario, email template or landing page in phishing simulator module for better user experience.

  • A performance improvement has been made for worker service that automatically updates users' delivery status on Campaign Reports > Campaign > Sending Report > Delivery Status page.

  • A text has been changed to a better version for user experience in the Campaign Manager > + NEW > Advanced Settings page under the Sending Limit title.

  • The lifetime of phishing campaigns has been changed from 3 days to 365 days by default.

  • A performance improvement has been made for the Available For field to list the companies much faster.

  • The admin now can see pre-attached files in preview pages in the phishing simulator.

  • The SIEM page has been moved to Company Settings for a better user experience.

  • The admin won’t see the Attachment field to upload attachments for attachment based templates if the admin chooses Click-Only or Data Submission type when creating an email template for a better user experience.

  • An improvement has been made for Delivery status on the Campaign Report page for an admin to see which user has been received, and which user hasn’t.

  • The admin wasn’t able to see launched campaign’s email template or landing page if the owner of these templates doesn’t share the related templates anymore. The admin now sees even the owner doesn’t share the related email templates anymore because the campaign already launched.

  • An improvement has been made for a pop-up in the phishing simulator > landing page which the pop-up was going down after the user scrolls the page down. The improvement made the pop-up stay at the same place even the admin scroll down.

  • The loading component in the company > target users menu has been removed for a better user experience.

Bug Fixes:

  • Fixed an error when deleting a created custom role.

  • A bug was resolved where the admin was seeing ‘No Name’ information for some roles on creating custom role page.

  • A bug was resolved where the admin couldn’t download the Metadata file that the platform provides when setting up a SAML setting.

  • A bug was resolved where the admin was seeing a message for mandatory fields that needs to be filled up before the admin goes to the next page on the Company create page.

  • A bug was resolved where the admin couldn’t see the chosen email or landing page template after goes the next page and come back to the previous page.

  • A bug was resolved where the admin couldn’t delete a user from the target group.

  • A bug was resolved where the Method column filter wasn’t working as expected on the phishing scenarios page.

  • A bug was resolved where the admin try to save settings after using Turkish characters in the Phishing Reporter menu.

  • A bug was resolved where the admin couldn’t see the mandatory field message if the admin doesn’t fill up and goes to the next page. The admin now sees the warning message if try not to fill up the related mandatory field in the phishing simulator launch menu.

New Features:

  • The notification templates now support the Duplicate feature to duplicate a template in seconds without manually creating the related notification template.

  • The notification templates now support the Tag feature for an admin to add any tag to any notification template for better visibility for the same type of notification templates to separate.

  • The notification templates now support the Created By column to see which company has created the related notification template.

  • The notification templates now supports the Available For column that shows the count to see which notification template has been shared with how many companies.

May - 1

Improvements:

  • An improvement has been made to add ‘urn:’ formatted URLs to the Issuer URL field on the SAML configuration page.

  • The display time of system-wide warning messages has been increased from 5 seconds to 10 seconds.

  • 'SMTP Test Email' text message has been updated to a more detailed message.

  • The KeepnetLabs phrase in the service name of the Diagnostic Tool has been removed.

  • Phishing Scenarios, Email Templates, and Landing Pages authorization to Edit, Delete operations have been implemented. The owner of these pages is able to take the Edit or Delete actions and the users who use these pages are not able to take those actions since they’re not the owner of the pages.

  • A performance improvement has been made to Sendgrid integration to show sent emails deliver status faster on the Report > Campaign Reports > Sending Report menu in order for an admin to see the deliverability of emails.

  • Grapesjs editor was reading some HTML pages incorrectly, it’s now fixed.

Bug Fixes:

  • Fixed a bug that occurred in Microsoft 365 add-on when the add-on name contains Turkish characters.

  • Fixed a bug when trying to upload a target user with a file where no user exists.

  • Fixed a bug that occurred when using a logo with .jpeg extension in Microsoft 365 plug-in because Microsoft did not support it.

  • Fixed a bug that caused the button to display the entered key in the interface to behave incorrectly when more than one API Key was entered while adding IBM X-Force integration.

  • The authorization error when trying to start an investigation after the application has been updated has been resolved.

  • A bug in the communication of the first version Outlook Desktop plugin with the application has been fixed.

