Code42 cloud release notes
- Last updated
- Save as PDF
Who is this article for?
Incydr, yes.
CrashPlan for Enterprise, yes.
Code42 for Enterprise, yes.
CrashPlan for Small Business, no.
Overview
This page lists new features and bug fixes released to the Code42 cloud. Click a month below to expand or collapse the details.
These updates primarily impact cloud-only Code42 environments (without on-site authority or storage servers), but some of the fixes and enhancements also apply to Code42 environments with on-premises authority servers that use Code42 cloud storage.
For the Code42 app, see Code42 app version 8.6 release notes.
April 2021
Features
Integrate with Slack for insider risk response
April 2, 2021
Use automated integrations to send alerts to Slack, from which you can review and respond to them.
The automated Slack message about the alert provides the following options:
- Click the Actor link to view the user's profile.
- Click the Review Alert in Incydr link to view more details about the alert.
- Click Generate DM template to generate customizable direct message content to then copy and paste into a message to send to the actor.
- Click Close Alert to close the alert from within Slack.
See more information about automated integrations.
Enhancements and updates
April 13, 2021
On the Risk Exposure dashboard and User Profile, the date selector now appears in the upper-right corner and applies to all items on both screens. Previously, each area had a separate date selector.
April 12, 2021
- Code42 announces support for Amazon WorkSpaces that run a currently supported Windows operating system. Code42 app version 8.5.1 or above must be installed on the virtual desktop, and additional configuration is required.
- Forensic Search and Cases now display file classification metadata from Microsoft Information Protection (MIP). This metadata can help provide additional risk context if you already use MIP in your organization.
April 6, 2021
- The Incydr Basic product plan now includes additional features:
- Case management for security investigations
- The Departing Employees and High Risk Employees lists for risk detection
- One data connection to monitor files moving to and from cloud services (for example, Box, Google Drive, and OneDrive), or attachments sent through email services (such as Office 365 Outlook)
- Increased the limit of employees that can be on a risk detection list from 5,000 to 10,000 users.
April 5, 2021
Added filters to the risk detection lists:
- The Departing Employees list now allows you to filter the list by department, departure date, and only employees on the list with file events.
- The High Risk Employees list now allows you to filter the list by department, risk factors, and only employees on the list with file events. Previously, you could only filter on risk factors.
Bug fixes
April 7, 2021
- Fixed an issue in OneDrive where usernames and exposure field values were duplicated in Forensic Search. Previously, when a file in OneDrive was shared with Sharepoint users, those users may have been listed in the Shared with users field using this convention: "sharedlinks.<ID>.flexible.<ID>." This value also resulted in duplicate "Outside Trusted Domains" entries for the File exposure changed to and Exposure type fields in Forensic Search.
March 2021
Features
Unified username search across endpoints, cloud, and email
March 4, 2021
In Forensic Search, the Username search filter now returns results for endpoint, cloud, and email file events. Previously, there were separate fields for each data source. Specific updates include:
- The Username (Code42) field is renamed Username.
- The Username metadata now appears in the Event section of the file event details. Previously, it appeared in the Device section.
- The Username field continues to search endpoint file events, but now also returns cloud and email events for that user. Previously, searching cloud and email events required entering a username in the Actor and Sender fields, respectively.
Enhancements and updates
March 18, 2021
- Added event types to the Audit Log that record when an administrator or user restored files from the Code42 console, or a user restored files from the Code42 app:
- Restore started
- Restore ended
- ZIP file downloaded
March 17, 2021
- Updated the Departing Employee Manager role to include permission to view and modify alert settings for departing employees.
- Updated the High Risk Employee Manager role to include permission to view and modify alert settings for high risk employees.
March 15, 2021
- In the rare case where the Active tab title and URLs are not available for a file upload event, the file event details now include a more specific description of why those values are unavailable. Requires Code42 app version 8.6 or later.
March 9, 2021
- Adds Chinese, Korean, Thai, and Japanese to the supported languages for exporting a case summary PDF.
March 5, 2021
- Released Code42 User Directory Sync version 1.6.1. For details, see the Code42 User Directory Sync release notes.
Bug fixes
March 17, 2021
- Performance and stability improvements.
- Fixed an issue on Windows devices where restoring a very large PDF file could result in duplicate files being restored.
- Fixed an issue where some users with special characters or accent marks in their usernames were unable to sign in.
- Fixed a rare issue where password resets could fail if the new password contained certain combinations of special characters.
- Fixed an issue that only occurred in the Code42 federal environment on Windows devices backing up files with alternate data streams (ADS): restoring a previous version of a file now also correctly restores the associated ADS files.
- In Forensic Search, fixed an issue where the detailed reason was missing for why a SHA256 or MD5 hash value is unavailable.
March 10, 2021
- In Forensic Search, fixed an issue where clicking anywhere in the file event details unexpectedly closed them. Now, event details only close upon clicking the "x" icon in the upper right.
February 2021
Features
Destination-focused dashboard
February 25, 2021
On the User Profile and Risk Exposure dashboard, we've added a destination-focused tile to help you find the most critical information you need, faster. The Destination activity over time graph only shows destinations that have file activity and shows file event details for destinations such as cloud service providers, email, removable media, and source code repositories.
With this change, we transitioned the Endpoint over time and Cloud sharing over time data into the more robust Destination activity over time graph and have expanded the File category breakdown information into its own tile, keeping critical information in the forefront.
Quickly add multiple file events to a case
February 23, 2021
Forensic Search now includes a multi-select option, which enables you to quickly and efficiently add multiple file events to a case.
