Release notes

Ability to shortlist key risks in risk assessments

Annie Luu
Annie Luu
released Nov 22, 2023
Release notes imageAbility to shortlist key risks in risk assessments

We’ve added the ability to create a shortlist of key risks as part of a risk assessment, allowing you to highlight important risks and those requiring follow-up. You can choose to include only key risks as part of your risk assessment report,  in lieu of displaying the full list of risks. To learn more see How to complete a risk assessment

API flexible permissions

We’ve revised API permissions to allow a finer-grained set of permissions and visibility:

  • Added a Read/Read&Write flag to allow a given API key to only access GET functions or to be able to access GET/PUT/POST and DELETE functions.
  • Expanded on the current Data Leaks permission to allow an API key to be defined by role.
  • To protect existing integrations all existing API Keys will be granted full access. The new model will only relate to keys generated after this release.

To learn more see UpGuard’s API documentation.

Vendor monitoring API changes

We’ve created specific API endpoints to start monitoring and stop monitoring a vendor. This allows us to follow more established and consistent API design practices as well as restrict the monitoring to only those API Keys that have Vendor Risk Read&Write permissions. In subsequent releases, we will deprecate the “start_monitoring” flag in the /vendor API endpoint and remove that feature:

  • Vendor ID or Primary Host Name) to the list of monitored vendors. This supports the same functionality as our existing /vendor API when start_monitoring = true, such as:

         - The ability to apply labels and tiers; 

          - A wait for a scan feature that scans the vendor before returning the results; 

          - Checks on UpGuard licenses maximum Vendor counts.

  • /vendor/unmonitor – A new endpoint that will remove the specific vendor (based on Vendor ID or Primary Host Name) from the list of monitored vendors.

To learn more see UpGuard’s API documentation.

SysAid vulnerability detection

We’ve added detection for the SysAid product, its version, and associated vulnerabilities, notably CVE-2023-47246 being exploited by the Clop group.

Other improvements

  • This release includes a number of bug fixes.
  • Check icon
  • Check icon
  • Check icon
  • Check icon
  • Check icon
Book a free demo
View all release notes

UpGuard Release Notes

Learn about new features, changes, and improvements to UpGuard.
Automatically answer questionnaires using a SOC 2 report, information security policy, or any other PDF
UpGuard logo
Automatically answer questionnaires using a SOC 2 report, information security policy, or any other PDF
Abstract image background

Automatically answer questionnaires using a SOC 2 report, information security policy, or any other PDF

Automatically answer questionnaires using a SOC 2 report, information security policy, or any other PDF
Toby Roger
September 11, 2024
Send security questionnaires to vendors using the API
UpGuard logo
Send security questionnaires to vendors using the API
Abstract image background

Send security questionnaires to vendors using the API

Send security questionnaires to vendors using the API
Toby Roger
August 28, 2024
Expanded categorization of attack surface risks
UpGuard logo
Expanded categorization of attack surface risks
Abstract image background

Expanded categorization of attack surface risks

Expanded categorization of attack surface risks
Toby Roger
August 15, 2024
New SIG 2024 and DPDP Act Questionnaires
UpGuard logo
New SIG 2024 and DPDP Act Questionnaires
Abstract image background

New SIG 2024 and DPDP Act Questionnaires

New SIG 2024 and DPDP Act Questionnaires
Toby Roger
July 31, 2024
New multi-framework security questionnaire
UpGuard logo
New multi-framework security questionnaire
Abstract image background

New multi-framework security questionnaire

New multi-framework security questionnaire
Toby Roger
July 17, 2024
Customize notifications for critical vendor incidents and news
UpGuard logo
Customize notifications for critical vendor incidents and news
Abstract image background

Customize notifications for critical vendor incidents and news

Customize notifications for critical vendor incidents and news
Toby Roger
July 3, 2024
View all release notes
UpGuard customer support teamUpGuard customer support teamUpGuard customer support team

See UpGuard In Action

Book a free, personalized onboarding call with one of our cybersecurity experts.
Contact sales
Free demo
Free instant security score

How secure is your organization?

Request a free cybersecurity report to discover key risks on your website, email, network, and brand.
  • Check icon
    Instant insights you can act on immediately
  • Check icon
    Hundreds of risk factors including email security, SSL, DNS health, open ports and common vulnerabilities
Free score
Website Security scan resultsWebsite Security scan rating
UpGuard logo
UpGuard is a complete third-party risk and attack surface management platform.
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Contact sales
Free trial
Products
Tools
Company
Insights
Products
Compare
Solutions
Company
Insights
© UpGuard, Inc.
Research GuidelinesPlatform Terms & ConditionsWebsite Terms & ConditionsPrivacyCookies