  • A bug was fixed for a specific phishing scenario that was not allowing the admin to launch it.

New Features:

  • A new feature that allows to add SIEM integrations has been added to the Company Settings page.

  • Splunk integration, which enables the audit logs on the platform to be sent to Splunk, was implemented.

  • The Turkish language characters are now supported on the platform.

  • HTML extension has been integrated into the Attachment based phishing campaigns for admins to use HTML extension based attachment campaigns.

April - 3

Improvements:

  • A user role logic has been improved to allow the Reseller admin to change the role of other Reseller user’s role.

  • A search function has been added to Import from a file page to search target groups easily.

  • When the sub page menu is selected from the left menu, the icon will be seen as Blue in order to understand much easier which page the admin is on.

  • Icons on the platform weren’t loading until the page is fully refreshed (under one second) after the admin refreshed the page. Now, even if the admin refreshes the pages, icons on the platform will be seen at that period of refreshing time.

  • Available For field will be filled by default as ‘My company only’ when a reseller creates a Scenario, Email Template or Landing Page template.

  • Multiple API key support is now provided to IBM X-Force integration.

  • Tags column in the reported e-mails table in the Incident Responder module now supports filtering.

  • It has been improved that the Phishing Reporter AddIn customizations are written to the audit log.

  • The operations performed on the interface have been made to work more efficiently in browsers.

Bug Fixes:

  • A bug has been fixed on identified phishing domains that were not redirecting the landing page.

  • A bug has been fixed which was not allowing the admin to launch specific phishing campaigns.

  • A bug has been fixed where the ‘Password Complexity’ column in the Phishing Campaign report was shifted.

  • A bug has been fixed on Phishing Simulator > Settings > Domains > Status column where the word ‘Not Checked’ wasn’t fitting inside of the box.

  • A bug was fixed where the logo containing long names overflowed on the Company Settings > White Labeling page.

  • A bug was fixed where it was showing 'Success' status for a domain although configuration settings doesn't work under Phishing Simulator > Settings > Domains page

  • A bug was fixed where it was showing the wrong Breadcrumb of a phishing campaign report after clicking on the View Report button from the Campaign Manager menu.

  • A bug was fixed where the filtering wasn’t working properly on the Reports > Status column.

  • A bug was fixed where it was giving a 500 error when the admin sorted the ‘Service Type’ column in Phishing Simulator > Settings > DNS Services page.

  • On the Playbook page, when the notify action was selected, the names of the notification templates did not fit in the relevant field. This bug has been fixed.

  • The momentary stop of the Redis service resulted in the application stopping. This bug has been fixed.

  • Fixed a bug where the image name would not fit into the field when selecting a logo with a long name on the Whitelabeling page.

  • The bug that caused the interface to freeze when the window opened for the Company Switch feature is closed with the ESC key has been fixed

New Features:

  • The admin is able to now use downloaded .EML or.MSG files to import to the Phishing Simulator > Email Templates > Create Email Template page in order to create a phishing email template in seconds by using the .EML or .MSG files.

  • The admin is now can create a second HTML page to redirect target users from the first landing page to the second landing page.

  • The admin can create Attachment based phishing campaigns to see who opens the phishing attachments.

April - 2

Improvements:

  • A new mailing system has been developed. Now, it can send more emails in less time.

  • The ordering has been changed on the Campaign Reports > Sending Report page. Now, the page loads faster.

  • When the admin clicks on the "Details” or “Preview Email" buttons of reported emails in the Incident Responder, the details will be opened in a new tab.

  • Improvements have been made regarding the use of the proxy. If a proxy is misconfigured, the admin can identify the source of the problem from the error message.

  • The Diagnostic tool now communicates with the microservice to work efficiently.

Bug Fixes:

  • Changed the warning message when deleting SCIM settings with the more clear message.

  • The error that occurred when trying to download the Microsoft 365 add-on with the default image has been fixed.

  • The mail opened in a new window in Outlook could not be deleted while reporting, this error has been fixed.

  • Fixed the Whitelabeling save button to appear as disabled for non-authorized users.

  • The Status column was not displayed on the Domain page. This problem has been fixed and now the Status column has visibly.

