Improvements to scheduled scans, freshly added tests, and more


TL/DR We’ve made it easier for Application Scanning customers to view their next scheduled scan, as well as access their scan settings. We’ve also added new tests for a variety of high and critical vulnerabilities to both Surface Monitoring and Application Scanning.

Next Scan details added to scan settings

Getting the freshest insights on what vulnerabilities you have is essential for any vulnerability management program. Until recently, it wasn’t very clear when Application Scanning would execute a scan on an asset. This introduced unnecessary complexity for some users, particularly those with a large attack surface. Now, Application Scanning users can easily view all of the upcoming scans on a single page.

Top tips from our team:

Recently added crowdsourced vulnerabilities

Here is a list of all new medium, high, and critical severity modules added in the recent days from our community of ethical hackers. You can find a complete list of new vulnerabilities added to Surface Monitoring and Application Scanning by viewing the “What’s New?” section in-tool.

  • CVE-2022-24288: Apache Airflow RCE
  • CVE-2021-31805: Apache Struts2 RCE
  • CVE-2022-26960: elFinder Path Traversal
  • CVE-2022-25568: MotionEye Configuration File Leakage
  • CVE-2022-30525: Zyxel RCE

Login to get an overview of what is exposed on your attack surface. 

Join our team

We’re hiring engineers, product managers, sales, & more! Learn more.



Source link