Remediate multiple vulnerabilities with one mitigation
An outdated application can have multiple vulnerabilities (CVEs) and can appear on multiple assets. This creates multiple vulnerability items in Security Center that can be hard to overview and work through. Often, these vulnerabilities can be mitigated with one patch for each asset that takes the application to the latest version for each asset.
We are pleased to announce that we have implemented a technology that connects all related vulnerabilities that can be mitigated with one patch. It also identifies all assets where the same mitigation can be applied.
Using this new functionality, you will better understand where to put in your efforts and what efforts will decrease your overall risk most efficiently. Enjoy!
Example
A vulnerability related to an old version of PHP is running on five assets. This old version gives, in total, over 30 different vulnerabilities across these 5 assets. We will now summarize which patch can mitigate all vulnerabilities, and you will also get an overview of all impacted assets.
Where can I find information about how to remediate multiple vulnerabilities with one mitigation?
Multi-domain support in web & API application scanning
Until today, the web and API application scanner has only covered the domain from the URL configured on the asset. With this release, we are happy to announce the support for including multiple allowed domains when scanning.
The scan can automatically follow all the defined allowed domains for an asset, making it possible to track a lot more URLs from the scanned target.
This will improve the coverage of potential vulnerabilities, as more of your application will be scanned across several domains.
Example
Your main asset is:
https://www.holmsecurity.com/
Allowed subdomains:
https://sc.holmsecurity.com/, https://support.holmsecurity.com/
How do I scan multiple domains in one Web Application?
Improvements to Unified Assets & Vulnerabilities
Unified Assets now has a new filtering option for archived assets, where the default is to exclude assets that are archived. Unified Assets automatically become archived when the related assets are set to an inactive/stale state.
There is also a new IP filtering option, allowing you to type in one or many IP addresses to narrow the result even further.
Unified Vulnerabilities have received a new filtering option for HID’s, making it possible to retrieve results for one or many HID’s inside of the overview list.
Unification
Unified Assets and Unified Vulnerabilities are a part of Next-Gen Vulnerability Management. Read more about Next-Gen Vulnerability Management here:
https://support.holmsecurity.com/knowledge/what-is-the-benefit-of-next-gen-vulnerability-management
Deprecation of a network scan option
Within network scanning, there has been an option to keep vulnerabilities open even if the asset is transitioned from an active to an inactive state. This is a legacy option that stopped being the default option in 2022. From this release, this option will no longer exist.
There is a minority of accounts that still use this option, and those accounts will automatically be migrated to have the vulnerability closed when an asset transitions from active to inactive. The existing vulnerabilities will also be closed for inactive assets.
Other enhancements
- The high intensity of a network scan profile has received improvements that will result in faster scan times.
- Excluded tags are now properly displayed on scan schedules.
- Unified Assets are now directing Phishing & Awareness Training links to the recipient's page.
- Addressed an issue in Phishing & Awareness Training assessments where excluded tag selection did not work.
- Exported CSV files are now escaping values where needed, following the RFC 4180 standard.