Skip to content

dbACE - Cybersecurity, Compliance and
Audit Management Platform

Release Notes

Explore the updates and developments to our dbACE platform

  • We have added the Federal Trade Commission’s Standards for Safeguarding Customer Information (FTC Safeguards Rule) to our library of assessments. It ensures that entities covered by the rule maintain the required safeguards to protect and secure customer information. 
  • We have added the Higher Education Community Vendor Assessment Toolkit (HECVAT) to our library. It is designed to measure vendor risk and is to be submitted by solution providers to education institutions while discussing their products. It has confirms that data and cybersecurity policies are in place to securely manage sensitive information including Personally Identifiable Information (PII).
  • We have added a new capability to search and sort uploaded file attachments for all controls
  • The updated Assessment Report Format is now more user-friendly, with a focus on a clear summary, easy-to-read charts, and actionable plans
  • We have added the Gramm-Leach-Bliley Act (GLBA) assessment to our library. It is a United States federal law that requires financial institutions to protect the security and privacy of consumers’ personal information. It also requires financial institutions to provide customers with a privacy notice that explains their information-sharing practices.
  • Assessment evidence attachments can now be directly integrated with Google Drive
  • The assessment report template has been enhanced with added formatting for improved readability, lists, and charts
  •  Uploaded assessment files can be sorted and organized to associate with specific controls for assessments
  • Personnel who manage the assessment on dbACE can assign restricted privileges to others who have access to the assessment. They can ensure that some users only have rights to upload the evidence required to prove compliance with controls, without making any other changes to the assessment
  • We have more granular level tracking of user activities on dbACE
  • We have made additional enhancements to the word version of the report format
  • Our HIPAA assessment has a description of the exact evidence required to prove compliance with HIPAA benchmarks
  • There is granular level access for platform users to upload only control specific evidence/supporting documentation for all assessments
  • The final testing of our GovCloud is underway. We are on schedule to launch it at the end of Q1.
  • An option to restrict downloading of attachments and evidence is underway. It is expected to be completed by the end of Q1. This is an additional security measure which will disallow auditors from storing your evidence documents on their devices. They will only be able to view the evidence.
  •  
  • We offer a new drop-down menu called ‘Policies & Procedures’ to access our policies template.
  • You can now sign up for a free trial with just a business email ID
  • The MS Word version of the final report has been updated with new formatting and better look and feel
  • Assessment Reports to have updated sections based on the requirements of internal/external auditors
  • Assessment libraries have a self-reference function for easy evidence reviews/download in the document section 
  • The AWS GovCloud version of dbACE admin for federal assessments will be available for our customers by the first quarter of 2023
  • ​Our assessments have cross control reference mappings from NIST/ISO/SOC2
  • The AWS GovCloud version of dbACE admin for federal assessments will be available for our customers by end of Oct’
  • Policy libraries for all major areas are available in our document center
  •  
  • PDPA: Clients will now be able to purchase an assessment to confirm their compliance with the Personal Data Protection Act applicable in Thailand
  • CMMC: Our AWS GovCloud offering for CMMC Assessments will be available from  October 2022
  • Clients will now be able to download the action plan after completing an assessment, from the main menu itself instead of going to the end of the assessment
  • We now offer an enhanced references feature where we have mapped the connection between a question and regulatory requirement it originates from
  • We have begun research and design for our dedicated AWS GovCloud to ensure CMMC/DOD compliance. We expect to release it in Q3 of 2022
  • You now have the option to create custom, reusable tags for questions and filter questions based on your tags. This will help you to mark certain questions that you want to discuss with your suppliers, MSP or other vendors. 
  • We have upgraded our platform to the latest Django and PHP version to make it more secure
  • Our portal can now be accessed through a new link : https://dbace.databrackets.com/
  • Creation of a new Reference model: Customers can make use of the reference text section in the question as a tag for sorting the document attachments
    •  
  • A new feature has been introduced in the Action Plan section. There is a data-picker that shows a calendar box for both the Start Date and End Date.
  • The report features a new section titled ‘Findings / Observations’. This makes it easier for the customer to identify the conclusions of the assessments / audits and go through the corrective actions initiated. The report can be downloaded in an excel format.
  • The dbACE platform is now integrated with JIRA. This feature allows clients to sync their action plans / tasks from the platform to the JIRA cloud platform as tickets and empowers them to track the progress.
    •  
  • The Site Creation capabilities for Organization Members have been restricted
  • Strengthened security posture through OS version upgrades and application module upgrades
  • Uploaded/attached files for the corresponding controls in assessments can be tagged for categorizing the files under specific controls and organizing them when downloading from the document center
  • The “Assign Task” option in the Question Page on the Portal has been upgraded. Inactive accounts will no longer be visible in the drop-down menu. Customers can assign tasks only to active accounts only
  • Customers can ‘Customize their Report’ by selecting all the Report-related features presented with a single click or choose a component of their choice individually
  • New libraries have been added: 800-53 Revision 5, ITAR Compliance Assessment
