Skip to main content
Skip table of contents

Release Notes

Introduction 

This release notes offer brief, high-level descriptions of the new features of HaloSHARE. We recommend looking through these release notes before installing HaloSHARE to understand any current limitations or bugs that apply to this version of the software. 

Product Description

Secude's HaloSHARE streamlines and secures your internal and external business operations by simplifying bulk file management with classification, labeling, encryption, and digital watermarking. HaloSHARE extends Microsoft Purview Information Protection (MPIP) to CAD, MS Office files, and non-office formats, such as text and PDF files stored in shared folders, encrypting sensitive data with customizable sensitivity labels that can be tracked, revoked, and set to expire.

System Requirements

The following system requirements table specifies the minimum and recommended technical specifications, such as software and network resources, necessary to run the product.

Components

Details

Operating System

  1. Supported in Microsoft Windows Server 2022 and above. Note: HaloSHARE can also run on a Windows client machine, but it is recommended to run it on a server system.

  2. Requires .NET Framework 4.6.2 and above.

  3. Latest Windows system updates installed.

MPIP Label protection-specific requirements

Office 365 Subscription

  1. An Azure subscription is required to use Azure RMS and the MPIP functionality.

  2. A working Microsoft Entra ID service must be available.  

  3. Microsoft Purview Information Protection must be fully configured.

  4. HaloSHARE creates an outbound network communication with Microsoft Azure Services.

  5. TLS 1.2 or higher must be enabled to ensure the use of cryptographically secure protocols.

  6. Register an application to get the Application (client) ID and Tenant ID in the Azure portal.

  7. Refer to the below table “Recommended URLs, Addresses, and Ports for MPIP” to know about the service endpoints.

Supported file types

  1. File types that will be included when adding asterisk symbol (*) are .dwg, .dxf, .ipt, .iam, .idw, .ipn, .rvt, .rfa, .prt, .asm, .drw, .frm, .mfg, .sec, .lay, .par, .dft, .eps, .emn, .emp, .psm, .jt, .sldprt, .sldasm, .slddrw, .slddrt, .dgn, .step, .ige, .iges, .neu, .log, .3dm, .3ds, .acis, .amf, .catpart, .catproduct, .cgr, .dae, .dwf, .easm, .fcstd, .g, .gcode, .gltf, .glb, .icd, .igs, .iv, .model, .obj, .pic, .plmxml, .sat, .smt, .stl, .stp, .ste, .stpz, .tcw, .u3d, .unv, .usdz, .vda, .pvz, .qif, .wrl, .x_b, .x_t, .xaml, .z3, and .zip.

  2. Creo file formats with iteration: .prt, .asm, .sec, .frm, .drw, .lay, .cem, .mfg, .neu, .log, and .pvz.

  3. Microsoft Office and non-office file formats.

Watermark specific requirements

Files supported for watermarking

.pdf, .docx, .xlsx, .pptx, .dwg, .rvt, and .ifc.

Supported CAD application for watermark

  1. AutoCAD 2023, 2024, 2025

  2. Revit 2023, 2024, 2025

Application for viewing protected and watermarked files

  1. HaloCAD Add-on for CAD application.

  2. To view metadata in a Revit application, you need to install the RevitLookup tool.

Requirements

Recommended URLs, Addresses, and Ports for MPIP

MIP SDK doesn't support the use of authenticated proxies. So, make sure you set the Microsoft 365 service endpoints to bypass the proxy. View a list of endpoints at Microsoft Online Documentation. However, Microsoft recommends the following:

Addresses

Ports

*.protection.outlook.com

40.92.0.0/15, 40.107.0.0/16, 52.100.0.0/14, 52.238.78.88/32, 104.47.0.0/17, 2a01:111:f403::/48 

TCP 443

*.aadrm.com, *.azurerms.com, *.informationprotection.azure.com, ecn.dev.virtualearth.net, informationprotection.hosting.portal.azure.net,*.office.com (add substrate.office.com if you don't want to add all sub-domains), crl3.digicert.com, crl4.digicert.com.

