Watch the full video for this release
Domain asset discovery & monitoring are now a part of External Attack Surface Management.
We’re excited to announce a major enhancement to our External Attack Surface Management capabilities! Introducing the new domain asset discovery, designed to help you stay ahead of potential threats by automatically identifying, monitoring, and assessing all your domain assets exposed on the internet.
Domain asset discovery will unlock several powerful features for you:
- Automatically discover domain assets
Our platform will continuously scan the internet for any assets associated with your domain names (e.g. www.yourbusiness.com, server-1.yourbuniess.com, and shop.yourbusiness.com) that might not be on your radar. Accordingly, no more domain blank spots! - Comprehensive vulnerability assessment for detected assets
Once the domain asset is discovered, it can be automatically assessed for vulnerabilities, ensuring your domain assets don’t expose you to risk.
How do I get started with domain asset discovery and monitoring?
How do I get access to domain asset discovery and monitoring?
If you’re using System & Network Security or Web Application Security, domain asset discovery and monitoring are included without any additional costs. So, what are you waiting for? You can get started within minutes! If you don’t have any of these products, please contact sales@holmsecurity.com.
Cloud-native scanner available in Google Cloud
We’re thrilled to announce the release of our new virtual scanner appliance for Google Cloud, now available directly from the Google Cloud Marketplace. With just a few clicks, you can spin up this scanner and extend your vulnerability management coverage across your Google Cloud assets.
This new Scanner Appliance complements our existing support for AWS and Azure, ensuring comprehensive multi-cloud security. Whether you're running workloads on AWS, Azure, or Google Cloud, you'll have the same powerful, integrated scanning capabilities to protect your assets.
The new Google Cloud scanner appliance will be available in the next weeks and includes the same features as the existing supported clouds, including network, policy, web, and API scanning capabilities.
Enhanced teams & asset permissions are now generally available
The new features in this release include support for teams and asset permissions that cover asset devices. Ensuring that only the appropriate teams have access to their assets while maintaining full control over who can view or interact with vulnerabilities and assets.
We have also released complete support for team permissions across both the unified assets and vulnerabilities views, ensuring that users can only access their assigned assets and the related vulnerabilities, all governed by their team-based permissions.
The team and asset permissions are now generally available in the Security Center and will be rolled out to all Security Center accounts over the coming days.
Microsoft Windows patch-related vulnerabilities are now supported using Device Agent
We’re excited to announce a significant update to our lightweight endpoint agent, Device Agent. The agent now fully supports discovering vulnerabilities related to Microsoft Windows patches. With this enhancement, you can easily detect patch-related vulnerabilities on your Windows devices, ensuring complete coverage for the Microsoft OS and better overall support for Microsoft products.
This update ensures that no potential vulnerabilities tied to missing or outdated Microsoft patches go unnoticed, helping you maintain a robust security posture across your Windows environments. With expanded support for Microsoft products, you can confidently manage vulnerabilities specific to Windows operating systems.
The support for Microsoft patches will be rolled out to all Device Agents over the next weeks.
Want to get started with the Device Agent?
If you want to start with our lightweight endpoint device agent, please reach out:
sales@holmsecurity.com.
Improved & faster scan engine for web & API
An improved scan engine is now available for our external scanners (cloud scanners provided by Holm Security when using cloud deployment), packed with several enhancements to improve speed, accuracy, and functionality.
These upgrades make your web scanning experience more efficient and provide greater visibility into your web assets’ security.
Key highlights of this update include:
- Improved crawler performance
Our crawler is now faster, especially when dealing with JavaScript-heavy sites that utilize a large number of external domains. Expect even greater speed improvements in future releases as we continue to improve the scan performance.
- New web recorder actions
The new wait and sleep actions ensure that all elements load properly before the scan proceeds, improving the accuracy of your scans, such as managing the authentication sequence. - New informational vulnerability
You’ll now receive more detailed information about your scans, and the debug mode will produce output from targets, providing deeper insights.
Upcoming release for local scanners
This new version will be available for locally installed Scanner Appliances in an upcoming release.
Other enhancements
- Several performance improvements have been implemented in the views where tag selections are available.
- The report vulnerabilities API endpoints have been optimized for performance that will result in faster response times.
- Time zone selections have been redesigned, which will improve the user experience.
- Tags are now properly displayed for certain group selections when viewing vulnerabilities in network and web.
- There are now less strict rules in relation to the start date when changing schedules.
- All notifications now properly respect time zones.