  • Fixed an HTML corruption issue while creating a landing page on Phishing Simulator.

  • A bug that occurred when trying to take bulk action for e-mails reported in the Incident Responder module has been fixed.

  • Header information was corrupted when trying to download e-mails reported in the Incident Responder module. This bug has been fixed.

  • Fixed a bug that allowed the space character to be accepted when trying to scan with the URL filter when starting an investigation.

  • Fixed an error when reporting suspicious emails.

New:

  • You can add a link to an image that you created in the GrapesJS editor.

  • SCIM integration has been integrated to synchronize target users automatically without human interaction from the Identity Providers.

April - 1

What's new:

  • SCIM protocol support is added for importing target users. You can create SCIM integrations with your service providers to import your users to Keepnet Labs securely.

  • Target users imported by a SCIM integration are managed by the identity provider. This would allow managed target users to:

    • Update automatically when their corresponding entries in the identity provider are changed.

    • Prevent manual editing in the dashboard.

    • Prevent manual deleting from Keepnet Labs dashboard.

    • Prevent removing them from a SCIM managed target group

  • Target users imported by a SCIM integration can be added to a target group automatically. You can also select a target user attribute to group target users into different target groups. For example, grouping imported target users by their departments.

  • When creating a SCIM integration, you can select which SCIM attributes correspond to which custom fields in the Keepnet Labs dashboard. This feature allows you to import your target users to Keepnet Labs with additional information.

March - 3

Improvements:

  • Public domains such as ‘outlook.com, gmail.com’ are not allowed to add to the platform. The admin will be warned and asked to reach the support team if there is a specific reason to add the public domain to the profile.

  • Admin will not be able to launch the same training to the same group two times in 5 minutes if admin doesn’t choose the ‘Mark As Test’ option. The logic has been developed for system admins to launch training to a group accidentally more than two times in 5 minutes.

  • It is possible to add new groups on top of already added groups on the Multi-Tenant menu.

  • A security mechanism has been added so that reseller users do not make mistakes in training launches. If the admin presses the Reset button and sends the training with the By Email Group option instead of using the Multi-Tenant option, the admin will see the groups belonging to his own company instead of all the companies' groups.

  • The admin won’t see error messages if use large complex HTML codes in the Search field in the Phishing Simulator module.

  • The percentage has been moved from left %95 to right like 95% in Report Schedule, Gamification Dashboard, and Training reports.

  • The data in the downloaded report on the gamification dashboard page and the data in the downloaded excel file were matched.

  • The word 'Mandarin' in two different Chinese languages used in the Multi-Language feature has been removed.

  • The ‘Enroll’ word for the UK language has been changed to ‘Enrol’ where used in the Multi-language feature.

Bug Fixes:

  • A bug has been fixed in the structure of the Newly Added Users feature.

  • A bug where the scheduled phishing campaign, scheduled report, and training hasn’t started at the desired time has been resolved.

  • Info has been added to the ‘Move’ button under the Action column in the Company List menu and can be displayed when an admin hovers a mouse on it.

  • A bug was resolved where although the user has exam data, duration data was not visible.

  • A bug was resolved where the phishing campaign wasn't launched.

  • Fixed overlapping when adding multiple tags in the target group.

  • A sorting case is resolved for Status columns in the Exam and Scores menu in the training report.

What's new:

  • A new version of the Microsoft 365 Suspicious Email Report button is designed to work with Microsoft Defender only with three options such as Junk, Not Junk, Phishing.

March - 2

Improvements:

  • Improved HTML rendering feature in GrapeJS editor.

  • Performance improvements when importing HTML in GrapeJS editor.

  • If an error occurs while sending email, it will be logged with the error message.

  • Image URLs in Notification templates have been changed with the API URLs.

  • Logo in the notification templates automatically replaced with whitelabeling notification templates logo instead of company logo.

  • Audit logs have been improved. If a user updates a reported email, this action will be logged in audit logs.

  • Added a new confirmation modal in the campaign manager, if the user wants to create an instance additional confirmation will be needed.

  • The UI section of the product is now hosted by CloudFlare.

  • Performance Improvements on the Phishing microservice.

  • Old O365 logo has been changed with the Microsoft 365 logo in the Investigation Details page.