TCP 443, 80

For event logging

*.events.data.microsoft.com

TCP 443

National Cloud

Microsoft Entra ID authentication endpoint

Microsoft Entra ID for the US Government

https://login.microsoftonline.us

Microsoft Entra ID (global service)

https://login.microsoftonline.com

Recommended endpoints

Secude License Manager

To communicate with Secude License Manager, the following URL and port must be whitelisted in the customer's proxy:

Address

Port

License API - api.licensespring.com

TCP 443

Recommended license manager endpoint

Code Quality and Security

Secude focuses on software quality and security. This is accomplished by adhering to and exceeding best practices in development, testing, and quality control. Secude has chosen SonarQube as the first building block for building and implementing a robust continuous code quality assurance (QA). SonarQube is a platform for statical code analysis for continuous inspection of code quality. It performs automatic reviews of code to detect bugs, code smells, unit test coverage, and security issues in 29 programming languages.

SonarQube is utilized throughout the development process at Secude and only the highest marks are accepted for a product to be released. It helps to regulate code quality from the beginning of development, find and repair issues promptly, and improve overall software stability.

Each build report can be found under its relevant version heading in this release notes.

Reliability Rating 

  • A = 0 Bugs

  • B = at least 1 Minor Bug

  • C = at least 1 Major Bug

  • D = at least 1 Critical Bug

  • E = at least 1 Blocker Bug

Security Rating

  • A = 0 Vulnerabilities

  • B = at least 1 Minor Vulnerability

  • C = at least 1 Major Vulnerability

  • D = at least 1 Critical Vulnerability

  • E = at least 1 Blocker Vulnerability

Security Review Rating 

The Security Review Rating is a letter grade based on the percentage of Reviewed (Fixed or Safe) Security Hotspots.

  • A = >= 80%

  • B = >= 70% and <80%

  • C = >= 50% and <70%

  • D = >= 30% and <50%

  • E = < 30%

Maintainability Rating 

A=0-0.05, B=0.06-0.1, C=0.11-0.20, D=0.21-0.5, E=0.51-1

The Maintainability Rating scale can be alternately stated by saying that if the outstanding remediation cost is:

  • <=5% of the time that has already gone into the application, the rating is A

  • between 6 to 10% the rating is a B

  • between 11 to 20% the rating is a C

  • between 21 to 50% the rating is a D

  • anything over 50% is an E

Build 3.0

New Features

This section highlights the new features in the current release.

  1. Support for watermarking sensitive files has been added, ensuring that documents in Microsoft Office and PDF are uniquely marked, providing enhanced security and ownership recognition that can be customized to your needs.

  2. Supports adding custom properties to improve file security and contextual awareness.

  3. Sign the document seamlessly in the background while keeping the custom properties and watermark intact.

  4. Support for watermarking CAD files such as DWG, RVT, and IFC. HSHARE-185, HSHARE-224

  5. Support for 3D DWG files with watermarks. HSHARE-222

Limitation

This section lists the limitations of the current release.

  1. A digitally signed PDF cannot be encrypted. This is due to the limitation that the MIP SDK does not support a signed PDF for encryption. Thus, HaloSHARE applies watermark visuals to a file when it is no longer eligible for encryption via the MIP SDK. HSHARE-285

  2. HaloSHARE cannot watermark any file type that is password-protected. For example, an XLSX worksheet with a protected sheet or a PDF is password-protected.

  3. By default, HaloSHARE-watermarked text appears diagonally on a file, however, the Revit application does not allow diagonal watermarking, therefore, the watermark is displayed horizontally.

  4. HaloSHARE supports watermarking in CAD applications; however, as CAD applications do not have a built-in watermark feature, the watermark text will only be visible when a CAD add-on like HaloCAD is used. In this case, we recommend installing the HaloCAD Add-on on a separate system that is not running HaloSHARE. HSHARE-293

  5. Many enterprises enforce a Group Policy Objects (GPO) that requires all outbound internet traffic routed through a proxy server. These proxy settings need to be used by both the MIP SDK and the MSAL library for MPIP authentication and functionalities. To use proxy settings for the MSAL library, we need to set the msal_proxy_address in HKEY_LOCAL_MACHINE\SOFTWARE\Secude\HaloSHARE.
    If the above does not work for service-running users, in such cases, set the registry keys ProxyServer and ProxyEnable in HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings. For more information, refer to the Proxy Configuration section of the Installation and Configuration Manual. HSHARE-307

Fixed Issues

There are no major issues resolved in the current release to list.

Known Issues

There are no known issues to list.

Quality Gate Report

Please see the table below for a list of SonarQube's key parameters for this version. Refer to the "Code Quality and Security" section for more information on rating definitions.

Metric

Value

Coverage

81.4%

Maintainability Rating

A

Reliability Rating

A

Security Hotspots Reviewed

A

Security Rating

A

Quality Gate report

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close