Tl;dr We’ve made a few improvements to Attack Surface Custom Policies, such as viewing alerts more easily and deleting custom policies. We’ve also made a major improvement to Application Scanning that greatly improves coverage.
Easily view Attack Surface Custom Policy alerts
In October, we launched a new feature called Attack Surface Custom Policies for Surface Monitoring customers. Attack Surface Custom Policies makes it possible to set, enforce, and scale customizable security policies so you can focus on the issues that matter most.
Since launching this feature, we’ve generated thousands of alerts on potential risks for our customers. For some customers, it was particularly difficult to view these reports. We’ve now made it possible to view alerts page-by-page so you can easily take action on resolving risks as they occur on your attack surface.
Are you a Surface Monitoring customer and not using Attack Surface Custom Policies yet? Check out this guide on how to set up your first custom policy. You can also find additional information on how Attack Surface Custom Policies works through our knowledge base.
Application Scanning Crawling has been greatly improved
Modern web applications that rely on heavy JavaScript usage and SPAs will now see better coverage with Application Scanning. These improvements to crawling will do a better job at reaching more parts of your web application to run security tests on. We have experimented with this new crawling functionality with a select group of customers, but it is now running on all Application Scans.
Bug fixes & performance improvements
- We made an improvement to Port Scanning that now makes it possible to scan ports on newly discovered domains as soon as they are discovered.
- Customers are now presented with information about why a scan failed in the Scan Management page for Application Scanning users.
- If you have recently added a new domain, you can now expand your coverage by selecting the “Expand your coverage” button from the Surface Management view.
- It’s now possible to delete an Attack Surface Custom Policy.
Recently added crowdsourced vulnerabilities
Here is a list of all new medium, high, and critical severity modules added in the recent days from our community of ethical hackers. You can find a complete list of new vulnerabilities added to Surface Monitoring and Application Scanning by viewing the “What’s New?” section in-tool.
- CVE-2021-27909: Mautic XSS
- CVE-2022-21606: Oracle DB Post XSS
- CVE-2022-3123: Reflected XSS in Dokuwiki
- CVE-2022-31474: BackupBuddy < 8.7.5 Local File Inclusion
- CVE-2022-35914: GLPI ‘htmLawed’ Remote Command Injection Vulnerability
- CVE-2022-42889: Apache Commons Text Code Execution
- OAuth Credentials Exposure
- WordPress Plugin – Jetpack Blind Server Side Request Forgery
Today, security teams can use Attack Surface Custom Policies on open ports. In the coming weeks, we will begin rolling out additional functionality. Future improvements include scoping custom policies to specific domains, technologies, and much more. If you’re interested in trying Detectify, book a demo or sign up for a 2-week free trial and start testing your web apps with Detectify today.