PCI DSS in closed beta
We are happy to announce a closed beta release of PCI DSS scanning and reporting capabilities. PCI DSS is an important part of our offering and a key feature for many of our customers that are managing credit card data for their end-users. This new release will allow you to scan your infrastructure and the cardholder data environment (CDE), identify PCI DSS required information points and generate reports to comply with the PCI DSS framework.
The availability of this feature is limited and we are currently opening it up for a limited number of customers that are ready to try an early version of it and provide feedback back to us.
We are aiming to continue improve this feature and perform a few iterations of it before it reaches General Availability (GA).
Please send an email to our support in case you are interested to participate in the beta program.
Platform API now supports asset management
The platform REST API now have support for asset management. This includes everything from adding asset tags to create web app and network assets.
The availability of asset management opens up for several use cases such as:
- Automating the import of existing asset information from your virtual server environment and similar solutions.
- Bulk editing of asset tags.
- Exporting information about assets.
Enhanced diagnostics and NTP support in Scanner Appliance
Scanner Appliance have now a set of improvements based on customer input. These improvements will make it easier to troubleshoot and understand the operating state of a Scanner Appliance.
- Monitor communication looking at ports and access to vital endpoints.
- Run self-diagnostics which will trigger a set of tests that will be performed to understand if it has everything required to work properly.
- Configuring NTP servers is now available to utilize internal NTP servers for time syncing.
More detailed information about scans
You can now review all settings that was used for a scan by click edit on the scan in the list. E.g. here you will see used scan profile, scanner (cloud scanner or Scanner Appliance), targeted assets, tags and more.
Custom URLs for white labeling
Partners using the white label functions can now select a custom target URL for log out functions (e.g by session time out). This is done in the Organizer account under the appearance settings.
Improved REST API scannings
There have been several improvements made for the interpretation of the OpenAPI specifications when scanning REST APIs in the Web Application Scanning. This should result in a more stable scanning and less errors when scanning different kind of REST APIs using the OpenAPI v2 specification.
- Fixed user interface issues in Vulnerability Manager.
- Fixed an issue when filtering using HID in Vulnerability Manager.
- Fixed an issue with ticket creation under Remediation.
- Improved error messages when creating web application assets.