  • XML addin name for O365 has been changed with Microsoft 365.

  • Error messages when generating XML addin has been changed to Microsoft 365.

  • API Endpoint for O365 addin has been changed to Microsoft 365.

  • Investigation action error message has been changed with user friendly messages.

  • Now we are supporting IP Scope on the analysis exclusion list in the Incident Responder module.

  • Performance Improvements on the Campaign Reports page.

  • Phishing mail tracking API endpoint now serving a 1x1px image to track user actions.

Bug Fixes:

  • Fixed an error while creating notification template.

  • Proxy setting in the Phishing Reporter download history modal is not shown correctly. This issue has been fixed.

  • There was an error while sending an account created email, this issue has been fixed.

  • Fixed an error when releasing a new version of the product.

  • Fixed an error while generating Microsoft 365 addin.

  • SAML certificates could not be found in the directory. This issue has been fixed.

  • Diagnostic tool was not enabling disabled addin for specific Outlook Version. This issue has been fixed.

  • Category and type columns could not be filtered. This issue has been fixed.

  • Adding bulk tags in the Incident Responder Reported Emails table issue has been fixed.

  • Investigation details page found user shown incorrect data. This issue has been fixed.

What's new:

  • Google Workspace AddIn has a new feature: Delete original email while reporting an email.

  • DNS Services status’ used in Phishing Simulator will be checked with daily cronjobs.

  • Domains status’ used in Phishing Simulator will be checked with daily cronjobs.

March - 1

Improvements:

  • DNS and Domains menu title has been renamed to Settings.

  • The Microsoft 365 logo has been improved, shown in the Download Add-in modal.

  • Phishing Reporter widgets shadow has been removed.

  • The alert message margin-top value has been increased on the Campaign Info >Target Groups page.

  • Improved the error message when creating a system user if the create account email template does not exist.

  • It is improved the error message displayed when there are no search results in the Threat Intelligence module.

  • If invalid characters are entered in text fields, now an error message appears on the pages listed below.

    • Company Settings

    • Phishing Reporter > Email Settings

    • Phishing Reporter > Other Settings

    • White Labeling

    • ​​IR > Investigation > Select Criteria

  • Incident Investigation widgets have been improved.

  • A search icon has been added to Settings > Timezone search field.

Bug Fixes:

  • The error in some cases during the saving of phishing email template, has been fixed.

  • The text that appeared for unknown reasons on the widget during the Phishing Report > User page loading has been removed.

  • An overlapping issue of attachment files uploaded to the phishing email has been fixed.

  • The red texts shown in some cases during the importing HTML codes into phishing email templates now have been fixed.

  • The error in some cases during the importing of phishing email template, has been fixed.

  • In some cases HTML files can not be imported into phishing landing pages. Now it has been fixed.

  • An overlapping issue of Target User page columns has been fixed.

  • An overlapping issue of the Audit Log page Log Date column has been fixed.

  • In some cases, target users could not be found on the Campaign Manager page. Now it’s been fixed.

  • The source code does not appear when editing a landing page. It has now been fixed.

  • On the Investigations page, alignment issues in the Scan Status column were fixed.

  • For some reason, an incident detail page was not loading. This problem has been resolved.

What's new:

  • The Phishing Reporter Add-in now supports the Turkish language.

  • The platform no longer uses virtual directories.

  • Now, language can be selected on Email Templates and Landing Pages.

  • Now, the journey of e-mails sent via Sendgrid can be tracked through the interface.

  • While reporting an email Yes or No options were added into the Phishing Reporter Google Workspace version.

February - 2

Improvements:

  • Overhauled the Target User Import system to substantially improve the speed of the operation.

  • Imported Target Users will start appearing in the data table immediately, rather than waiting for all Target Users to finish.

  • When importing a file for adding Target Users, a message is shown (i.e Process is Queued) for the status of the field mapping operation.

  • When importing a file for adding Target Users, entries with the same email address were discarded from the file, now they are shown as invalid entries at the Validate step of the flow.

  • The field mapping performance has been improved when importing a file for adding Target Users.

  • Performance of single Target User add, delete and update operations have been improved.

  • Activated the button for adding custom fields when no Target Users were added for a company, which was not clickable behind the alert message.

