Code42 cloud release notes

Last updated
Save as PDF
Share
1. Share
2. Tweet

Who is this article for?

Incydr, yes.

CrashPlan for Enterprise, yes.

Code42 for Enterprise, yes.

CrashPlan for Small Business, no.

Overview

This page lists new features and bug fixes released to the Code42 cloud. Click a month below to expand or collapse the details.

These updates primarily impact cloud-only Code42 environments (without on-site authority or storage servers), but some of the fixes and enhancements also apply to Code42 environments with on-premises authority servers that use Code42 cloud storage.

For the Code42 app, see Code42 app version 8.6 release notes.

April 2021

Features

Integrate with Slack for insider risk response

April 2, 2021

Use automated integrations to send alerts to Slack, from which you can review and respond to them.

Slack_integration

The automated Slack message about the alert provides the following options:

Click the Actor link to view the user's profile.
Click the Review Alert in Incydr link to view more details about the alert.
Click Generate DM template to generate customizable direct message content to then copy and paste into a message to send to the actor.
Click Close Alert to close the alert from within Slack.

See more information about automated integrations.

Enhancements and updates

April 13, 2021

On the Risk Exposure dashboard and User Profile, the date selector now appears in the upper-right corner and applies to all items on both screens. Previously, each area had a separate date selector.

April 12, 2021

Code42 announces support for Amazon WorkSpaces that run a currently supported Windows operating system. Code42 app version 8.5.1 or above must be installed on the virtual desktop, and additional configuration is required.
Forensic Search and Cases now display file classification metadata from Microsoft Information Protection (MIP). This metadata can help provide additional risk context if you already use MIP in your organization.

April 6, 2021

The Incydr Basic product plan now includes additional features:
- Case management for security investigations
- The Departing Employees and High Risk Employees lists for risk detection
- One data connection to monitor files moving to and from cloud services (for example, Box, Google Drive, and OneDrive), or attachments sent through email services (such as Office 365 Outlook)
Increased the limit of employees that can be on a risk detection list from 5,000 to 10,000 users.

April 5, 2021

Added filters to the risk detection lists:

The Departing Employees list now allows you to filter the list by department, departure date, and only employees on the list with file events.
The High Risk Employees list now allows you to filter the list by department, risk factors, and only employees on the list with file events. Previously, you could only filter on risk factors.

Bug fixes

April 7, 2021

Fixed an issue in OneDrive where usernames and exposure field values were duplicated in Forensic Search. Previously, when a file in OneDrive was shared with Sharepoint users, those users may have been listed in the Shared with users field using this convention: "sharedlinks.<ID>.flexible.<ID>." This value also resulted in duplicate "Outside Trusted Domains" entries for the File exposure changed to and Exposure type fields in Forensic Search.

March 2021

Features

Unified username search across endpoints, cloud, and email

March 4, 2021

In Forensic Search, the Username search filter now returns results for endpoint, cloud, and email file events. Previously, there were separate fields for each data source. Specific updates include:

The Username (Code42) field is renamed Username.
The Username metadata now appears in the Event section of the file event details. Previously, it appeared in the Device section.
The Username field continues to search endpoint file events, but now also returns cloud and email events for that user. Previously, searching cloud and email events required entering a username in the Actor and Sender fields, respectively.

Enhancements and updates

March 18, 2021

Added event types to the Audit Log that record when an administrator or user restored files from the Code42 console, or a user restored files from the Code42 app:
- Restore started
- Restore ended
- ZIP file downloaded

March 17, 2021

Updated the Departing Employee Manager role to include permission to view and modify alert settings for departing employees.
Updated the High Risk Employee Manager role to include permission to view and modify alert settings for high risk employees.

March 15, 2021

In the rare case where the Active tab title and URLs are not available for a file upload event, the file event details now include a more specific description of why those values are unavailable. Requires Code42 app version 8.6 or later.

