We are kicking off 2020 with our first product release that contains a number of exciting features and improvements. Have a look at our warm welcome of 2020 below.
Major improvements
Enhanced information for web application vulnerabilities
Over the last months we have worked to further improve the information available on all our vulnerabilities that are related to web application scanning. All our available web vulnerabilities have received a complete review with new updated information as well as refreshed external references.
There are now multiple information points available for web vulnerabilities, similar to network vulnerabilities, where you can find data to elaborate on the context of the vulnerability.
New information per web vulnerability includes:
- Impact
Information about the impact caused by this vulnerability. - Summary
Summarized information about the vulnerability - Insights
Deeper information and technical details regarding vulnerability and how it works. - Detection
Details related to how the detection works for this vulnerability.
New features
New vulnerability information available in reports
The updated and enhanced information for both network and web application vulnerabilities are now available for reports in Security Center. Each new information field can be configured in the report templates to show up for each vulnerability within the report.
This gives you capabilities to add an increased amount of information to the reports which can help for different recipients to understand the context of the vulnerability, how it works, why it is there and the actions to identify and re-produce it as well as remediate it.
Fetch vulnerability data for assets using platform API
The platform API is a way for anyone to automate and programmatically integrate against the account in Security Center. With this release we are coming out with an endpoint to query vulnerability information for one specific asset.
The API endpoint accepts both network and web assets by sending in either an internal asset identifier (UUID), network IP or a web application URL.
The response will contain either a risk summary with the number of vulnerabilities per severity for the asset, or a full detailed list with each vulnerability present for this asset in Security Center for your account.
This opens up for use cases where assets can easily be queried to understand the risk situation using common identifiers like IP or URL, with just an integration to Security Center platform API.
Improved Network Scanning coverage for web servers
Network Scanning includes scanning of IPs to identify vulnerabilities against services that are running on different ports.
One common case is to scan target IPs that are of the type web servers, which are hosting websites using virtual host names, that typically represents a domain name (e.g. www.yourbusiness.com).
Normally the web server returns a lot more data in the response when accessing this web server using a host name. This can lead to more vulnerabilities being identified as more data can be processed and analyzed by the network scanning engine.
Security Center now has a new option for Network Scanning called "Web servers" where you set a scan or a schedule. In this new section you can specify what host names that exists on one or several IPs which will allow the scan to be more accurate.
This will result in better test coverage when scanning web servers which will improve the number of vulnerabilities identified when using Network Scanning.
New set of domains for simulations with Fraud Risk Assessment
We have published a updated set of alternative domains for Fraud Risk Assessment. These alternatives can be used to improve quality of the sendout and avoid certain send outs to be blocked by using alternative names of an existing domain name.
Improved logic for evaluation of tags
When scanning or reporting using tags, there can sometimes be a case where the result of the tags returns zero targets. This would cause empty reports or scans not to be produced.
The new evaluation logic will review the outcome of the tags selected and make sure there are always targets returned in order to produce valid results.
Optimized user experience when adding assets
Adding network assets or web assets have received updates in the user interface that will improve the workflow when adding assets repeatedly. Fields have moved positions and new logic is in place to apply values in an more intelligent way.
Other improvements
- Password is no longer required when editing authentication records for web application assets.
- The network asset name is now optional when creating assets using the platform API.
- Listing and reading assets using the platform API is now returning similar fields in the response.
- Severity is now displayed properly in reports when grouping by host.
- PCI ASV reports could sometimes contain data from previous drafts which is now fixed.
- Improved validation feedback messages when saving schedules for Fraud Risk Assessment.
- Editing patch report is now taking the time frame values in to account properly.
0 Comments