Enterprise Recon 2.13.0

Download ER 2.13.0 User Guide (PDF)

ER 2.13.0 Release Notes

The Release Notes provide information about new features, platforms, data types, enhancements, bug fixes and all the changes that have gone into Enterprise Recon 2.13.0.

For a quick view of the changes since the last Enterprise Recon release, see Summary of Changes.

Contents:

  1. Highlights
  2. Important Notes
  3. Enterprise Recon 2.13.0 Changelog
  4. Features That Require Agent Upgrades

New and Improved Features

Stronger PDF Scanning for Sensitive Data Discovery

The Portable Document Format (PDF) is one of the most widely used digital file formats; most contracts, reports, application forms, records, and many other documents are typically saved as PDF files. Because of the highly complex structure of the format, PDF files may contain sensitive data that can be easily missed or overlooked.

Understanding the need for more robust scanning capabilities, Enterprise Recon 2.13.0 now has improved capabilities to scan and identify sensitive information in PDF files.

Enhancements to PDF scanning include the following capabilities:

  • Improved detection of sensitive data in plain (i.e., standard fonts) and stylized (e.g., custom or symbol fonts) texts.
  • More effective detection of sensitive data in embedded images (the Enable OCR feature must be turned on).
  • Expanded detection of sensitive data in interactive form elements such as text or fill-in fields.
  • Improved detection of sensitive data in non-English characters (including, but not limited to, Turkish, Korean, and Arabic characters), whether in plain or stylized texts.
  • Enhanced scanning capabilities for encrypted PDF files.

These PDF scanning improvements in Enterprise Recon address the often unpredictable data structures of PDF files, ensuring a more comprehensive coverage in data discovery.

A Windows or Linux Agent is required to take advantage of these enhancements in ER2.

New Platform Integrations

Scan and Remediate the Latest macOS Version

NEW You can now scan and remediate macOS 15 (Sequoia) environments in Enterprise Recon 2.13.0. Scanning (local scanning, agentless scanning, and remote scanning via SSH), remediation, access control actions, data classification, and reporting features are supported for the newly supported operating system.

An Agent Upgrade is required to scan macOS Sequoia Targets.

Official Support for Azure File Share (SMB)

NEW SMB Azure file shares are now officially supported in Enterprise Recon 2.13.0 as a Network Storage Location.

To start scanning Azure file shares, see Network Storage Locations.

New and Improved Data Types

Detect Sensitive Medical Data

NEW In response to the rapid digital transformations of the medical industry and the increasing volume of medical data stored in digital systems, Enterprise Recon 2.13.0 introduces the new Drug Name data type, classified under the newly added Medical Data category.

The new Drug Name data type can detect (i) branded drug names registered in the US and the UK and (ii) generic drug names in the USAN, BAN, AAN, and WHO INN lists.

These enhancements are part of our ongoing efforts to expand discovery capabilities and align with industry standards.

Important Security Enhancements

Encryption and Security Updates for ER2 Master Server Appliance

This release of Enterprise Recon 2.13.0 includes updates on supported SSH ciphers, MACs, and key exchange algorithms, allowing for a stronger encryption and connection security to and from the Enterprise Recon appliance.

Impact

  • For newly installed appliance: This security enhancement is built into new installations of ER2 appliance using ISO installer version 2.13.0. No other actions required.
  • For existing appliance: If your Enterprise Recon appliance was installed using ISO installer version 2.12.1 or older, update the SSH configuration manually. Refer to Update SSH Configuration in Master Server Console.

Critical OS Security Updates for ER2 Master Server Appliance

Security updates for Oracle Linux 8, the base operating system of the ER2 appliance, is available in Enterprise Recon 2.13.0. These critical updates address recently identified vulnerabilities and improve system stability.

We recommend updating your Master Server to Enterprise Recon 2.13.0 to ensure your appliance remains secure and stable.

This update has no impact on users with Master Servers installed from RPM.

Important Module Updates

CRITICAL: Microsoft OneNote Re-authentication

Who needs to upgrade

All users who scan Microsoft OneNote Targets must upgrade to Enterprise Recon 2.13.0. Scanning OneNote locations is no longer possible in Enterprise Recon versions 2.12.1 and older.

If there are Microsoft OneNote locations included in your existing scan schedules (ongoing or not yet started), Enterprise Recon versions 2.12.1 and older will report them as inaccessible locations.

What are the changes in this release

The Microsoft OneNote Target in Enterprise Recon 2.12.1 and older uses the application permission tokens, which was recently deprecated by Microsoft.

In Enterprise Recon 2.13.0, the Microsoft OneNote module has been updated to use the more secure delegated permission tokens for authentication. This means that you will now be required to sign in with your Microsoft account to grant Enterprise Recon access to scan OneNote resources.

This is a critical upgrade and re-authentication requirement following Microsoft’s recent deprecation of authentication tokens with application permissions for Microsoft OneNote.

What needs to be done

To be able to scan Microsoft OneNote Targets:

  1. Upgrade the Master Server to the latest version. See Update ER2.
  2. Update Microsoft OneNote credential sets added in earlier versions of Enterprise Recon by performing re-authentication. See Re-authenticate Microsoft OneNote Credentials.
  3. Create new single-Agent scans for:
    • impacted Microsoft OneNote locations that were reported as inaccessible locations, and
    • existing scans with OneNote locations. Existing scans (ongoing or not yet started) that include OneNote locations may be interrupted even after re-authenticating. Creating new scans to replace the existing ones ensures that the scans transition to the new authentication method and run successfully.

