OneTrust
- $300 – $6,500 per vulnerability
New Version Released!
Summary
Happy Monday, Researchers! OneTrust has released its latest version, which has provided new features to our solution for you to review and test. We have provided a list of new features that have been added along with the respective modules.
New Features
Consent and Preference Management
Automatically Add Geolocation for OneTrust Hosted & Embedded Web Form Collection Points
Automatically populate a data subject’s geolocation using the Enable geolocation tracking for this collection point setting on the Settings tab of OneTrust Hosted Web Form Collection Points and OneTrust Embedded Web Form Collection Points. When geolocation tracking is enabled for both a purpose and the Collection Point, then the geolocation will be populated by default. When geolocation tracking is disabled for a purpose but enabled for the Collection Point, then users will have the option to enable geolocation services per purpose on the Collection Point.
Phone Number Validation
Values entered for Phone Number data element types are now validated when interacting with OneTrust Hosted Web Form Collection Points. This enhancement requires a valid phone number to be entered in order for a data subject to change their preferences.
New Parameter for Interaction Date Validation
The example payload on the Integrations tab for Custom API type Collection Points now includes the new enableDataElementDateValidation parameter to allow interaction date validation for data element updates. When the parameter value is set to true, data elements will retain the value of the receipt with the latest interaction date. When the parameter value is set to false or not included, data element values will get overwritten with the value of the most recent receipt, regardless of the associated interaction date (legacy behavior).
Data Catalog
Seeded Data Policies
Utilize seeded data policies to conduct common use cases. These out-of-the-box options include automation rules with recommended conditions and actions so data governance users can return results, automate decisions, and take action concerning security violations and public access risks.
- Sensitive Files with Public Access
- Security Violations
- Amazon S3 Bucket(s) with Public Access
ROT Classification Tags
Scan data assets with the new Redundant, Obsolete, or Trivial (ROT) classification tag to identify irrelevant data. This tag type promotes data minimization practices so data is only collected for specific purposes and retained as long as only necessary.
Data Mapping
Personal Data Grid
Link personal data to inventory records using the new personal data grid. This feature enhances personal data linking by enabling you to visualize data subject types and data elements in a grid format when linking them to an inventory record.
Incident Management
Incident Detail Inheritance
Configure a relationship between an incident question and inventory or data element questions to automatically populate data elements and inventories on a newly created incident. With this enhancement, all data elements and inventories added to an assessment will populate details on the incident record.
Third-Party Risk Management
Related Data Elements on Engagements
Manage related data elements at the engagement level using the new Personal Data tab on the Engagement Overview screen. This feature allows users to easily view and edit the Personal Data Elements linked to an engagement.
Assessment Score Template Update
Create risks within vendor assessments using the assessment score profile as a condition on the Template Details screen. This feature allows users to configure template rules that create risks in templates managed within the Third-Party Risk Management module.
Reorder Attribute Options
Reorder engagement attribute options using the new Reorder Options button on the Attribute Details screen. With this enhancement, users can configure the order in which the attribute options appear in the engagement details and assessments.
New Automation Rule Conditions
Configure engagement and inventory automation rules using the new Assessment Score Profile – By Template condition. This enhancement allows users to configure automation rules to trigger actions based on score profiles.
Name | URL |
---|---|
OneTrust | https://bugcrowd.com/programs/onetrust |
If you have any questions, please reach out to support@bugcrowd.com.