We’re excited to announce our latest feature updates, enhancements, and tips. If you missed our Q3 Product Update webinar featuring our newest AI tools, be sure to check out the on-demand recording here as well as the release notes from our previous months.
October Release Highlights
Whistic Profile
Share your NDAs directly from Whistic
- One less step: Maintain your NDAs in DocuSign and easily share them from your Whistic Profile.
- Increased visibility: Enhanced reporting lets you view the NDA source and acceptance date using the Whistic-Salesforce integration (package upgrade required)
- Easier experience for your Profile viewers: Automatically bypass the NDA if it has already been signed via DocuSign (some restrictions apply)
- Fast and easy setup takes less than 5 minutes - learn more here!
Increase Profile Adoption with Selective Public Documentation
- Instantly build trust with your prospects and customers! Do you share using Trust Center/Public Profile? Your Profile viewers can immediately access your preferred documents without registering first.
- You stay in control! Provide ungated access to commonly available documents (such as security/privacy whitepapers, SOC 3 reports, InfoSec policies, FAQ, etc.) to provide immediate visibility into your security posture and a more streamlined experience.
- Learn more: Manage Document Access.
Updated User Permission ‘Knowledge Base / AI’ Gives You More Control
- The ‘Knowledge Base/AI’ setting allows organizations to enable non-Whistic Admins to search Knowledge Base or use Smart Response (beta) without giving those users the ability to access or change anything else in Whistic.
- Learn more here.
Whistic Assess
Issue Management Enhancement: Attach documents directly to your tickets!
- Now your internal users and your vendors/assignees can attach documents to your Issue tickets for a more streamlined experience.
- Easily gather necessary documents in your vendor details repository for faster assessment remediation–with just a click.
- Learn more here.
Whistic Platform
In case you missed it - Send Whistic Assess or Profile emails from your own company domain for improved response rates and faster assessments.
- Send from Domain is now available: Your Whistic Profile notifications and reminder emails can now come from your own company email domain, such as security@yourcompany.com.
- Your vendors and customers will also be able to reply to your address if they have questions, further reducing the amount of time it takes to do the evaluation.
- Learn more here and contact your CSM to get started.
Content
| CAIQ Lite 4.0 | Standard Questionnaire—CAIQ-Lite is a shortened version of the CAIQ questionnaire meant to simplify and streamline vendor evaluation using a subset of the controls in CCM version 4. Update to the CAIQ Lite 3.0 (2019) |
| Energy Sector Supply Chain Risk | Standard Questionnaire—This comprehensive questionnaire is designed for use by energy utilities and grid operators when assessing vendors and suppliers. It aims to identify potential vulnerabilities that could undermine security. |
| Supply Chain Risk Management | Standard Questionnaire—Cybersecurity and Infrastructure Security Agency (CISA) has developed a Vendor Supply Chain Risk Management Template. |
| Curl & Libcurl Vulnerability | Curl is a ubiquitous tool for transferring data via command line and scripts. Many common applications use curl and its close relative libcurl, and as a result these vulnerabilities could have widespread implications for individuals and organizations of all sizes and industries across the world. Read the blog |
| HTTP/2 Rapid Reset Vulnerability | HTTP/2 is a ubiquitous networking protocol for transferring data between countless online services and consumers. Many common applications use HTTP/2 for performance improvements over previous versions, and as a result this vulnerability could have widespread implications for individuals and organizations of all sizes and industries across the world. Read the blog |
| WS_FTP Server Vulnerability | WS_FTP Server is a ubiquitous tool for transferring files securely within an organization. Many organizations of all sizes and industries use this technology, and as a result these vulnerabilities could have widespread implications. Read the blog |
| Mapping CAIQ Lite 4.0 →Top 5 and WCF | Mapping allows the new version of this Questionnaire to populate top Standards like SIG, VSA, CAIQ 4.0 and the Assurance Center (Whistic Control Framework) |
Resource Alert: How-To Videos
Check out our How-To Video Series available in the Help Center library where Whistic’s own experts show you how to get the most out of your platform.
Video Spotlight: Issue Management
Get up and running fast with this short, informative walk-through on how to create an issue, how to assign an issue, and how to manage issues. Watch it today!