March 9, 2021

Adds Chinese, Korean, Thai, and Japanese to the supported languages for exporting a case summary PDF.

March 5, 2021

Released Code42 User Directory Sync version 1.6.1. For details, see the Code42 User Directory Sync release notes.

Bug fixes

March 17, 2021

Performance and stability improvements.
Fixed an issue on Windows devices where restoring a very large PDF file could result in duplicate files being restored.
Fixed an issue where some users with special characters or accent marks in their usernames were unable to sign in.
Fixed a rare issue where password resets could fail if the new password contained certain combinations of special characters.
Fixed an issue that only occurred in the Code42 federal environment on Windows devices backing up files with alternate data streams (ADS): restoring a previous version of a file now also correctly restores the associated ADS files.
In Forensic Search, fixed an issue where the detailed reason was missing for why a SHA256 or MD5 hash value is unavailable.

March 10, 2021

In Forensic Search, fixed an issue where clicking anywhere in the file event details unexpectedly closed them. Now, event details only close upon clicking the "x" icon in the upper right.

February 2021

Features

Destination-focused dashboard

February 25, 2021

On the User Profile and Risk Exposure dashboard, we've added a destination-focused tile to help you find the most critical information you need, faster. The Destination activity over time graph only shows destinations that have file activity and shows file event details for destinations such as cloud service providers, email, removable media, and source code repositories.

With this change, we transitioned the Endpoint over time and Cloud sharing over time data into the more robust Destination activity over time graph and have expanded the File category breakdown information into its own tile, keeping critical information in the forefront.

Quickly add multiple file events to a case

February 23, 2021

Forensic Search now includes a multi-select option, which enables you to quickly and efficiently add multiple file events to a case.

Forensic search - select multiple events to add to a case

Improved upload destination detection

February 16, 2021

When a user accesses more than one browser tab while file uploads are in progress, the event details in Forensic Search, Cases, and Alerts now list all tab titles and URLs visited during that upload. This helps provide a more complete view of user activity. Previously, only one tab was listed and in some cases it may not have accurately represented the upload destination, but instead indicated a tab viewed by the user while a file was being uploaded to a different tab in the background.
In the Forensic Search API, the windowTitle and tabURL fields are deprecated and replaced by tabTitles and tabURLs, respectively. The windowTitle and tabURL fields will continue to function normally until February 2022. However, the new fields provide better context for user activity so we recommend updating your scripts and integrations as soon as possible to take advantage of the new information.

Forensic Search usability improvements

February 4, 2021

Forensic Search adds several updates and enhancements to make it easier to review search results, including:

Event details now slide in from the right instead of expanding within each row of search results.
File download links now automatically appear if the file is backed up by any user in your Code42 environment. Previously, if there wasn't an exact match in the backup archive of the user who caused the file event, you needed to manually click the Search Other Locations button.
In the expanded event details, improved display of fields with very long values. For example, long file paths now automatically wrap to the next line and display the entire path (previously, some long values were truncated and could only be viewed in their entirety via the CSV export).
In the list of search results, improved display when many columns are selected, including pinned columns for common actions when scrolling horizontally.
Other minor usability updates.

Updated Forensic Search interface

Enhancements and updates

February 19, 2021

The Cases list is now automatically filtered to only show Open cases by default. This makes it easier to find and access your active investigations. Closed cases are still visible by clicking the filter icon and choosing Closed or Any Status.

February 17, 2021

Security updates.
Performance and stability improvements.
Devices using unsupported macOS 10.13 High Sierra will not upgrade to newer versions of the Code42 app.
When initiating a device restore from the Code42 console for a large number of files, files now start restoring to the target device more quickly than before.
Updated the on-screen setup instructions for local two-factor authentication to more clearly list additional options for generating the Time-based One-Time Password (TOTP) than only the Google Authenticator mobile app.

