Release Notes

ASM Release Notes

Release 24.8.1 [September 4, 2024]

Additional Supported AWS Resource Types

With this release, ASM now supports the following AWS resource types:
  1. ElasticBeanstalk.Environment
  2. Lambda.Function
  3. Lightsail.Instance
  4. DAX.Cluster
  5. DocDB.DBInstance
  6. DocDB.DBCluster
  7. Neptune.DBCluster
  8. RDS.DBCluster
  9. RDS.DBInstance
  10. Redshift.Cluster
  11. EC2.VPNConnection
  12. EC2.CustomerGateway
  13. Serverless.Application

API Endpoint Enhancements - Multiple Workspaces

  1. Enables users to query data across multiple workspaces from within an account.
  2. Users can query for one, multiple, or all workspaces within an account.
  3. Cross-account queries are not allowed.

Ticketing Integrations - Attachments

  1. Offers users additional context on exposures within the ticketing system.
  2. Provides the ability to attach one or several exposures to a ticket.
  3. Allows for attachments to tickets, attaching the Exposure Export to the ticket.
  4. Available for all ticketing integrations.

Enhancements

  1. Provided port override that covers around 30 services, such as HTTP, auto, plc5, and SSH.
  2. Added additional analytics to the Manage Seeds and Import Data pages.

Release 24.7.2 [August 19, 2024]

AWS - Monitored and Unmonitored Classification

  1. Assets coming in from the AWS connector are categorized as monitored assets.
  2. Assets coming in from ASM scans are categorized as unmonitored assets.
  3. Assets common to both AWS connector and ASM scan are categorized into monitored assets.
  4. Added new KPIs to the Asset List view.
  5. In reports, added a new column for asset management and eight new columns for assets fetched from the AWS connector.

Redefine Description Template in Ticketing Integrations

  1. Users can get the entire information of an exposure in the description.
  2. Introduced a new description template used while creating a connector.
  3. Users can view the raw JSON data of an asset coming through the AWS connector.

Delete Group

  1. Users can now delete the groups and all the assets and exposures under them.
  2. Introduced a warning message highlighting the hard delete of selected assets and exposures of the group.
  3. Groups cannot be deleted if active integrations are enabled (cloud and scanner).

New Filters in Exposure List View

  1. Introduced the closed-on filter in the exposure list view, which will be beneficial for users to filter closed exposures with from and to date ranges.
  2. Introduced the closed-by filter in the exposure list view, which will be beneficial for users to filter closed exposures with the multi-select option.
  3. Introduced the closed-reason filter in the exposure list view, which will be beneficial for users to filter closed exposures with the multi-select option.

Enhancements

  1. Admin users can now invite users and generate credential intel reports.
  2. Tenable.io was renamed to Tenable Vulnerability Management.
  3. Seed domains can be added as long as they have an NS mapping.
  4. Users can create Tenant-specific API keys in the Security section.
  5. Dashboard APIs and Asset APIs can accept multiple workspace IDs.

Bugs

  1. Fixed the issue where the PAM user role is not upgraded from the Account Manager role.
  2. Fixed List view export failure when the selected count is more than 100.
  3. Fixed the ticketing URL column value mismatch in the list view exports (in DNS health risk vector).
  4. Addressed where some URLs were not refreshed.
  5. Added a handler for a URL that goes into an infinite redirect loop.

Release 24.7.1 [July 29, 2024]

AWS Connector Revamp

  1. New type of Service in AWS connector - Cloud Discovery.
  2. New Layout of the AWS connector form under Integrations.
  3. Users can now schedule scans through the connector form.
  4. Users can now choose to run ASM scans on top of the assets discovered via AWS connector.
  5. Additional documentation is available here: AWS Connector Setup

AWS Asset Detailed view

  1. Users can view cloud specific details for an asset discovered through AWS connector.
  2. New section of Additional information in the asset detailed view of an AWS asset.
  3. Users can view the raw JSON data of an asset coming through AWS connector.

