Sensitive Data Platform (SDP) Agent 13.4 Release Notes

Release: 13.4

Release Date: 4.30.2025

 

Enhancements

  1. Differential Scanning feature added.

    • This feature empowers SDP to scan only those files which have changed since the last scan was performed.

    • Supports hybrid, on-premise, and endpoint deployments

    • Unchanged files are skipped, drastically reducing scan time

    • Overall efficiency of SDP is greatly increased

    • More information: https://explore.spirion.com/data-discovery-class/differential-scanning

  2. Specific audit types re-implemented to listen for events in SDP (listed below). Audit log now includes the respective event name, name of the user taking the action, the timestamp and field/value that was updated.

  3. Default agent policy now reflects the intended polling interval as specified by the default policy for the agent. The value “Check for Policy Updates” is set to 30 seconds, by default.

  4. Redact Action card relabeled from “Apply to Entire Location” to “Redact All Matches in Location.” Tool tip provided for new label.

  5. Increased accuracy in processing Canadian SIN numbers during scans.

  6. Added support for manual execution of scripts when scanning cloud targets

  7. Windows Server 2025 is now supported by SDP

  8. Last login time of a user account is stored in the database for tracking purposes.

  9. Windows Server 2025 machines have been validated for use as SDM consoles and as agents connected to either SDM console or SDP

  10. SharePoint Online file created and modified dates are now included in scan search results, can be used in playbook decision logic, and can be referenced in custom reports.

  11. Google Drive created/modified timestamps are now included in scan search results, can be used in playbook decision logic, and can be referenced in custom reports.

 

Bug Fixes

  1. Greyhound Agents (testing v13.3.0.3296) repeatedly requests new Microsoft access tokens after every OneDrive file location (item ID) search job consumed from the job queue, instead of reusing an existing token or refreshing it with the refresh token.

  2. Error when searching files and/or folders that contain an accent in the name and ultimately the scan completes as Done, With Results, Errors / Done, Errors, No Results

  3. Resolved an error where some agent versions were unable to scan Bitbucket with SDP

  4. When searching Google Drive, files located directly in Shared Drives are searched but NOT the files contained in folders in Shared Drives.

  5. Corrected an error/crash when running a detached (not connected to a console) scan via Windows agent v13.x through the Agent GUI.

  6. Solved an issue where scans of Snowflake databases with more than 10,000 tables fail.

  7. Solved an issue which occurred during a distributed scan, where search parts were being distributed to each agent during discovery analysis, which resulted in scans failing or being canceled in some scenarios.

  8. Reimplemented fix for intermittent Gmail distributed scan error under certain conditions (AL-30964)

  9. Resolved issue in which manual remediations of Amazon S3 locations fail due to missing access tokens.

  10. Resolved issue in which adding a "RabbitMQ Base Installation Path" in the MSI Builder and installing with the MSI causes a File Name Warning when spaces are in the path.

  11. Resolved an issue in which multiple endpoints are shown for each location searched.

  12. Resolved an issue in which previews are not displayed for database scan results.

  13. Removed errant OneDrive debugging log message.

  14. Resolved issue in which target id = 0 for SharePoint source.

  15. Resolved issue where SharePoint scan results show a single target scanned instead of the actual multiple targets (shown with their respective results).

  16. Erlang updated to newer version to resolve known vulnerability.

 

Known Issues

  1. Differential Scan - Gmail doesn’t catch all the skipped files

  2. Differential Scan - Exchange On-Premise is not supported

  3. Differential Scan - Gmail SharePoint zips are not supported

  4. Differential Scan - Search History does not always reset if scans are run back-to-back

  5. Differential Scan - When scanning, once search history is captured, a user must login with the same admin credentials from then on to ensure accurate and consistent search history, as search history is specific to each admin user. This affects both Exchange Online and OneDrive

  6. Differential Scan - Zip/compressed files in SharePoint are not marked to be skipped, even when previously scanned

  7. Differential Scan - Search History does not always reset if scans are run back-to-back

  8. When scanning SharePoint and rate limitations occur, those files are rescanned on the next pass