Compliance reports for GDPR, NIS, ISO 27001 and more
We are pleased to announce our brand new compliance report templates now are generally available. With these new report templates you will be able to create compliance reports based on your assets and vulnerabilities.
This is accomplished by setting threshold levels of acceptance, that you should meet in order to be compliant against the specified framework you choose to report against.
By offering the possibility to adjust the threshold levels, each organization can make sure that the reports are adopted to the goals that are set by the organization.
This creates a flexible and easy method of visualizing compliance for all or a set of your scanned assets.
The frameworks that we are releasing support for now are:
- Network & Information Security (NIS)
- General Data Protection Regulation (GDPR)
- ISO/IEC 27001
- Personal Data Protection Act (PDPA)
- OWASP top 10 version 2017
Filtering on asset tags in Vulnerability Manager
It is now possible to search and filter on your asset tags directly in Vulnerability Manager. By using this feature you will be able to identify vulnerabilities and assets connected to a specific tag. This will help you to identify and prioritize the results from your scans.
The tags can be used within the views in Vulnerability Manager, allowing you to create specific views such as:
- Database vulnerabilities
- Critical against public network
- Low priority in local network
- Ignored vulnerabilities
- SSH vulnerabilities
White-label support from Organizer
Organizer now allows you to set a default white-label that will be used among all of your created accounts in Security Center.
This enables you to standardize how all your accounts that you manage within the Organizer will look when they are created. It also allows you to override the default behavior for a specific account that might have other requirements. This is a great way of creating a streamlined experience for all of your accounts.
The white-label includes:
- Setting your own logo in Security Center and reports
- Customize communication through emails and SMS
New vulnerabilities available
We have released 3 000+ new vulnerability tests that will be automatically used in the network scan engine. These new tests will show up in your result automatically, so there's no action needed from you as a customer.
Among these new tests there are increased coverage for several different applications and frameworks such as PHP.
- CSV export of scan result now includes host name and IP of assets.
- Network scans will now auto-populate the catalog with identified web applications.
- The asset detection in Vulnerability Manager has received improved design.
- Fixed validation of IPv6 network ranges when adding network assets.
- General stability improvements to the reporter engine.
- Several performance improvements to our web scanning engine.