Improved upload destination detection
February 16, 2021
- When a user accesses more than one browser tab while file uploads are in progress, the event details in Forensic Search, Cases, and Alerts now list all tab titles and URLs visited during that upload. This helps provide a more complete view of user activity. Previously, only one tab was listed and in some cases it may not have accurately represented the upload destination, but instead indicated a tab viewed by the user while a file was being uploaded to a different tab in the background.
- In the Forensic Search API, the
windowTitle
andtabURL
fields are deprecated and replaced bytabTitles
andtabURLs
, respectively. ThewindowTitle
andtabURL
fields will continue to function normally until February 2022. However, the new fields provide better context for user activity so we recommend updating your scripts and integrations as soon as possible to take advantage of the new information.
Forensic Search usability improvements
February 4, 2021
Forensic Search adds several updates and enhancements to make it easier to review search results, including:
- Event details now slide in from the right instead of expanding within each row of search results.
- File download links now automatically appear if the file is backed up by any user in your Code42 environment. Previously, if there wasn't an exact match in the backup archive of the user who caused the file event, you needed to manually click the Search Other Locations button.
- In the expanded event details, improved display of fields with very long values. For example, long file paths now automatically wrap to the next line and display the entire path (previously, some long values were truncated and could only be viewed in their entirety via the CSV export).
- In the list of search results, improved display when many columns are selected, including pinned columns for common actions when scrolling horizontally.
- Other minor usability updates.
Enhancements and updates
February 19, 2021
- The Cases list is now automatically filtered to only show Open cases by default. This makes it easier to find and access your active investigations. Closed cases are still visible by clicking the filter icon and choosing Closed or Any Status.
February 17, 2021
- Security updates.
- Performance and stability improvements.
- Devices using unsupported macOS 10.13 High Sierra will not upgrade to newer versions of the Code42 app.
- When initiating a device restore from the Code42 console for a large number of files, files now start restoring to the target device more quickly than before.
- Updated the on-screen setup instructions for local two-factor authentication to more clearly list additional options for generating the Time-based One-Time Password (TOTP) than only the Google Authenticator mobile app.
February 9, 2021
- In the Forensic Search API, some
fileCategory
output values have updated strings (for example, SOURCE_CODE changed to SourceCode). If you use customized scripts or integrations that expect a specific string value in thefileCategory
response, you may need to update them to account for the new category names.
February 4, 2021
Bug fixes
February 17, 2021
- In Forensic Search, fixed a rare issue where a file could be unavailable for download if the capitalization of the filename or file path changed after the file was backed up.
- The confirmation dialog to deactivate a user now indicates that the backup archive will be placed into cold storage (according to the cold storage settings for the organization). Previously, the message implied the archive would be deleted immediately.
- On the Restore History screen, values in the Restore To column are no longer clickable links. This fixes an issue where clicking a value in that column caused an error.
- In the Forensic Search and Cases file event details, fixed an issue where the File exposure changed to field was temporarily labeled Sharing Type Added.
January 2021
Features
Code42 Developer Portal
January 11, 2021
The Code42 Developer Portal is a new resource site for those who want to write scripts to automate Incydr tasks and set up integrations.
Benefits of the portal include:
- A single access point for documentation of methods for Incydr, including Code42's REST API, Python SDK py42, and command-line interface (CLI)
- A single request URL for Code42 API calls to each cloud instance
- Code42 API reference documentation as well as articles that describe how to use the APIs
- Open-source contributions to the portal using GitHub
For help using the resources in the Code42 Developer Portal, contact your Customer Success Manager (CSM) to engage the Code42 Professional Services team.
Enhancements and updates
January 26, 2021
- Adds the URL of files involved in activity on cloud services (when available) to the "File events" list in alert details and emails, giving you more context and information for investigations.
January 25, 2021
- Enhancements to the Audit Log:
- Organized event types into categories to make it easier to filter and search for events.
- Added event types to log when Code42 support user access is enabled and disabled.
January 20, 2021
- The Code42 console now displays a message when updates to device settings are in progress. This information provides visibility to administrators to confirm updates are processing, which reduces the chance of inadvertently submitting duplicate changes.
- For provisioning provider synchronization, increased the maximum deactivation delay to 90 days. Previously, the limit was 24 hours.
- The Identity Management > Provisioning list view now includes a Type column to differentiate between SCIM providers and Code42 User Directory Sync. Previously, the provisioning type was only displayed in the provider's details.
- Security updates.
January 8, 2021
- Case details now display additional risk context to provide a more holistic view of the user being investigated. Details include:
- If the user is on the High Risk Employees or Departing Employees lists.
- Other risk factor attributes in the user's profile (for example, High impact employee or Flight risk).
- Added a Code42 support user type to the Audit Log search filter. Employ this user type to search for events triggered by Code42 support users who are given support access to your Code42 environment.
Bug fixes
January 20, 2021
- Performance and stability improvements.
- Fixed an issue where the Device details screen in the Code42 console could display the wrong Code42 app version.
- Improved error messaging if a keystore migration fails.
- Fixed an issue with Azure SCIM Provisioning where removing one user from a group could unintentionally move all users in the group to the "default" Code42 organization.
- In the Administration section of the Code42 console, fixed an issue where previously-entered search terms could unexpectedly re-appear in the search box under certain circumstances.
- Fixed an issue where some users with special characters or accent marks in their usernames were unable to sign in to the Code42 app via SSO (single sign-on).
- Fixed a broken link in the Code42 for Enterprise Backup Status Alert email.
- Removed the prompt to download the CrashPlan app from the Administration section of the Code42 console.
January 13, 2021
- Fixed an issue where permissions changes to folders in Box and OneDrive cloud services could be incorrectly attributed to the wrong actor in Forensic Search. In some cases, this fix may result in a blank value for File exposure changed to in Forensic Search for activity detected in Box and OneDrive.
Previous release notes
For release notes prior to January 2021, see Previous version release notes.