Manage Seeds Enhancements

  1. Workspace name and Group name added on UI and API response when the seed asset is a duplicate asset.
  2. Warning message highlighting the hard delete of selected seed and duplicate seed(if any) while removing the seed asset.
  3. Seeds in processing state cannot be deleted.

Filters - Breach Age and Name

  1. Introduced breach name filter in the exposure list view that will be beneficial for user to filter data leaks exposures.
  2. Introduced breach age filter which help the user to filter based on the breach age of the email.

Enhancements

  1. Introduced a confirmation pop-up when navigating to other screen while editing configuration rules.
  2. Improved Data leaks cycle time. 20X throughput increment.
  3. Renamed Top Exposures dashboard widget title as Top 50 Exposures.
  4. Removed the disclaimer section in Exposures breakup widget.
  5. Rephrased the text for adding tags as "Propagate this Asset Tag to All the Associated Exposures".

Bugs

  1. Fixed the issue where the PAM user role is not getting upgraded from account Manager role.
  2. Fixed List view export failure when selected count is more than 100.
  3. Fixed the ticketing URL column value mismatch in the list view exports (in DNS health risk vector).
  4. Addressed where some URLs were not refreshed.
  5. Added a handler for a URL that goes into an infinite redirect loop.

Release 24.6.2 [June 27, 2024]

Reports Enhancement

  1. Replaced the Sunburst Widget with the Exposure Funnel in the Executive and Detailed Reports.

ASM-as-API 

  1. Enhanced the List Workspaces API to accommodate Multiple Workspace ID should be passed in it - GET api/v1/listWorkspaces
  2. Added Asset criticality ID parameter in the Update Asset Criticality APIs so the user can use the codified values in PUT api/v2/assets/criticality and the older POST /api/v2/updateEntityCriticality

UX Enhancement

  1. Minor UX enhancements for the Configurable Checks page.
    1. Introduced Expand/Collapse in the feature tip on the Rules Page.
    2. Change in color codes for the disabled checkbox.

Release 24.6.1 [June 13, 2024]

Propagation of Tags from Assets to Exposures

  1. Tags created at the Asset level can now be propagated to all associated Exposures, ensuring consistent categorization and organization of findings.
  2. The Asset Tag creation popup now has a "Propagate Asset Tag to All Exposures" checkbox. Selecting this will apply the tag to all associated Exposures within the asset.
  3. Tags from connectors (third-party integrations) have propagation enabled by default.
  4. Additional information is available here: Asset Actions - Add Tags (securin.io)

Changes to Existing Dashboards (Account and Executive)

  1. A new "View By" option will be added to both the Account and Executive Dashboards. This dropdown will list all integrated scanners configured on the Integrations page, including Securin ASM. Selecting Securin ASM will display only ASM-related data, with "Select All" as the default selection.
  2. The existing Exposure Breakdown has been redesigned into a funnel view with additional widget interactions based on CHMLI distribution.
  3. A new widget called "Top 50 Exposures" has been added. This widget will display the Top 50 Exposures, prioritized based on the VRS score. If the VRS score is unavailable, exposures will be prioritized based on severity.
  4. Additional information is available here: Executive Dashboard (securin.io)

Updates to Data Exports to Include Scanner fields

  1. New Fields in Data Exports: Exposures Data Export and Complete Data Export will now include additional fields - Hostname, Operating System, Plugin ID, Fixes, Source, Scanner First Found, and Scanner Last Found.
  2. Changes to Existing Exports
    1. The Host column has been renamed Asset in the Exposures Data Export under the Network Security sheet.
    2. Exposures will now capture both Plugins and CVEs associated with each exposure.
    3. The Observation field will now include both the Plugin Title and Plugin ID, e.g., "192876 - Oracle Linux 8 : olcne (ELSA-2024-12264)".
  3. Miscellaneous Updates
    1. Operating System: Already available as OS, renamed to Operating System in the Exposure Detailed view and added to the Asset Detailed view.
    2. Host Name: Already available as Host Name in the Exposure Detailed view and added to the Asset Detailed view.
    3. Scanner First Found: Renamed from First Seen in the Additional Info section.
    4. Scanner Last Found:  Renamed from Last Seen in the Additional Info section.
    5. Added the Source column to all sheets except for Assets (where it is already available). It will be the last item in these sheets.

