2023.03.02

Report component options

We have added two new options to the report components:

• You can now hide the short (numeric) IDs in the results table component
• You can now hide the short (numeric) ID column in the findings table component

To use these options, you will need to re-add the components.

The results table displayed on the 'Findings tab' of an assessment can be configured via 'Edit Assessment > Display (tab)', and defaults can be set in 'Settings > General > Assessment Defaults (tab)'.

Improvements

• The compilation speed of PDF reports for assessments containing many code blocks has been greatly improved.
• We have implemented a new feature that logs authentication attempts as activity. This includes information such as the authentication method, 2FA attempts, and IP address. You can view these activities on the activities page or retrieve them using the API.
• Logged activities can now be filtered by one or more 'activity categories'. This filter is also available via the API (see API docs).
• Tagged assessment sections displayed in the portal now link to the online report (if available).
• Placeholder, badge, and icon report components are now available in more places, such as in findings and comments.
• We've added a new 'Smart' option to the 'Start sections on new page' setting in Report Themes. With this option, a page break will be added after any non-empty assessment section. The existing 'Smart' option has been renamed to 'Smart (up to H2)', bringing it in line with the documentation and clarifying that it only affects the first two heading levels.
• New settings have been added to the 'Report Themes':
  • Render PDF images as links: whether images included in markdown fields should be rendered as clickable links in the PDF report. These links allow the reader to view images in full-size via the browser for more details. We recommend disabling this option if you create PDF reports for clients that do not have access to the assessment in Reporter.
  • New page before findings: whether to insert a page break between a section's description and the first finding in the section.
• The CWE and CAPEC classifications have been updated to their latest versions. To ensure you are always working with the most current version, each new Reporter release will contain the latest available version of these classification systems.
• Assessments on the dashboard can now be filtered:
  • All: display all assessments you have access to.
  • Member (admin only): display all assessments where you are a team member.
  • Assigned: display assessments where you are assigned to the current assessment phase. 
• To ensure consistency between the online and PDF reports, we have increased the margins above and below markdown lists in PDF reports.

Bug Fixes

• Fixed an issue where adding multiple components or caution tags on the same line would cause some text or components to be rendered multiple times.
• Fixed an issue where mark tags within mark tags would cause text to be rendered multiple times.
• Fixed an issue where admins received 'Retest Performed' notifications.
• Fixed a crash when exporting findings as CSV for assessments with the 'Severity Only' scoring system.
• Fixed an issue where in-app notifications did not specify that you were tagged in comments, retests, etc.
• Fixed a bug where the 'badge highest risk'-component did not render inline.
• Fixed a bug where adding a newline after the 'badge highest risk'-component caused report compilation to fail.
• Fixed a crash when opening a finding as an admin in assessments where findings are restricted to resolvers.
• Fixed a bug where the 'scope' component in assessments without targets would cause report compilation to fail.
• Fixed a bug that prevented the deletion of client logos, avatars, and theme documents.