SimpleRisk Core
The SimpleRisk 20241209-001 release is a larger fix release with a few new features as well. If you are still experiencing any issues regarding SSO please contact support@simplerisk.com as these issues should be resolved at this time and outstanding cause for any inability to login is likely caused by configuration.
This release includes the following bug fixes:
- Resolved an issue preventing backups from completing due to a missing variable.
- Resolved an issue where an error occurred when attempting to order columns in the Active Audits datatable.
- Fixed an issue where values weren’t displaying dynamically from the database and were hardcoded instead in the Prioritization tab.
- Fixed a bug causing a page load failure when editing a mitigation that had a control attached due to a datatable error.
- Resolved a bug where a datatable error occurred when performing a self-assessment and clicking on mitigation actions.
- Fixed an issue where clicking the "Generate Report" button failed to render the graph on the Graphical Risk Analysis page.
- Fixed a bug where text was improperly wrapped and partially hidden in input fields.
- Corrected an issue where the phone number field accepted special characters and text, which should only accept numeric input.
- Resolved an issue where editing risks and mitigations became slow if the system had a large number of files in the ‘files’ table.
- Fixed an issue where enabling a large number of frameworks caused the Define Tests page to fail due to long URI requests.
- Fixed an issue where the file upload widget was displayed in pages where file uploads were not supported.
The SimpleRisk Extras are the paid for functionality that extend the features of the SimpleRisk Core. This release targets bugs with incident managements’ display and .
Incident Management Extra:
- Introduced a new feature that allows for the creation of dynamic incident reports.
- Fixed a bug where an incident could be created without a summary field, ensuring data integrity.
- Fixed an issue where values weren’t displaying dynamically from the database and were hardcoded instead in the Prioritization tab.
Risk Assessment Extra:
- Added the ability to export questionnaire results directly to a spreadsheet.
- Resolved an issue where users without permission to access the Assessments module were not visible as assessment contacts when sending questionnaires.
- Fixed an issue where the Phone value was incorrectly required in the Assessment Contacts section.
- Fixed an issue where ordering of columns in the Actions section caused errors when clicked on the Assessments → Assessment Contacts page.
- Restored the display of Question # in questionnaire results, as it was unintentionally omitted in previous versions.
Secure Controls Framework Extra:
- Fixed an issue where new frameworks would load initially when the SCF Extra was installed but would not load after the update.
Encryption Extra:
- Fixed an issue where enabling the Encrypted Database would show encrypted asset names when selecting "Assets" from the Connectivity Visualizer Report.
Import/Export Extra:
- Fixed an issue where importing controls with an undefined control class would not create the class as expected, and would only map if the class already existed.
- Implemented a temporary fix for an issue where exporting large single-cell data exceeding Excel's 32,767 character limit would fail. Now, the data will be truncated to fit within the limit.
Incident Management Extra:
- Added a Dynamic Incident Report feature.
Risk Assessment Extra:
- Fixed an issue where users without permission to access the Assessments module were not visible as assessment contacts when sending questionnaires.
- Added the ability to export Questionnaire Results to a spreadsheet.
Secure Controls Framework Extra:
- Fixed an issue where new frameworks would load when the SCF Extra is installed, but not when updated.
Other Notes:
- A user reported difficulty logging in with the default username admin and password admin. Investigation revealed that PHP was enforcing secure cookies, but the application was not using SSL, preventing session values from being set. If you encounter this issue, try installing an SSL certificate and running SimpleRisk over HTTPS to resolve it.