Configurable Checks

  1. Users can customize the exposure checks for a seed asset inside a workspace.
  2. New Layout of the Rules Page under the Configuration Menu
  3. Efficiently Navigate Exposure checks to be run within a hierarchy spanning Risk Vectors, Categories, and Sub-Categories
  4. Exposures will be populated for the selected checks in the Rules Page.
  5. Additional information is available here: Configurable Checks (securin.io)

ASM-as-API

  • Introduced option to export detailed Summary Report in JSON format.

Enhancements

  • Replaced the Exposed Emails with Email & IP breaches count in Detailed Reports & Exec Summary Report.

  • Fixed the issue where the manually closed finding was reopened in the next scans, especially when it had dynamic IPs.

Release 24.5.2 [May 25, 2024]

Unified Login Page

Unified Login Page for a Simpler & Improved Experience: With the Securin unified login page, you can access all Securin products using a single set of credentials, streamlining the login process.

Release 24.5.1 [May 7, 2024]

Features/Enhancements

  1. Added Filter to Filter by Assignee, which is available if the ticketing system is enabled.
  2. Integrated Azure DevOps Ticketing System with Securin ASM. Users can now natively connect with three ticketing systems: Jira, ServiceNow, and Azure DevOps.

Bug Fixes

  1. Network Scanners: Handling Empty scanner files.

Release 24.4.1 [April 22, 2024]

Features/Enhancements

  1. With data being ingested from multiple scanners into ASM, the source column was added to the assets list view to help users identify an asset’s source.
  2. Resolved the age mismatch of exposures between the list view and the detailed view.
  3. File Upload: Updated permission to ensure any user with the relevant permission can upload files to the platform

Bug Fixes

  1. Nessus: Fixed connectivity issues.
  2. Network Scanners: Addressed asset count mismatches in scanner files.
  3. Fixed missing Cloud Type tags for certain hybrid assets.
  4. Fixed an issue on the manage seeds page after moving seed assets, resolving the workspace deletion issue faced for workspaces where a move asset operation was done.
  5. Addressed API errors encountered when editing existing Ticketing connectors.
  6. Cosmetic: Resolved text wrapping issues for descriptions and fixes.
  7. Cosmetic: Fixed alignment problems in the Exposure Detail view when dealing with a large number of IPs.

Release 24.3.2 [April 2, 2024]

Features/Enhancements

File Upload

  1. Provisioned file upload option for Account Manager and Admins in the Reports page, making it possible to manage and share documents related to reports.

Tenable Integration

  1. Enabled the Tenable connector in the platform.

Updated the Monitoring Frequency of Deep and Dark Web Data 

  1. Updated the monitoring frequency of Deep and Dark Web data for every scan instead of a monthly refresh.

UI Enhancements

  1. Enhanced shadow effect while hovering, font styling of table headers in asset and exposure list view.
  2. Re-skinned the Open Exposures by Age and Severity Widget in the Analyst Dashboard.
  3. Optimized column spaces for the Breach information table on the Exposure Detail page.

Bugs

  1. Resolved the issue where deactivated/disabled IPs were retained as active in the platform.
  2. Fixed sorting issues in the list view of Assets and Exposures.
  3. Fixed the pagination issue that was getting reset when navigating to the Detail view.
  4. Addressed minor issues in the Omnisearch functionality.
  5. Optimized the efficiency of the redirect script to increase the coverage of valid redirect identification.

Scanner Bug Fixes

  1. Corrected the reconciliation issue for on-premises network scanners, where findings were not closed even when not available in the next scan.
  2. Implemented restrictions for manually resolving Scanner findings.
  3. Fixed the issue where Exploits Data were not populating for scanner-related findings.
  4. Corrected Reference links that were not populating in the findings from scanners.
  5. Fixed the issue where only partial solution was populated from the Nessus scanner.