February 9, 2021

In the Forensic Search API, some fileCategory output values have updated strings (for example, SOURCE_CODE changed to SourceCode). If you use customized scripts or integrations that expect a specific string value in the fileCategory response, you may need to update them to account for the new category names.

February 4, 2021

Added event types to the Audit Log to record case actions:
- Case assignee changed
- Case closed
- Case created
- Case file event added
- Case file event removed
- Case subject changed

Bug fixes

February 17, 2021

In Forensic Search, fixed a rare issue where a file could be unavailable for download if the capitalization of the filename or file path changed after the file was backed up.
The confirmation dialog to deactivate a user now indicates that the backup archive will be placed into cold storage (according to the cold storage settings for the organization). Previously, the message implied the archive would be deleted immediately.
On the Restore History screen, values in the Restore To column are no longer clickable links. This fixes an issue where clicking a value in that column caused an error.
In the Forensic Search and Cases file event details, fixed an issue where the File exposure changed to field was temporarily labeled Sharing Type Added.

January 2021

Features

Code42 Developer Portal

January 11, 2021

The Code42 Developer Portal is a new resource site for those who want to write scripts to automate Incydr tasks and set up integrations.

Benefits of the portal include:

A single access point for documentation of methods for Incydr, including Code42's REST API, Python SDK py42, and command-line interface (CLI)
A single request URL for Code42 API calls to each cloud instance
Code42 API reference documentation as well as articles that describe how to use the APIs
Open-source contributions to the portal using GitHub

Code42 Developer Portal

Get help
For help using the resources in the Code42 Developer Portal, contact your Customer Success Manager (CSM) to engage the Code42 Professional Services team.

Enhancements and updates

January 26, 2021

Adds the URL of files involved in activity on cloud services (when available) to the "File events" list in alert details and emails, giving you more context and information for investigations.

January 25, 2021

Enhancements to the Audit Log:
- Organized event types into categories to make it easier to filter and search for events.
- Added event types to log when Code42 support user access is enabled and disabled.

January 20, 2021

The Code42 console now displays a message when updates to device settings are in progress. This information provides visibility to administrators to confirm updates are processing, which reduces the chance of inadvertently submitting duplicate changes.
For provisioning provider synchronization, increased the maximum deactivation delay to 90 days. Previously, the limit was 24 hours.
The Identity Management > Provisioning list view now includes a Type column to differentiate between SCIM providers and Code42 User Directory Sync. Previously, the provisioning type was only displayed in the provider's details.
Security updates.

January 8, 2021

Case details now display additional risk context to provide a more holistic view of the user being investigated. Details include:
- If the user is on the High Risk Employees or Departing Employees lists.
- Other risk factor attributes in the user's profile (for example, High impact employee or Flight risk).
Added a Code42 support user type to the Audit Log search filter. Employ this user type to search for events triggered by Code42 support users who are given support access to your Code42 environment.

Bug fixes

January 20, 2021

Performance and stability improvements.
Fixed an issue where the Device details screen in the Code42 console could display the wrong Code42 app version.
Improved error messaging if a keystore migration fails.
Fixed an issue with Azure SCIM Provisioning where removing one user from a group could unintentionally move all users in the group to the "default" Code42 organization.
In the Administration section of the Code42 console, fixed an issue where previously-entered search terms could unexpectedly re-appear in the search box under certain circumstances.
Fixed an issue where some users with special characters or accent marks in their usernames were unable to sign in to the Code42 app via SSO (single sign-on).
Fixed a broken link in the Code42 for Enterprise Backup Status Alert email.
Removed the prompt to download the CrashPlan app from the Administration section of the Code42 console.

January 13, 2021

Fixed an issue where permissions changes to folders in Box and OneDrive cloud services could be incorrectly attributed to the wrong actor in Forensic Search. In some cases, this fix may result in a blank value for File exposure changed to in Forensic Search for activity detected in Box and OneDrive.

Previous release notes

For release notes prior to January 2021, see Previous version release notes.