- DATE:
- AUTHOR:
- The Drata Team
July 2023
Learn about the latest and newest features and updates every week. You can also visit the Roadmaps and Ideas page on our app to view upcoming releases or request new ideas.
Latest updates
Control task
Create and manage tasks for specific controls to work towards control readiness. For more information, go to Task.
Cyber Essentials
Release of Drata's newest supported framework, Cyber Essentials. To learn more about Cyber Essentials, go to About Cyber Essentials.
27 new requirements, 6 new controls, 1 new policy (2 revised).
Personnel Exclusions (V1)
Create an exclusion for any personnel compliance check and enter the duration and the reason for the exclusion. For more information, go to Personnel Exclusion.
Vulnerability scanning integration, Rapid7 InsightVM
Sync vulnerability reports from a Rapid7 InsightVM console directly to Drata and attach reports to controls for evidence of Vulnerability scans (like DCF-18). For more information, go to Rapid7 InsightVM.
Workspace ticketing management
Create tickets in non-primary workspaces for tests and controls that have ticketing providers with write-access such as Jira, Asana, and ServiceNow. For more information, go to Workspaces - Ticketing Management.
Workspace event tracking
View events that are specific to a single workspace. For more information, go to Workspaces - Event Tracking.
Improvements
Audit Hub
View a banner that indicates what an auditor can access in an active audit. For more information, go to Audit Hub.
Receive email notification when Audit Hub request status changes. Admins in Drata can toggle this notification on or off.
Save or cancel your changes when editing a messages.
Control owner details
Updated experience for managing control owner information. You can update control owners under control info in the control drawers. For more information, go to Control Owners.
CSV download on Personnel page
Updated the compliance overview download to include job titles.
Internal notes section
Auditors with the Read_Only
access will not be able to access internal notes for controls and events in Event Tracking. To learn more about controls, go to Controls: Set Up Required Approvals.
Risk Management
Delete one or multiple custom risks. For more information, go to Risk Management - Delete Custom Risks.
Filter by custom risks on Risk Management page.
Kandji connection
Updated Kandji connection to validate their new API URL format. For more information, go to Kandji.
Last test result in Monitoring page
Updated description of the last test result section in the Test Detail drawer to provide proper troubleshooting guidance.
SSL/TLS tests
Enhanced SSL/TLS tests to show history of the whole path a domain uses to successfully redirect from http to https. There is an added history object in the JSON response (raw evidence) to showcase how the results of the tests were found.
Test error email notification
Specifies the instance the test error relates, including the customer instance the test error is coming from.