  • Action plans items generated during the assessments can be integrated with ticket management systems, including Jira, ServiceNow, etc., along with a framework for third-party integrations
  • The “Report” functionality is updated with features to include the comments and exchanges captured during the course of the audit. The Report can be downloaded in multiple formats, namely pdf, Word, and Excel
  • Framework for third-party integrations – a menu option created for users to enable specific integrations (e.g., service now, Jira) and collect required inputs necessary for integration
  • The customer can now edit the Executive Summary in their Audit Report. This customization will enable the customer to prepare their own Executive Summary
  • Assessment scores based on industry benchmark is available. Average scores for the corresponding topics, anonymized, will be provided along with customer assessment scores to compare the performance with peers
  • The “Star” feature is enhanced in the Questions intuitive enough to help customers quickly access the ‘starred’ questions whenever they wish to revisit
  • The customer portal now allows users to download reports with targets even if they don’t specify them
  • Customers can delete an uploaded file to the portal, removing association to any other question/action plan
  • Question wizard modifications were made to view all questions and highlight the selected Question
  • A scoring system was created for the Sub-Report
  • Captcha for validation of account creation was created to confirm the user is real or a bot
  • Customers can use the third-party integrations` with Servicenow, Jira, for creating tickets
  • Customers can now view ALL THE QUESTIONS with just a click and understand the action plan for every question
  • Customers can customize the reports based on selected ‘references’
  • Users can generate multiple reports and sub-reports cross-referencing specific topics or titles of interest
  • Users can Modify metrics calculations for reports based on reference filtering
  • Users can view all the Action plans and Questions according to their selection
  • Option to customize/edit Executive Summary
  • Option to generate Multiple reports generation from the same assessment
  • Option for the Users to view all the Questions and Action Plans for the selected module
  • Enhanced shopping cart functionalities including new subscription plan additions and easy navigation
  • Multi-Factor Authentication(MFA) enabled for all user accounts under the profile section
  • Ability to export action plans into excel spreadsheet
  • Collapsible section for Training Modules, Additional Assessments, and Vendor Assessments. This makes it easy for the user to navigate and spot the preferred module. The User Account Information option is expanded by default
  • Customers can download the assessment as soon as it is assigned to fill and enter their information back manually (offline). This feature is available in the assessment section of the home page with a download icon option
  • Free Trial Subscription is hassle-free as the glitch that prevented a user from signing more modules after log-in has been resolved
  • Customers can view the “last update time and date” for a particular question during an assessment. This navigational improvement helps in confirmation of addressing the corresponding control/question
  • General user interface enhancements for the entire portal
  • User can navigate to the questions directly without navigating through respective modules
  • Risk category to include Critical along with High, Medium and Low
  • All users can enable two-factor authentication from their profile option
  • Partners can build their own custom assessment on various topics
  • Files uploaded once can be shared for multiple assessments
  • All the stored files/evidences are migrated to secure AWS S3
  • You can download word version of the reports now
  • Cross mapping of documents to multiple assessments
  • Add notes to initial scoping/summary modules to update Statement of Applicability (SoA)
  • DoD NIST SP 800-171 Scoring Methodology
  • DoD Assessment Score Methodology Incorporated in databracket’s 800-171 Report
  • Custom Assessment Options Available for All Our Customers
  • We are very excited to introduce “Share Artifacts” feature to securely share your security, compliance and framework postures with your customers and partners
  • We are very excited to make CIS benchmarks for cloud topics available on our databrackets assessment libraries
  • Completely redesigned databrackets platform from ground up with newer features and better navigation to get your business in compliant
  • We have introduced new interface for our assessment engine. We are excited to announce that our dashboard redesign is scheduled to be released around the first week of February
  • Virtual Security and Compliance officers checklist and task items have been added to our libraries
  • databrackets next-generation user interface design being rolled out to all our US partners
  • Releasing Penetration Testing services to its customers
  • Cybersecurity awareness training available for all our global customers to purchase
  • SOC 1 (Service Organization Controls) assessment report available for all our customers
  • databrackets next-generation user interface design being rolled out to all our US partners
  • Cybersecurity awareness training available for all our global customers to purchase
  • databrackets has added new features to manage organization members, share assessments and add participating members
  • databrackets training platform now has the ability to upload users’ email addresses to track the completion status
  • Addition of AWWA Cyber Security – Cybersecurity is the top threat facing business and critical infrastructure in the United States, according to reports and testimony from the Director of National Intelligence, the Federal Bureau of Investigation and the Department of Homeland Security. All water systems should act to examine cybersecurity vulnerabilities and develop a cybersecurity risk management program
  • Also, Training only options now available for customers with customization capabilities
  • We are continuously making changes to our portal platform. We have recently updated our platform to notify all our customers the status of their assessment summary via e-mail on a monthly basis
  • Also, we are now providing an option to purchase customizable training only options. If you have any product feedback please do email us at info@databrackets.com