Early Access

The Early Access stage allows Ground Labs to collect a round of usability and performance feedback before a feature is made generally available.

If you would like to request access to any of the Early Access features, please get in touch with the Ground Labs Support Team for assistance.

Early Access Features

  • Apache Hive - Enables sensitive data discovery on Apache Hive (and Cloudera Hive) database Targets.

Important Notes

CRITICAL: One Way Upgrade to Enterprise Recon 2.13.0

Certain data sets, storage formats and components for the Master Server have been updated in Enterprise Recon 2.13.0. Therefore once the Master Server is updated from Enterprise Recon 2.12.1 (and below) to ER 2.13.0, the datastore is not backward compatible and downgrading ER 2.13.0 to an earlier version is not supported.
Please contact the Ground Labs Support Team for assistance with upgrading the Master Server.

CRITICAL: End of Support for CentOS 7 Master Server

Master Server installations with CentOS 7 as the base operating system are no longer supported in Enterprise Recon 2.13.0. Consequently, upgrading a CentOS 7-based Master Server to version 2.13.0 through an online update is no longer possible.

If you have existing installations of CentOS 7-based Master Server, create a backup of your Master Server datastore and datastore configuration file, and migrate to Enterprise Recon on the new operating systems to continue receiving support for new features and product updates.

See How To Install the Master Server Appliance (from ISO) or How To Install the Master Server on RHEL 8 (from RPM).

End-of-Support Platforms and Features in Enterprise Recon 2.13.0

The following platforms and/or features have reached end of support in Enterprise Recon:

Upcoming End-of-Support Platforms and Features

The following platforms and/or features will reach end of support and be removed in the upcoming Enterprise Recon release:

Changelog

The Changelog is a complete list of all the changes in Enterprise Recon 2.13.0.

What’s New?

  • New Data Types
    • NEW Drug Name

  • New Platform Integrations

    • NEW macOS Sequoia 15

Enhancements

  • Improved Features:

    • Enterprise Recon 2.13.0 has been updated with clear messaging in the web UI and API beginning 30 days before the current ER2 license expires. With this change, users are now required to upload a new license to be able to continue accessing all Enterprise Recon web UI and API functionalities.
    • Enterprise Recon 2.13.0 has improved the scanning and detection of sensitive data in PDF files with plain text and stylized or obscure text, embedded images, interactive form elements (e.g., text and fill-in fields), and sensitive data in non-English characters (including, but not limited to, Turkish, Korean, and Arabic characters) in plain or stylized text. This update also brings enhanced scanning capabilities for encrypted PDF files.
    • You can now scan files and folders in Google Drive’s Shared drives.
    • The Oracle database module has been enhanced to fully support tables with primary or unique keys defined by two or more columns. This improves row coverage when scanning Oracle databases, addressing a previous limitation that could cause some rows to be skipped.
    • Updated compression libraries and other enhancements for increased application security.
    • Updated supported SSH ciphers, MACs, and key exchange algorithms for stronger encryption and connection security to and from the Enterprise Recon appliance. This enhancement is included only in new installations (using ISO version 2.13.0) of ER2 appliance. If you have an existing ER2 appliance (installed using ISO installer version 2.12.1 or older), update the SSH configuration manually (refer to Master Server Console).
    • Improved handling of HTTP-to-HTTPS redirection for increased connection security.
    • Agentless scanning in Enterprise Recon 2.13.0 has been optimized to support more concurrent scans with lower memory usage. This helps improve scanning efficiency, especially in environments with a large number of Targets that are not feasible for an Agent-based scanning approach.
    • Enterprise Recon 2.13.0 has an updated Microsoft OneNote module that uses the more secure delegated permission tokens for authentication. To continue scanning Microsoft OneNote Targets, (i) upgrade the Master Server to the latest version, (ii) update Microsoft OneNote credential sets by performing re-authentication (see Re-authenticate Microsoft OneNote Credentials), and (iii) create new single-Agent scans for impacted locations and existing scans with OneNote locations.
    • You can now scan Azure file shares (SMB) as a Network Storage Location.
    • Minor UI enhancements.

Bug Fixes

  • Scans for small files in Google Drive Targets took longer than expected for Google Workspace accounts with a large amount of data stored in Google Drive.
  • Only the first 1000 tables were probed and scanned for Azure Storage tables. For the fix to take effect, re-add and/or re-scan the impacted Azure table Target locations.
  • The sort function for the "Match" column on the Targets page was not working.
  • Scanning for both Personal Names (Austrian) and Personal Names (German) data types in a single scan resulted in an increased number of personal detail data matches.

Features That Require Agent Upgrades

Agents do not need to be upgraded along with the Master Server, unless you require the following features in Enterprise Recon 2.13.0:

  • You can now scan macOS Sequoia 15 Targets. Requires macOS Agents.

For a table of all features that require an Agent upgrade, see Agent Upgrade.

Ensuring we are delivering the best technology for our customers is a core value at Ground Labs. If you are interested in future early builds of Enterprise Recon with forthcoming features, please email your interest to product@groundlabs.com.