Major release
Views in Vulnerability Manager
Vulnerability Manager is one of the most used areas in Security Center, offering several important functionalities to make it easy to filter, select and prioritize between your assets and vulnerabilities.
To make the workflow inside of Vulnerability Manager even easier and more scalable, we have created a new structure that will enable you to sort and order your selections into views.
The new views are shown as tabs and allows you to save your current search filtering selection into an existing or a new view.
They can be accessed at any time to show the selection that you have saved.
Offering several new use cases such as:
- Prioritize your vulnerabilities between web application assets and network assets.
- Prioritize critical vulnerabilities.
- Group all your ignored vulnerabilities.
- Organize all vulnerabilities related to a specific vendor.
Read here how to setup and manage views in Vulnerability Manager.
New features
Detection information for assets
You can now easily filter and view the detection information for web application and network assets. The "Last detection" column tells you when this Asset was last detected from a scan while the creation date shows you the date information when it was created.
Updated OWASP dashboard widget
The OWASP dashboard widget have been updated to improve how we visually show your current compliancy against the OWASP categories. You can now also select to show this, either for all of your web applications or for a specific web application.
Improved network discovery methods
Certain network environments have firewall devices that can reply to communication for all your hosts that are behind the firewall. This can cause hosts that are not alive, to be displayed and tagged as being alive.
We have added a new set of options in the network scan profiles that allows you to select between TCP SYN and TCP SYN+ACK, to offer more solutions to this if the problem arises.
Upgraded Scanner Appliance
Our images for the Scanner Appliance have been upgraded to the latest versions which will dramatically reduce the setup time and improve stability overall.
These images are now the default ones for download in Security Center.
Upgraded network scan engine
Our scanning engine have been upgraded which gives multiple of improvements. You should notice faster scan times, improved detection of operating systems (OS), increased number of signatures and better information regarding vulnerabilities.
New JavaScript components vulnerabilities
The web application scan engine can now identify different vulnerabilities related to known JavaScript frameworks on websites. JavaScript frameworks are very common and used on most of the newer web applications that are out there. These frameworks can contain severe vulnerabilities.
Examples of frameworks that are covered:
- Bootstrap
- JQuery
- AngularJS
- ReactJS
- Dojo
Other improvements
- Saving web applications with a very large sitemaps now works properly.
- The web application dashboard graph can now display URLs that are very long.
0 Comments