New Features
New Rule: Firewall Script Rule (S-FirewallScript)
Improve script-related security with firewall recommendations. This rule, inspired by Steen Poulsen, helps you create a robust defense against script-based threats.
New Rule: Terminal Services GPO Rule (S-TerminalServicesGPO)
Enhance remote session security with RDP timeout configurations. Another suggestion from Steen Poulsen, this rule helps reduce exposure risks during remote access.
Major Enhancements
Improved Rule Outputs
Eight rules (S-DesEnabled, S-PwdNotRequired, S-PwdNeverExpires, P-Delegated, A-PreWin2000Other, S-PrimaryGroup, P-ServiceDomainAdmin, and A-AdminSDHolder) now display details directly within the rule if fewer than 100 matches are found. This enables Pro and Enterprise users to quickly address exceptions and create actionable plans, saving time and effort.
Refined RPC Coerce Testing
The tool now automatically ignores RPC coerce tests when the scanning computer is the Domain Controller itself, reducing false positives.
Handling of Edge Case for S-ADRegistration
The rule now accurately detects and processes scenarios where msds-MachineAccountQuota is unset.
UI Update
PingCastle logo replaced with ‘PingCastle by Netwrix’
Technology Upgrades
- Updated to ASP.NET – Upgraded to ASP.NET 8.0 (required upgrade due to ASP.NET 6.0 EOL), delivering improved performance and enhanced security features.
- .NET Framework Upgrade – Upgraded to .NET Framework version 4.7.2, ensuring compatibility with modern environments and improving performance.
- NuGet Package Updates – Key NuGet packages have been updated to enhance both security and overall performance.
Security Improvements
Information on the security content of this release can be found here.
Process Changes
Updated Bug Reporting – The “Submit a bug” page has been removed and replaced with direct links to the Netwrix Support Portal, offering a streamlined experience for reporting issues and receiving
support.
Bug Fixes
See the PingCastle v3.3 Bug Fix List for a list of bugs fixed in this version.