Product news
      Back to home
      1. Knowledge base
      2. Product news

      2024-11-19: Boost your web scans - faster, more accurate & expanded detection capabilities

      Watch the full video for this release

      Boost your web scans - faster, more accurate & expanded detection capabilities

      The latest web scan engine update delivers faster, more precise scanning with expanded detection capabilities. It optimizes workflows for efficient, comprehensive scans and quicker responses to security threats. 

      Key new features include an email misconfiguration checker, active and passive file exposure scanning, email configuration analysis, XPath injection detection, brute-force URL discovery, and WebSocket vulnerability identification. 

      Enhanced Out-of-Band (OOB) vulnerability coverage now includes advanced threat detection for SSTI, SQL injection, response splitting, OS command injection, and remote file inclusion. These upgrades provide a robust defense against complex, asynchronous, and real-time threats. 

      Our latest update brings several key improvements to the web scan engine, delivering faster scan times and enhanced detection results accuracy. These optimizations streamline scanning workflows, reducing processing time while maintaining a high level of thoroughness. This overall enhancement supports more efficient, accurate scanning processes for our users, enabling quicker identification and response to potential security issues. 

      Included in this update is also coverage for additional vulnerabilities:  

      • Email misconfiguration checker 
        Identifies misconfigurations in email setups that may lead to unauthorized access or exposure of sensitive data. 
      • Metrics file exposure (active) 
        Actively scans for exposed metrics files that could reveal sensitive operational data. 
      • Metrics file exposure (passive) 
        Passively monitor for metrics file exposure without impacting system performance, alerting to potential leaks. 
      • Email configuration analyzer 
        Analyze email server settings to detect vulnerabilities or insecure configurations that might be exploited by attackers. 
      • XPATH injection 
        Identifies potential vulnerabilities to XPath Injection attacks, where attackers manipulate query statements in XML applications. 
      • Brute force URL discovery 
        Utilizes brute-force techniques to uncover hidden or poorly secured URLs that may expose sensitive data or functionality. 
      • WebSocket exposure 
        Detects exposed WebSocket connections that could lead to unauthorized data access and real-time security risks. 
      • Open WebSocket vulnerability 
        Identifies open or insecure WebSocket channels that could allow attackers to intercept or inject data in real-time. 

      Expanded coverage for Out-of-Band (OOB) vulnerabilities 

      The new release includes several Out-of-Band (OOB) plugins designed to detect advanced, often elusive vulnerabilities that communicate indirectly. Among these, Out-of-Band Server-Side Template Injection (OOB SSTI) and Out-of-Band SQL Injection (OOB SQLI) are notable, alongside a total of seven OOB plugins that comprehensively cover threats like response splitting, OS command injection, and remote file inclusion, providing robust detection for complex, asynchronous attack vectors. 

      Release plan 
      The new version will be rolled out to public scanners first and will be available in locally installed Scanner Appliances in Q1 2025.  

      Expanded detection capabilities for API Security 

      The latest update strengthens API security with enhanced detection and mitigation features. It now scans for exposed API documentation to block unauthorized access and enforces strict parameter data-type limits to minimize injection risks. 

      Parser support has been expanded to include RAML, HAR, Burp Suite, Fiddler, and Postman, ensuring seamless integration and analysis of exported data. 

      These updates deliver deeper vulnerability insights, empowering users with robust defenses against API security threats. 

      This release brings enhanced capabilities to your API security, enabling more thorough detection and mitigation of potential vulnerabilities. We’ve added additional coverage to detect exposed API documentation and enforce stricter API parameter data-type limits, providing an extra layer of protection against injection attacks and misuse. 

      Additional API coverage included in this release: 

      • Exposed API documentation 
        Detects publicly accessible API documentation that could provide attackers with a roadmap to exploit APIs. 
      • API parameter data-type limits check 
        Verifies the robustness of API parameter data types and limits, reducing the risk of injection attacks and misuse. 

      Enhanced API parser supports 

      We are introducing enhanced parser support for widely used API formats and tools, allowing seamless integration and analysis of exported data across diverse platforms. The supported formats now include RAML (RESTful API Modeling Language), HAR (HTTP Archive), Burp Suite, Fiddler, and Postman, enabling automated identification and response parsing for all matched site paths. This comprehensive parsing capability extracts requests and responses across these APIs, empowering users with deeper security insights and vulnerability coverage. 

      How do I set up input parsers in a web app scanning?

      Want to get started with API Security? 

      Please contact your sales representative or send an email to sales@holmsecurity.com, and we will help you get started with API Security. 

      Release plan 
      The new version will be rolled out to public scanners first and will be available in locally installed Scanner Appliances in Q1 2025.  

      Share scans & schedules with teams 

      You can now collaborate more effectively by sharing specific scans and schedules with selected Teams. This new feature enables targeted and delegated access so each Team can focus on relevant scans in their scope, ensuring streamlined workflows and enhanced security coverage. 

      How do I share scans and schedules with teams?

      Bulk update the business impact for network assets 

      Easily streamline the management of network assets by bulk updating their business impact settings. This new capability allows you to adjust the business impact of multiple assets at once, reducing the manual effort. 

      With the bulk update, you can adjust multiple assets at once and set their business impact to be inherited from Tags instead of being set individually per asset.  

      How do I bulk update business impact on network assets?

      Enhancements to reports  

      Our latest update simplifies report distribution and enhances readability with the following improvements: 

      Report sharing without phone number 

      Generated reports can now be sent without the need for a password or phone number, making it easier to share insights with stakeholders without additional access barriers. Scheduled reports will receive this support in an upcoming product release. 

      Improved report categories & template names 

      Report categories and template names have been refreshed, helping you to quickly identify the right templates for your needs. 

      Other enhancements 

      • The dashboard has received several improvements, including updated description texts and minor issues that have been resolved across widgets.