Category: updates

Protecting MantisHub users from Meltdown and Spectre Vulnerabilities

IMPORTANT NOTE: MantisHub services are patched for wide-spread security threats Meltdown and Spectre. Action Required:- Users need to update their browsers and install latest updates for their operating systems. Read on for details…

Security of cloud information is always at the forefront of any SaaS provider and long gone are the days when security was treated lightly. MantisHub prides itself on our high-security rating and we’ve addressed many security queries and concerns of our customers. Many of the security measures we have in place are listed in our KB article here. As well as providing secure infrastructure with SSL, data encryption at rest and data isolation, our team stays on top of all the latest threats, taking precautions needed to ensure the safety of your data and your service.

The Latest threats?  – Meltdown and Spectre

With the new year came reports of 2 major hardware vulnerabilities affecting a large number of modern computer processors. Including some variants of Intel, AMD and ARM processors used in personal computers, mobile devices, tablets and servers. These vulnerabilities, named Meltdown and Spectre, can potentially be exploited by hackers to access unauthorized data. It is a weakness in the hardware barrier between applications and could allow processes within one piece of installed software to access stored data of other software in the system.

The threat was reported by Googles Project Zero on Jan 3rd. It was also published in pdf by independent researchers here for Meltdown and Spectre.

What are we doing?

MantisHub primarily uses Amazon Web Services infrastructure and all security patches and updates protecting against the vulnerability have been deployed. We are also working with our other vendors and providers to ensure steps are taken to mitigate any risk to systems. MantisHub is continuing to keep across any new developments and update requirements so you can be assured that we’re doing what’s needed to make your data safe.

What can you do?

As this vulnerability is wide-spread you need to take steps to ensure all your devices have the latest updates. PC, Macs, Smartphones & tablet operating systems should all be updated and continue to check for updates regularly as some patches are still in development.  Additionally, make sure that all browsers receive the latest updates. Check out updates already available for Mozilla Firefox and MS Edge. Safari has an update “coming soon” and Chrome were due to provide version 64 on Jan 23rd but in the interim, you should follow these instructions to enable site isolation to protect against the threat and be sure to upgrade once version 64 comes out.

You can keep across any updates by following us on twitter and don’t forget to check in on our blog regularly.

Tag, you’re it!

 

tag-youre-it

 

MantisHub have now rolled out some updated to our tags feature. Some of which our customers have asked for!

Tags are useful as another way to categorize your issues and with our latest update now you can:

Add a tag to your issue when reporting it.

  • Instead of going into your issue after creation to add a tag, we’ve now added it to the report an issue page so you can simply attach it at the time of creation

tags_reporting

Tags can be added to your columns on view/print issue pages.

  • tags is now an option when you manage your columns so you can now add it to the fields in your issue that is displayed in the View Issues or Print Issues pages.

tags_viewissue

Export Tags via CSV and Excel.

  • since tags are now an option when managing your columns, you can now include these fields in you Excel and CSV exports.

Tags information included in email notifications

  • If you’ve set a tag in your issue it will now appear in your email notifications so everyone is up to date.

Check out our knowledge base for more information on using tags.

Now go ahead and play around with it. Tag! You’re it!

 

December ’15 updates

In December we rolled out a bunch of new updates including:

  • Using API Tokens to access MantisHub for enabling generation of tokens to be used by services and apps to connect to MantisHub without sharing user’s passwords.
  • Understanding Email Notifications via EventLog Plugin – often actual email notifications are different from administrators expectations due to MantisHub config or user preferences.  Installing this plugin helps administrators figure out the reason why users get or don’t get notified about a change.
  • Support for issue notes as a column that can be selected via Manage Columns.  The typical usage would be to export issue notes to CSV or Excel.
  • Support for exporting billing information to CSV or Excel, providing users with the ability to edit the information in Excel before sending to clients.
  • Custom field “required on resolve” wasn’t being enforced.
  • Disallow deletion / disabling of last administrator to make sure administrators can’t lock themselves out.
  • Fix for email notifications on update where email notifications on issue updates were not triggered when email notification configurations were overriden.
  • MantisTouch was updated with several fixes and improvements.

We would like to take this opportunity to wish all our users a Happy new year.  Best wishes for 2016.