Unified Security Management

Dashi USM v1.3.2

This release includes a number of bug fixes and improvements to the USM platform. No need to install anything, these changes are available to all users immediately.

Improvements

• Added a Legend for impact scores. This makes it easier to understand the impact of an incident at a glance. Click the "i" icon next to the Impact score to see the legend.
• New Risk Scoring matrix in the Risk Register.
• Minor UI tweaks to improve readability and consistency across the platform.
• New design for the login, forgot password, and reset password pages. We hope you like it!

Dashi USM v1.3.1

This release includes a number of bug fixes and improvements to the USM platform. No need to install anything, these changes are available to all users immediately.

Improvements

• Improvements to the Incident list, incident detail view, and Events feed to improve clarity of Impact ratings.
• New events can be added directly from the Incident view, simplifying the process of timeline creation.
• We built a secret page that lets you reset your management system to a clean slate. This is useful if you want to start fresh or if you just want to clear out all your data. It's destructive though, so use with caution. Just navigate to /management_system/reset while logged in to your account to access it.

Dashi USM v1.3.0

This release greatly expands on the information security management system (ISMS) capabilities of Dashi USM with the launch of USM ISMS.

USM ISMS

• Controls: your one-stop shop for managing your organization's security controls. Define your controls, link them to risks, and track their implementation status. Your "Statement of Applicability" in ISO 27001 lingo.
• Attributes: new in the ISO 27001:2022 standard, Attributes help you refine and categorize your controls. Define your attributes and link them to controls to provide more context and detail.
• Policies: define your organization's security policies and link them to controls. Built-in version history, peer review and print views make it easy to manage your policies in line with best practices.
• Template controls, attributes and policies to help you kick-start your ISMS.
• New "ISMS" section in the sidebar to access all your ISMS features. Access it all for just $149 per month for your entire organization.

Improvements

• UI tweak: feedback from actions such as saving or updating a record are now shown as 5-second notifications in the bottom right corner of the screen.

Bug fixes

• Risk scope can now contain more than 255 characters.

Dashi USM v1.2.1

This release includes a number of bug fixes and improvements to the USM platform. No need to install anything, these changes are available to all users immediately.

Improvements

• For those of you who prefer to combine your risk register and risk treatment plan, you can now do so directly in Dashi USM. We've added new Risk Treatment details to the Risk Register view where you can define your risk treatments for each risk.
• You can now filter Events by acknowledgement status in the Event feed view. This makes it easier to see which events have been acknowledged by a human.
• Enforcements can now be linked to incidents, giving you a clearer picture of the impact of a breach on your organization.
• Events can now be attached to Incidents directly from the feed view.

Bug fixes

• When editing an event, newly added risks are now saved correctly.
• For the verbose among you, enforcement descriptions can now contain more than 255 characters.

Dashi USM v1.2.0

This release includes a number of bug fixes and improvements to the USM platform. No need to install anything, these changes are available to all users immediately.

Improvements

• Much more granular role based access control
• REST API for managing endpoints. You can now add, update and delete endpoints via the API.
• New "API keys" section in the user menu where you can generate and manage API keys for programmatic access to the USM API.

Bug fixes

• Fixed a minor XSS vulnerability in the event feed view that was picked up by our scanning software.

Dashi USM v1.1.3

This release includes a number of bug fixes and improvements to the USM platform. No need to install anything, these changes are available to all users immediately.

Bug fixes

• Fixed a bug in the email ingestion engine that caused specific types of emails to fail to parse.
• Fixed a bug in the Scan Results page where the timestamp listed for a vulnerability scan was showing the scan request date instead of the results timestamp.

Dashi USM v1.1.2

This release includes a number of bug fixes and improvements to the USM platform. No need to install anything, these changes are available to all users immediately.

Improvements

• Results of vulnerability scans, port scans, subdomain scans and Website security scans are now unified in a Scan results view, so you can see all your scan results in one place.

Bug fixes

• Subdomain scans can now be deleted.

Dashi USM v1.1.1

This release includes a number of bug fixes and improvements to the USM platform. No need to install anything, these changes are available to all users immediately.

Improvements

• A count of open events is now displayed in the navigation bar, so you can see at a glance how many events need attention.

Bug fixes

• Fixed a bug saving regular expressions in rules
• Long event names are now truncated in the feed view to prevent overlap with other elements
• Fixed an error on the Create App Key page

Dashi USM v1.1

This release includes a number of new features and improvements to the USM platform. No need to install anything, these changes are available to all users immediately.

Improvements

• Powerful new rules engine replaces per-ingestion rules.
• Improved performance when working with large list views.
• Add multiple URLs per endpoint and request security scans of your URLs directly from the USM interface.
• Subdomain scans now automatically run weekly instead of on demand. An event will be logged if any new subdomains are detected, or if any subdomains are no longer present.
• Events can now be acknowledged and closed, so you can keep track of which events still need attention.
• Port map scan results now highlight newly opened ports and closed ports between scans.

Bug fixes

• When viewing subdomain scanning results, endpoints that have already been added to USM are now marked as such.
• Short event log messages are now displayed correctly in the event log view.
• When adding an endpoint, the hostname field is now validated on the client side to help prevent invalid hostname errors.
• Fixed bug that caused incidents to fail to save if the resolved datetime was empty.
• nmap port scan results would not render in Safari as it would not load the XML stylesheet. Results are now converted to HTML and displayed correctly in all browsers.

New rules engine

Per-ingestion rules were complicated and tedious to manage. The new Rules engine in USM enables you to configure rules that are applied to all ingested event logs. This makes it easier to manage rules and ensures that the same rules are applied consistently across all data sources.

A simple graphical rule configuration interface allows you to create complex and powerful rules quickly and easily.

Supports matching event log source, endpoint (host) or endpoint name (string match). The event log message can be matched against a case-sensitive string, or for more powerful searching you can use a regular expression.

Lastly you can configure the rule to match only if the event message does or does not match the previously received event message from the same source. This is useful for detecting when output has changed, without receiving a flood of notifications every time the same event is logged.

Dashi USM v1.0

Version 1.0 of Dashi USM is now available for public consumption!

Dashi USM is our new unified security management platform. It's designed to be easy to use, with a simple and intuitive interface and powerful features to discover, observe, analyze and respond to security threats.

Sign up for free at https://dashiusm.com/