Release 24.3.1 [March 19, 2024]

Delete Seed

  1. Added the option to remove seeds from the Manage Seeds page, enabling the self-serve removal of seeds and their derivatives and clearing duplicates/invalid seeds from the seeds page.

Scanner File Upload

  1. Increased the maximum file upload size for scanners from 20 MB to 500 MB.
  2. Resolved the issue causing uploaded files to remain in the processing state.
  3. Updated the platform to support .xml file format for scanner file uploads.

Dashboard and UI Enhancements

  1. Enhanced dashboard UI for spacing optimization.
  2. Applied camel case to the navigation bar and widgets for improved readability.

Bug Fixes

  1. Corrected the status mismatch between the list view and the detailed view of some exposures.
  2. Addressed false positive findings in DNS Zone Transfer.
  3. Fixed incorrect expansion on non-contiguous subnets.
  4. Resolved the issue where hosts created from a redirect URL failed to include IP/PORTs in the first scan.

Release 24.2.1 [March 1, 2024]

Executive Dashboard

  1. Improved Plaintext Password Visibility: Introduced a new Key Performance Indicator (KPI) in the executive dashboard, tracking the number of plaintext passwords identified by ASM. This enhancement gives users valuable insights into security vulnerabilities, enabling prompt action to strengthen system security.

Bug Fixes

  1. Pipeline Efficiency Enhancements: Fixed pipeline bug for smoother and more efficient whois detail data retrieval, enhancing overall job workflow.
  2. Redirect Check-Null Pointer Exception Handling: Resolved a critical bug causing null pointer exceptions in the redirect check feature, ensuring accurate asset refresh and uninterrupted asset monitoring.

Other Enhancements

  1. Minor UI Enhancements

Release 24.1.2 [February 19, 2024]

1. Hard Delete Account Feature Enhancement: Users with multi-account access can now perform a hard delete on accounts meeting specific criteria:
  1. Accounts of Contract Type: Free
  2. Subscription Type: Via Partner
Impact Evaluation
  1. Users can now review the count of affected assets and exposures associated with the account before performing a hard delete.
Bug Fix
  1. Deleting the default account for multi-account users now automatically assigns a new default account.

2. ASM as API: Refinement of Asset and Account Management APIs by removing redundant or unused fields.

3. Other Bug Fixes: 
  1. Recon Pipeline Optimization
    1. Improved performance of the reconciliation pipeline for faster processing.
  2. SSL False Positive Addressing
    1. Resolved issues related to false positives in the SSL pipeline, particularly for IPs mapped to multiple hosts.
  3. UUID Special Character Removal
    1. Previously generated UUIDs required encoding to receive proper responses. Fixed this issue by removing special characters from the UUID string.
  4. Seed Domain Removal
    1. Fixed issues associated with the removal of seed domains.
  5. Nessus File Upload Count Mismatch
    1. Corrected discrepancies in the count when manually uploading Nessus files.
4. Minor UI Enhancements

Release 24.1.1 [January 29, 2024]

1. React Migration: The core of this release is a comprehensive migration to React. The UI has been restructured, leveraging React's component-based architecture for improved modularity and maintainability.
2. Effortless Transition: Transitioning to React Standalone in a seamless manner ensures that work can continue without any interruptions. This upgrade will not cause any disruptions to current processes and routines.
3. Embrace Turbocharged Performance: The migration to React comes with a user interface that is designed to provide lightning-fast interactions and heightened responsiveness, ensuring an experience that is seamless and dynamic.
4. UI and Stability Enhancements: This release includes various UI and stability improvements.
  1. Redesigned status icons.
  2. Implemented distinction between clickable and non-clickable numbers on dashboards.
  3. Improved User Management page load speed for multi-account users.

