August Product Update: Exposed Admin Panels, Risk Rules API, Risk History by Host, and more!

SecurityTrails Blog - A podcast by SecurityTrails

Podcast artwork

Categorie:

At SecurityTrails we continuously upgrade, improve and enhance the quality of user experience in our Attack Surface Intelligence platform. Today, we are thrilled to announce several Attack Surface Intelligence updates we've recently been working on: Risk History by Host, Risk Rules API, Search for Signatures, and other upgrades! Keep reading to learn more. Admin Panel detections in Inventory A great new feature from our latest release is Admin Panels, located within the Inventory tab. This option will help you locate administrator panels in mere seconds. This allows security teams to find exposed control panels from popular technologies and software, which may be out of compliance with policies, and therefore, adding unnecessary risk to your organization. Among its many highlights, the Admin Panel feature: Works on deep paths. Works on IPs without hostnames. Includes firewalls, enterprise software, developer tools, and CMS's. Adds new signatures frequently and automatically. On that interface, you'll find a Counts by Panel summary, where you'll find the top exposed panels, along with the number of affected IP addresses and hostnames. Scrolling down, you'll also find the full list of panels we found, along with a description, the port where it was found, the affected service, and a quick target link so you can jump right into each one of them: Risk Rules API The new Risk Rules API allows users to get immediate data for CVEs, including vulnerability name, description, risk severity (classification), affected hostnames, technical references found on the Internet, and project metadata such as ID, title and snapshot creation date. Risk History by Host The new Risk History by Host feature is the perfect tool for keeping an historical tracking of your current vulnerabilities and misconfigurations. By listing them, you'll know when they appeared for the very first time, and most importantly when they were cleared (fixed, patched) and no longer showing on the Risk Rules report. As shown in the above screenshot, you can also filter the Risk History by Severity or Event type (added or cleared), and even export the results into a CSV file. End-user ability to search signatures This new feature gives Attack Surface Intelligence users the ability to search for risk signatures, so customers can determine whether to check for a certain vulnerability or if a misconfiguration is present on our Attack Surface Intelligence checks, as shown in the following screenshot. SecurityTrails periodically releases updates that improve the performance, security, and logic of your experience in Attack Surface Intelligence. By enhancing the usability of the Attack Surface Intelligence interface, we create a new environment that allows you to identify and prevent threats much more effortlessly. Why don't you try it yourself and facilitate your most thorough and effective way of protection? Book your demo now!

Visit the podcast's native language site