Changelog
Follow up on the latest improvements and updates.
RSS
We’ve recently introduced some exciting updates to
Manual Evidence
to streamline your compliance process:Enhanced Descriptions:
Each task now includes a detailed description, hints, applicability terms, examples, and template links (if available). New Manual Evidence:
We added new tasks for KPI Objectives, Threat Intelligence, DLP System Implementation, Web Filtering, Cloud Exit Strategy, and Physical Security Controls.Improved Document Accessibility:
All files are now easily accessible, especially for M365 users. The NC Tracker, DPIA, and DPA templates have been embedded directly into their respective manual evidence tasks.Have feedback? Add it to our public roadmap and help us create a better platform.
We’ve rolled out two exciting updates to help you stay on top of compliance:
- Security reports page is now Compliance reports:We’ve redesigned the compliance reports page to make it easier for you to track your progress for purchased frameworks and explore other frameworks we support. While the page has been updated, the reports themselves remain the same for now, with improvements planned for the future.
- Framework Guides:Want to learn more about compliance frameworks? Check out our new Secfix guides.
1. NIS 2 Framework is now available on Secfix!
: Review your NIS 2 health score on your dashboard and access the detailed NIS 2 compliance report. 
2. TISAX Health score and compliance reports
: Review your TISAX health score on your dashboard and access the detailed TISAX compliance reports.
3. Trust Center: Attach resources to compliance frameworks
: You can now upload or link a resource, such as a certification, directly to a compliance framework in the Trust Center. It will appear alongside the. compliance framework and also be accessible in the resources section. 
. 4. Azure Connection: Simplified Setup Flow
: We’ve redesigned the Azure connection steps to make the process smoother and more intuitive. With clearer instructions and a more user-friendly flow, connecting your Azure account is now easier than ever.
1. GCP Connection: Simplified Setup Flow
We’ve redesigned the GCP connection steps to make the process smoother and more intuitive. With clearer instructions and a more user-friendly flow, connecting your GCP account is now easier than ever.
2. Trust Center: Add Link Resources
You can now attach links as resources in the Trust Center, alongside documents.
3. Mark automated task as "Not Applicable"
You can now mark automated tasks as "Not Applicable." Once marked, these tasks will be hidden from your main view and will not appear in your security report. However, you can still view them by applying the "Not Applicable" filter. If needed, you can restore them to the main list by switching their status to "Mark as Applicable."
Your customers and prospects can now view your Trust Center seamlessly on any device. Whether they're on a phone, tablet, or desktop, the experience is smooth and responsive.
You can dive in right now and start creating and publishing your own Trust Center. Check out how our co-founder Grigory customizes the Trust Center for Secfix in under 5 minutes!
With the Secfix Trust Center, you can upload your certificates, policies, and other resources, make them public or restricted, customize most of the content, colors, and logos, add subprocessors with automated suggestions, and add controls applicable to your company within seconds. And as a cherry on top – you can receive access requests for sensitive documents like pentest reports from your prospects.
We've also created a self-starter guide for you: Introduction to the Trust Center.
If you'd like some help getting started or want assistance from our designers, feel free to book a quick chat with us through this Calendly link.
You asked, and we listened.
This release focuses on bug fixes and feature improvements based on your feedback:✏️
Updates on Manual Evidence:
: - Secure Configuration Baselines: Added 2 new templates (in EN and DE).
- Test of Incident Response Plan: Added 1 new template (in DE).
- Incident Report or Root Cause Analysis: Added 1 new template (in DE).
- Tabletop Disaster Recovery Exercise: Added 1 new template (in DE).
🗓️
Enhanced employee end date logic
: If an employee is removed from the IDP (e.g., Office365) and the end date is fetched from the IDP, Secfix will prevent manually overwriting the end date with an empty value or clearing it. However, users can manually change the end date to any other past date.🔄
Fixed cloud asset sync issue
: Manual changes to cloud asset attributes now persist after syncs.⚡
Real-time updates on employees page
: Updates are now saved and displayed immediately without requiring a page refresh.👥
Improved policy update feature
: Automatically pre-selects previously selected groups when uploading a new policy version.🇩🇪
Added German security questionnaires
: Support for German security questionnaires for vendors.📄
Simplified risk assessment survey
: Survey questions are now optional, making it easier to skip irrelevant questions.💼
Fixed user role change issue
: Resolved unintended user terminations caused by role changes.We’re thrilled to introduce an amazing new feature that will transform your workflow!
🌟 Reuse Past Evidence
Now, you can easily reuse past evidence, making your workflow more efficient and streamlined.
For a closer look at this awesome update, check out the following video
🪄
Additional Enhancements:
- Dashboard:Enhanced health score for ISO27001:2022
- Reports:Added ISO27001:2013 security report
- Risk Assessments:Added a success alert to inform you of the number of added risk scenarios after completing an assessment survey.
- New Navbar:Our app now features a fresh and updated look with a new navbar.
- Access Page:Added missing fields and helpful tooltips.
new
May updates
🪄 Risk Assessments
You can now easily identify risks specific to your organization. The assessment includes questions tailored to the most common risks faced by modern companies
📈 GDPR Health score report
Now you can review your GDPR health score on your dashboard and access the detailed GDPR security report.
🔑 Improved access page
- ✅ Check the status of MFA & SSO for accounts
- ✅ Easily assign owners inline
- ✅ Identify accounts as "External person" or "Not a person"
- ✅ Add your notes to accounts
📄 Improved manual evidence
- ✅ Assign an owner to manual evidence
- ✅ Add your notes to manual evidence
🆕 New features
HRIS Integration:
- Improved Sync: Enhancements to the synchronization process between HRIS and IDP to ensure accurate user data.
- Force Sync on Reconnect: Automatically syncs HRIS data when reconnection occurs.
- Employee Status Alignment: Standardizes employee status to always reflect Secfix as the source.
🛠 Fixes & Improvements
- User Sync Bug Fix: Resolved issues with syncing users between IDP and HRIS following customer feedback.
- Control Status Calculation: Fixed bugs in control status calculations for Security Reports and ISO27001 Health Score, centralizing status calculations on the backend.
- Cloud Tags Bug Fix: Resolved issues with cloud tag management in inventory.
- Enhanced Company Representation: Updated to display the company name prominently.
- Security Report Improvements: Addressed missing status icons and text in security report summaries.
- New Filters: Introduced 'New Person/Not Person' as a filter option on the employee page.
- HR Merge Date Corrections: Corrected date displays in HR merge user table.
- Autocomplete and UI Fixes in Risk Register: Improved the controls field with an autocomplete list and enhanced UI.
- Connection Page and Me Page Enhancements: Improved UI on the Connection page and reduced duplicate calls to the data/me endpoint.
- Employee Task Visibility: Fixed an issue where tasks for terminated employees were not visible on hover.
- Progress Bar Color Correction: Addressed a bug causing the progress bar to display as grey when progress is at 100%.
- Access Page Search: Resolved a bug that stopped the search functionality on the Access page when displaying 100 results.
Load More
→