Release 23.12.1 [December 7, 2023]

1. Introduced Account Level Summary Metrics: New KPIs are now available in the Account Dashboard, capturing the following metrics:
  1. Workspaces
  2. Groups
  3. Assets
  4. Exposures 

Release 23.10.1.2 [November 17, 2023]

1. Easier CIDR Removal: Enhanced the remove asset API to recursively remove all child assets when removing a netblock (CIDR) seed.
2. Improved URL Discovery and Exposure Efficacy: Increased URL scanning efficiency by handling 429 responses and SSL renegotiations (handled in the pipeline) for webpages.
3. Bug Fixes/Performance Enhancements
  1. Ensured the Last seen date gets updated for port-loaded assets.
  2. Sorted issues encountered for bulk asset addition during Port load.
  3. Added handler to queue user actions performed when the seed refresh was in progress.
  4. ‘api/v2/CreateNewAccount’ returns 200 when the seed domain matches.

Release 23.10.1 [November 6, 2023]

1. Account Without Seed Domain: AWSD (Account Without Seed Domain) empowers users to add diverse asset types directly to the platform, allowing for flexible modeling of accounts and independent monitoring. It removes the need for assets to be associated with a preexisting domain.
Key Features:
  1. Seed Types: Add various assets as seeds, including Hosts, Domains, URLs, APIs, Netblocks, and ASNs to your platform, enabling precise, independent monitoring, and flexibility in asset discovery. This is also emphasized by the ‘Add Domain’ button transitioning to ‘Add Seed’ on the landing page.
  2. Flexible Account and Workspace Modelling: Customize your accounts and workspaces using asset types of your choice, allowing tailored asset management and monitoring for enhanced cybersecurity.
  3. Enhanced Discovery: We've enhanced our netblock discovery to uncover any IP with an open port, enabling comprehensive asset discovery for a deeper understanding of your digital landscape and potential vulnerabilities. Explore complete IP details, including Whois information, Internet Exposed Services, and PTR (rDNS) records, within the IP detailed view.
  4. Notifications Revamp: Notifications are now aggregated at the workspace level, streamlining alert management for a more simple and efficient experience.
  5. AWSD: Assets and exposures no longer have to be associated with a preexisting domain, providing greater flexibility.
2. ServiceNow Integration Enhancement: We've added the capability to seamlessly upload platform exposures as files to your ServiceNow tickets, facilitating more efficient incident response and documentation.
3. Rules Page: A new page has been introduced under the Configuration tab, listing all exposure checks performed by the platform, categorized by risk vectors. This page provides detailed information, including descriptions, risk vectors, and severity levels for each exposure.
4. Detailed Summary Report Bug Fix: Fixed the duplication of exposure recommendation for the “IP Breach Detected” exposure in the Detailed Summary Report.
5. Other Bug Fixes: Implemented a few minor UI bug fixes in this release.

Release 23.9.1 [October 6, 2023]

1. ServiceNow Integration: We are excited to introduce ServiceNow integration in this release. With a simple one-step configuration process, you can now seamlessly connect our platform with ServiceNow, streamlining your workflow and enhancing your experience.
Key Features:
  1. Effortless Ticket Creation: Say goodbye to manual ticket creation. You can now effortlessly generate ServiceNow tickets for ASM exposures directly within our platform, saving you time and effort.
  2. Scheduled Ticket Updates: Stay in the loop with automatic updates for Assignee and Status from ServiceNow. These updates are scheduled to occur once every 24 hours, ensuring that you always have the latest information at your fingertip
  3. Enhanced Data Accessibility: We have made tracking and organization easier by implementing Ticket IDs in ASM template exports. This enhancement will help you manage your data more effectively.
2. Other Bug Fixes: We have also addressed a few minor bugs, including a couple of integration-related issues, in this release. These fixes aim to improve the overall stability and reliability of our platform.

