In 2024, we shipped numerous features to help security teams manage their growing attack surface. Some examples are Domain Connectors for continuous discovery, a new Integrations platform for greater flexibility, and a Domains page for unprecedented control over attack surface data. Read on to explore our highlights of this year, check out the top vulnerabilities that made headlines, and discover what lies ahead in 2025.
Discovery, but better with Connectors
Organizations’ attack surfaces keep growing and decentralizing. In fact, by 2026, over 90% of enterprises will expand into multi-cloud environments [1]. To address this growing trend, we launched Domains Connectors. This feature enables customers to seamlessly integrate their cloud providers into Detectify and continuously and automatically identify, discover, and manage all their assets.
Since the launch, Domain Connectors have been adopted by all types of organizations, with consistent growth in the number of teams connecting their cloud providers. This trend indicates an expanding digital footprint for companies and a corresponding increase in their attack surface. Additionally, we have noticed a 130% increase in the total number of connectors used by our customers, further demonstrating how organizations are expanding into multi-cloud environments.
Connectors seamlessly integrate with numerous cloud providers, including AWS, GPC, Alibaba Cloud, Azure, Cloudflare, DigitalOcean, GoDaddy, and IBM NS1.
Say hi to the new Domains Page
Throughout this year, we rolled out dozens of updates to the new Domains page, built to enhance visibility and control over the attack surface and give security teams the most flexible insights into their attack surface data. Explore this feature by filtering domain data, entering your own filter values, or using filters recommended by Detectify based on your unique attack surface. You can also use the network graph to explore your domain data and identify anomalies.
Use the Domains page to create custom policies based on conditions from filters and be notified of any policy breaches.
Highly accurate data right where you want it
Earlier this year, we launched a new integrations platform that has improved reliability and provided security teams with greater flexibility in how they access data from Detectify. We have worked to ensure that teams can not only get accurate results but also integrate those into their real workflows. Since the launch of our new platform, integrations have been configured in various innovative ways, such as routing vulnerability findings linked to specific URL headers to the responsible team for quicker remediation. Watch a short overview of Detectify’s integration platform.
Frictionless workflows and accelerated remediation with the new Integrations platform
What’s ahead in 2025?
In early 2025, product priorities will revolve around ensuring that all important assets are properly tested. Users will be able to identify and remediate any potential scan interferences directly from the Detectify platform. Assets will also be classified to provide security teams with recommendations on which ones should be scanned. Additionally, assessment capabilities will be enhanced, allowing users to manage vulnerabilities more easily and observe trends. Users can also expect significant improvements to deep scan features for both crawling and fuzzing. Stay tuned with the What’s New page to catch every product update and improvement.
Don’t miss our Product Release Webinar Q4 2024. Get up to speed on all of our latest product updates over the last few months.
Featured vulnerabilities
This year we implemented a significant number of new security tests across an unmatched array of technologies thanks to research from our Crowdsource community of ethical hackers and our internal researchers. This goes from critical 0-days, such as the famous CUPS vulnerability, which the Detectify team addressed within hours using a new engine framework, to domain-related vulnerabilities, such as subdomain takeovers and server misconfigurations.
Some of the featured vulnerabilities that marked 2024 according to Detectify researchers are:
A New Standard for Advanced Application Security Testing
This year, we were proud to receive an award from the Cybersecurity Breakthrough Awards, which recognizes cybersecurity companies that break through a very crowded market. We were also included in several industry-leading analyst reports, such as Forrester’s “The Attack Surface Management Solutions Landscape, Q2 2024” report.
In Fall 2024, we announced that global cybersecurity investor Insight Partners had acquired a majority stake in Detectify, along with additional funding. As we enter a new phase of growth, product innovation will increasingly focus on delivering a new approach to advanced application security testing for growing attack surfaces. AppSec teams are facing a significant challenge as their attack surface rapidly expands, and their traditional DAST tools can’t keep up with the increasing volume and dynamic nature of modern web applications.
ISMG interview with Detectify CEO Rickard Carlsson on how Detectify Eyes AppSec Expansion After Insight Partners Buy.
Compliance: challenge or opportunity?
The year 2024 has brought significant new challenges to organizations, one being a regulatory wave across many industries and geographies. Navigating the complex and evolving compliance landscape is not easy, and with numerous regulations to consider, selecting the right security tools that align with your business’s compliance needs becomes a major task. In this blog post, Cecilia Wik, Head of Legal at Detectify, provides an overview of the compliance landscape in Europe, covering NIS2, CER, and DORA. In early 2025, we will continue covering how Detectify can help your team address different compliance needs.
Interested in learning more about Detectify? Start a 2-week free trial or talk to our experts.
If you are a Detectify customer already, don’t miss the What’s New page for the latest product updates, improvements, and new security tests.
[1] Gartner, A CTO’s Guide to Multicloud Computing, David Smith, 30th March 2023.