  • When importing a file for adding Target Users, all columns length is limited to 255 characters.

  • Reduced the workload of browsers when displaying Target User data table, which improved the overall performance

Bug Fixes:

  • Fixed a bug where DateTime filters were not working correctly on the Target User data table.

  • Fixed a bug where sorting Target Users by First Name, Last Name, or Email was not working properly.

  • Fixed a bug where custom fields with Numeric data type were not working correctly.

  • Fixed a bug where setting a default filter was not populating the search field.

  • Fixed a bug where the “Clear filters” button was not clearing the searched phrase.

  • Fixed a bug where using lower case custom field names were giving errors when searching or filtering the Target User data table.

  • Fixed a critical bug that caused some entries to be incorrectly matched that occurred when importing a file for adding Target Users with custom fields.

  • Fixed a bug where going back and forth between import Target Users steps were creating undesired behaviors.

  • Fixed a bug where deleting an imported file when importing Target Users was giving an error.

  • Fixed a bug where making searches in the Validate data table were giving errors when importing a file for adding Target Users

What's new:

  • When importing a file for adding Target User, existing fields will be automatically matched with the headers of the file.

  • Added a new section under Company -> Job Log, where you can monitor the progress of the Target User import operations.

  • Added a new button for selecting all Target Users, which made It possible to delete all Target Users at once.

February - 1

Improvements:

  • DNS customizing options have been improved.

  • The Turkish characters was changing after filling the email field on the login page, no changes will be made any longer.

  • Add-in micro service connection URL address has been changed on all companies.

  • The input (url, ip, text) validation has been added to the fields on the Proxy Settings, Rest API, New company and System User pages.

  • Select box has been removed on the new phishing scenario modal.

  • Performance improvement was made in the Phishing Simulator user tracking module.

  • Performance improvement was made in importing new HTML template.

  • Performance improvement was made in Incident Responder investigation progress.

  • Password reset “Invalid request” message has been replaced with a more significant phrase.

  • The tour feature is now only available on the dashboard page.

  • Some widgets would be visible even if the customer did not have a license. If these widgets are not in the license, it will be hidden.

  • In the Phishing Reporter (Outlook version) addin, the text on the tab has been changed to Add-in Name instead of Brand Name.

  • URL conditions inputs are no longer needed to begin with HTTP or HTTPS on the New Investigation modal.

Bug Fixes:

  • The search icon was missing on the new company creation modal, now it’s been fixed.

  • The error in some cases during the saving of mail configuration has been fixed.

  • Fixed an error when a system user edit and save.

  • DNS service delete and edit permission issue has been fixed.

  • The error in some cases during the saving of new permission has been fixed.

  • Fixed an issue can not be freezing the First column on the Domain and DNS Service page.

  • 500 Internal Server error has been fixed in the HTML compress API.

  • 503 error has been fixed when changing the page row count on the Incident Responder page.

  • Fixed a white screen issue while creating a new notification template.

  • The extra scrollbar has been hidden on the notification creating page.

  • The column sorting issue has been fixed on the New Campaign > Target User page.

  • Phishing Reporter (Microsoft 365 version) black background issue has been fixed.

  • “Custom Integration” option has been removed from the permission list.

  • A phishing simulation cannot be started even if the customer has a license. This issue has been fixed.

  • When editing an integration, "No permission" error was showing even if the customer had permission. Now, this error has been fixed.

  • When starting an investigation, "No permission" error was showing even if the customer had permission. Now, this error has been fixed.

  • When clicking the badge on the Campaign Manager > Target User will no longer change its color.

  • Fixed a corruption when dragging the GrapeJS form item.

What's new:

  • It is now possible to modify the button more simply in GrapeJS.

  • Modern build feature has been added into GrapeJS. Once loaded, it waits for the DOM to get ready, and then the script is executed. The page suffers no performance penalty as such.

  • Windows Event log feature can be configured on the platform settings file.

  • Renamed O365 to Microsoft 365.

  • Diagnostic Tool can create a flag into Windows Registry Editor when it enables the Phishing Reporter Add-In. The flag can be read by the system teams of the company to show messages to the end users for restarting their Outlook in order to see after the Suspicious Email Reporter add-on has been deployed.