Release 23.7.1 [August 19, 2023] 

    1. Move Asset Feature: Introduced the ability to move assets within workspaces, improving asset ownership and manageability
    2. Exposures by Hostname (FQDN): Shifted focus from IP addresses to hostnames (FQDN) as the primary pivot for ASM, enhancing precision and relevance
    3. Share Assets Feature: Launched the capability to share asset(s) across multiple workspaces, promoting collaboration and flexibility
    4. Bulk Action Restrictions: Implemented restrictions on bulk actions for shared assets and exposures, ensuring controlled management
    5. Account-Level Uniqueness: Enforced uniqueness at the account level for both Assets and Exposures, enhancing data integrity and accuracy
    6. Notification Trigger Window: Adjusted the weekly notification trigger window to Tuesday for improved error review and response

Release 23.6.2 [Jul 13, 2023] 

  1. Introduced External Notifications
    1. Introduced External Notification config and preferences where the notifications can be sent to channels like Email, Slack, Google Chat and Microsoft Teams

Release 23.5.1 [Jun 10, 2023]  

  1. Introduced In app Notifications
    1. This will notify users on new Exposures, Assets, Exploits, Data leaks and Lateral Domains from the latest scan
  2. Introduced IDP initiated login for SAML
    1. This will enable users to login to the platform from their respective IDP
  3. Sunset the Shared hosts and the Shared host KPI
  4. Removed the 100 limit restriction for bulk asset actions
  5. Updated the Securin logo and the visual elements in the Login page
  6. Enhanced the visual appeal for icons of Severity, Asset Criticality and VRS scores
  7. Harmonized the Filter Chips across the platform

Release 23.4.2 [May 11, 2023]  

  1. Optimized the Dashboard (Including removal of Scan frequency Widget, Updated KB & Feedback links)
  2. Enhanced the Lateral Domains with Whois Raw data and minor enhancements
  3. Introduced Partner Account manager Role
  4. Other minor bug fixes

Release 23.4.1 [Apr 25, 2023]  

  1. Check Certificate presence on select services before classifying a service as ‘High Risk’ (FP Reduction)
  2. Introduced range selector for Filters - VRS and confidence scores
  3. Introduced IP Validation logic to Qualify a lateral domain (subsidiary / M&A domains)
  4. Added new flags for Manual Exposure and Integrations upload feature in Account Management
  5. Harmonized Account Management Clickthrough behavior with the rest of the platform 

Release 23.3.2 [Apr 03, 2023]  

  1. Rolled out Breach Intel Information from the Dark and Deep Web
    1. Implemented additional breach intel capabilities including plaintext passwords and PII in the Data Leaks Risk Vector
    2. Implemented a new metric "IP Breach Detected", for IPs where the Botnet has compromised an External/public-facing machine
    3. Implemented a new Report "Breach Intel" which will contain leaked passwords that were found in the Dark and Deep Web
    4. Introduced a distinct icon representation in the List and Detailed views for Credential Intel, Password leaks, and Botnet Breach
  2. Revamped  Account Management - Internal Feature
    1. Account management revamped to enable seamless Account Creation
    2. Implemented Search, FIlters, and Exports in Account Management

 

Release 23.3.1 [Mar 13, 2023]  

New Features/Enhancements  

  • Rolled out Lateral Domain Discovery against a given seed Domain

    • Discovery of Subsidiaries & Acquisitions for the seed domain

    • Review and sort lateral domains

    • Confidence score calculation for the discovered lateral domains

 

Release 23.2.2 [Feb 25, 2023]

  New Features/Enhancements  

  • Unsafe Services exposures revamped to include service name in exposure title

  • Unsafe Services exposures revamped to contain individualized description and recommendation data

  • Implemented Nested Filters in Services-Filter. Services are grouped based on their respective categories.

