Release notes 2019-10-07

New features

Security Center optimizations

We have spent a lot of time speeding up the user experience in several of our views in Security Center. Some views have gained speed 2-4 times, which gives a smoother experience when logging in and navigating in Security Center.

The major areas with improved performance are the ones making use of asset listing.

We will continue improve performance in more views in Security Center.

Platform API optimizations 

Improved performance when fetching scan results data from using the API.

The endpoints that exposes the scan result summary have now received optimizations that improves the fetching of result and makes it much faster to utilize the API from a client perspective. 

Platform API examples

To make it easier to get started with the Platform API we have created a working script example that will allow anyone to fetch results from the API over a specific time period. It works for both web and network scan results and comes with a set of options to make the result extraction easy.

Use cases where this script could come handy: 

  • Export scan results for the last 24 hours for offline storage.
  • Import scan results in to log analytics such as Splunk and Elasticsearch.
  • Import scan results in to your SIEM.
  • Export scan result for Business Intelligence (BI) analysis.

These examples are available to everyone to review and use. We host them on our public Github repo, which can be found here: 
https://github.com/holmsecurity/api-examples

Gmail template now available in Fraud Risk Assessment

We are happy to announce the general availability for our Gmail template that is now available for Fraud Risk Assessment. With this template you can now perform assessments that are aligned with the way G Suite and Gmail looks. 

There are also a new domain available for Google that can be used within these assessments. 

Other improvements

  • Fixed an issue where duplicate values of web assets were displayed in drop-down selection lists.
  • Fixed an issue where web app scan names were not changed properly.
  • Improved stability and performance to the web scanning engine.
  • Several minor UI improvements have been completed for an enhanced user experience.
  • Scan duration are now available in the notifications emails that are sent out.
  • We have removed two older tests from our web scanning due to being outdated and resulting in a too high false-positive rate:
    • eval() input injection vulnerability (HID-3-1-00006)
    • Operating system command injection vulnerability (HID-3-1-00036)
Have more questions? Submit a request

1 Comments

  • 1
    Avatar
    Khuram Hussain

    Nice work, keep it up! 

Please sign in to leave a comment.