  • Now the reported email can match a Playbook rule even if it is a simulation.

January - 2

What's new:

  • The ability to use the proxy defined in the proxy settings has been added to the Cyber X-Ray analysis engine.

  • In the phishing reporter list, all data from the diagnostic tool will now be seen with a tooltip.

  • System users will now be used instead of target users in Playbooks.

  • In the Company list, the total number of target users of the relevant company is also displayed.

  • A desired image can now be uploaded to the template editor, and then these images can be accessed in an image gallery format from within the editor.

Improvements:

  • Performance improvement was made in the cluster by section according to the 'Subject' field in the Incident responder module reported mailing list.

  • The validity period of the password reset link has been increased from 1 day to 7 days.

  • In the phishing simulator module, phishing email sending speed is improved.

  • Dynamic calculation of estimated mail sending time was provided on the phishing campaign creation page.

  • Provided a warning message when an unregistered domain is entered on the whitelabelling page.

  • Performance improvement has been made in the phishing simulator module regarding the processing of phishing email opening, clicking and sending information.

  • Renamed Fortinet integration to Fortisandbox.

  • In Fortisandbox integration, the 'Reason' field of an expired analysis job is set to be blank.

  • In the Switch company section, the company logos will now be displayed optimally according to their size.

  • Performance improvement was made in target user search and filtering.

  • Performance improvement was made in searching and filtering target users when adding them in a group.

  • Performance improvement was made in searching and filtering target users that are in a group.

  • Performance improvement was made in viewing user’s groups.

  • Performance improvement was made in uploading target users with custom fields.

Bug Fixes:

  • Fixed an error when a root user edits or deletes an email template.

  • The error in some cases during the creation of diagnostic data has been fixed.

  • The error in some cases when a DNS service defined in the phishing simulator module cannot be seen has been fixed.

  • Made the campaign status appear as 'Error' instead of 'Completed' in the phishing campaign submission report, if all email sending operations resulted in error.

  • Fixed an issue where a mail whose sender IP was marked as malicious by IBM X-Force and Spamhaus analysis engines was displayed as 'Undetected'.

  • Fixed the issue where some emails were not displayed completely in the Email preview section.

  • Fixed an issue where the analysis date was displayed incorrectly for IP scans whose analysis job is in progress.

  • In the latest version of Google Chrome, when horizontal scrolling in the tables in the interface, the column texts overlapped.

  • Fixed an issue where imported target users were not previewed correctly when uploading a CSV file

January - 1

What's new:

  • A tooltip has been added to the 'Reason' column in the scan results of the IBM X-Force analysis engine.

  • Added confirmation dialog for 'Resend' action in phishing simulator reports.

Improvements:

  • Performance improvement has been made for investigations without attachment criteria in O365 Investigations.

  • In the scans of the IBM X-Force analysis engine, 'Phishing' for malicious URLs and 'Malicious' for attachments will be displayed.

  • Performance improvement has been made in adding users to a target group.

  • Performance improvement has been made when opening a target user list with a custom field.

  • In phishing simulator reports, 'In Queue' status will be displayed instead of 'Waiting to Send' for mails waiting to be sent in the table in 'Sending Report'.

  • Ensured that the URL with spaces cannot be entered in the excluded URL entry of the analysis engine integrations.

  • Phishing Resend Campaign options with zero users will now be displayed as disabled.

Bug Fixes:

  • Fixed the issue where the progress part of the investigation details was displayed incorrectly in some cases.

  • The error received when test connection is made for an email not found in O365 mail settings has been fixed.

  • Fixed the issue where 'only can use reseller notification template' is selected for a company, that company cannot see the notification templates of the relevant reseller.

  • Fixed an issue where the result was displayed incorrectly in some scans of the CyberX-Ray analysis engine.

  • The error received when trying to pass the duplicate steps quickly in Phishing Scenarios has been fixed.

  • Fixed an issue where sometimes the bottom company name was not fully displayed on the Switch company page.

  • The admin could send a training or phishing campaign to the users who are authorized before and but unauthorised. The Reseller now won’t be able to send the users whose email domain is not listed in the Restrict Email Address menu.

Last updated

Copyright © Keepnet Labs LTD. All rights reserved.