   

Release 23.2.1 [Feb 11, 2023]  

New Features/Enhancements  

  • Implemented Long token for API

  • Enabled Redirect Metrics with Evidence

  • Compressed the downloadable Export file to Zip folder to handle large sets of data

  • Fixed the Template Exports to incorporated closed CPE records

   

Release 23.1.2 [Jan 27, 2023]

New Features/Enhancements  

  • Introduced Manual Upload feature for Exposures

  • Introduced Executive Summary Report for Workspace and Account Level

  • Updated the User permission Grid in User Management

  • Fixed the status of the Unreachable assets

  • Other minor bug fixes

   

Release 23.1.1 [Jan 04, 2023]

New Features/Enhancements  

  • Integration with Microsoft Azure Active Directory (Azure AD) using SAML v2.0

  • Introduced Filters Search options (Search within filter Category & Across Categories)

  • Brought the exposures of the closed assets in the platform

  • Replaced Asset Hosting widget in the detailed summary Report

  • Populated the Open and closed counts separately in Verbose export Summary page

  • Handled Case Sensitivity to Tags, Workspaces, Assets & Groups

  • Other minor bug fixes

 

 

Release 22.12.1 [Dec 16, 2022]

  New Features/Enhancements  

  • PTR Records added to the Asset Detail page for enhanced Asset Fingerprinting

  • Introduced Partially Closed Status for Exposures to handle multiple CPEs on a single CVE

  • Tagged Tech Stack information on Host Assets instead of URL Assets

  • Reordered Filters in all list views based on user behavior

  • Refined Sort Order in Exposures list view

  • Other minor bug fixes

 

 

Release 22.11.3 [Dec 01, 2022]  

New Features/Enhancements  

  1. Exposure Evidence in the detailed view for DNS Health Metrics and Application Security Exposures

  2. Dashboard Enhancements - Moved the Exposed Services(Critical Risk) Widget to Row 5 and Re-skinned Maps to facilitate Zoom, Pan and Highlighting Geolocation

  3. Improvements to SSL Exposure Identification and Evidence

  4. Improvements to Data Exports

  5. Other bug fixes and minor UI Enhancements

 

Release 22.11.2 [Nov 17, 2022]

New Features/Enhancements  

  1. Exposure Evidence in the Detailed View for Blacklisted IPs, Unsafe URLs, Private IPs, SSL and SSH metrics

  2. API Enhancements - Tokenization of API Requests for AddAssets, RemoveAssets, and RefreshAssets

  3. Improvements to Application Security Exposure Identification

  4. Improvements to URL Asset Discovery

  5. Additional filtering capabilities - First Seen Filter

  6. Refinement to the Omni Search Detail view page

  7. Other minor UI enhancements

 

Release 22.11.1 [Nov 03, 2022]

New Features/Enhancements  

  1. Added Blacklisted IPs and Exposed Private IPs to Key Exposures

  2. Split the Asset Hosting Widget into two and renamed some cloud providers in the Executive Dashboard for better readability

  3. Omni Search has now been replaced with a short search bar

  4. Added count of CPEs in the Exposure Resolution panel to address cases of CVEs with multiple CPEs.

  5. Improvements to SSL Recon

  6. API Improvements - Tokenization of API Requests for workspace and group refresh

  7. Securin VI Integration with ASM - Migration to the latest version (Comprehensive API)

  8. Other minor UI enhancements and bug fixes

 

 

Release 22.10.1 [Oct 10, 2022]  

New Features/Enhancements
  

  1. Revamped dashboards & top navigation bar

  2. Key Exposures added to the Account Dashboard

  3. Displayed the source of exposed emails

  4. Added more click-throughs in workspace list-view for easier navigation.

  5. Introduced new HTTP Response Header checks for discovery of application security exposures.

  6. Reduced false positives in SSL/TLS exposures by adding additional checks for SSL Fallback Signaling Cipher Suite Value (SCSV) and Poodle attack.

  7. Modified click-throughs from Critical Services Widget (Open Ports) to reflect Exposure Data rather than Asset Data.

  8. Updated UI icons for Ransomware, Exploit, Shared hosts and Advisories

Bug Fixes  

  1. Minor fix in the UI to make KPIs visible in all screen sizes and resolutions.

  2. Fixed issues observed when refreshing host assets with multiple IPs.

  3. Fixes for domain assets present in multiple workspaces.

 

 

Release Notes 22.9.2. [Sep 23, 2022]  

New Features/Enhancements  

  1. Enabled "Copy" option in List views for Ease of use

  2. Added colors to differentiate clickable text/numbers in dashboards.

  3. Removed unused widgets from dashboards.

  4. Various fixes and minor enhancements to improve performance and stability.

 

 

Release Notes 22.9.1. [Sep 08, 2022]  

New Features/Enhancements
  

  1. Removed Assets and Closed Findings can now be viewed on the platform with their reason codes

  2. Added trends to indicate changes in Assets, KPIs and Key Exposures on a monthly cadence

  3. Reduced false positives in TLS/SSL related exposures

  4. Other minor UI enhancements and bug-fixes

 

 

 

Release Notes 22.8.2. [Aug 25, 2022]  

New Features/Enhancements
  

  1. Implemented MFA via the Authenticator app and Email

  2. Reduced false positives in exposed internal environments

 

 

Release Notes 22.8.1. [Aug 10, 2022]

New Features/Enhancements  

  1. Key Exposures details added to the Workspace Dashboard

  2. Provision for domain scan to run in the background enabling users to continue working on the platform

  3. Other minor enhancements and bug-fixes.

 

Release Notes 22.7.2. [Jul 27, 2022]

  New Features/Enhancements  

  1. Add Domain button added to the Homepage

  2. KPI in dashboards gets a makeover

  3. 'Domain scan alert' emails terminated

  4. Email breach classification changed from 'PII' to 'Data Leak'

  5. ASM Release Notes and Release Version available in the Knowledge Base

  6. Port-Protocol-Service label in Asset details renamed to Port-Service

  7. Pop-out button added to redirect to the high-risk URL/API in All Exposures page

 

 

 

 Release 22.6.3    [Jul 04, 2022]

New Features/Enhancements  

  • Option to switch accounts for users with multiple accounts

  • Selection restriction on list-view items is increased from 20 to 100

 

Bug Fixes  

  • Fixed issues in creating new accounts using deleted seed domains

  • Fixed Sandbox workspace issues

  • Fixed API Account delete timing out issue

 

 

 

 Release 22.6.2  [Jun 15, 2022]

 New Features/Enhancements: 

  • View WhoIs Details for Domain, ASN and Netblocks

  • Added an option to switch workspaces using a dropdown menu

  • Provided a snooze icon instead of `Accept the Risk` option

  • Provided an option to view Active Status of Hosts (& IPs)

  • Brought in additional elements from VI API End-point such CISA KEVs, Malware & Ransomware for your reference

 

 Bug Fixes

  • Fixes to Cloud Exposures KPI

  • Integration Data removed from Executive Summary Report

  • Search history is cleared when switching workspaces

  • Fixed data issues in Sandbox on newly created accounts

  • Dual Axis Widgets issue fixed

  • We have fixed the missing Techstack and Vulnerability findings

 

 

 

 


    • Related Articles

    • Setting Up Notifications in the ASM Platform

      Setting Up Notifications in the ASM Platform The ASM platform offers a comprehensive notification feature to ensure you receive timely updates on critical events. Follow these steps to set up your notifications easily: Log in to the platform and ...

    • Setting up Webhooks for Securin ASM Alerts in Chat Applications

      Setting up Webhooks for Securin ASM Alerts in Chat Applications The Securin ASM platform now offers a notification feature that enables users to receive alerts and updates directly in their preferred chat applications. To utilize this feature, users ...

    • ASM - Group Actions

      Group Actions Create Group Groups can be used to organize subsidiaries, vendors, departments, agencies, and other entities within a selected workspace. Here is how you can Create Groups: Navigate to the Groups View within a selected workspace. You ...

    • Signing in to Securin

      Logging into Securin Using an Email and Password Overview: How to log in to Securin using an email address and password. Navigate to app.securin.io. Enter your credentials and click Sign In. Logging into Securin Using Single Sign-On Overview: How to ...

    • Account Homepage Actions

      There are a few actions that only the Account Manager can perform on the Account Homepage. We'll take a look at them in this section. The Securin Homepage Actions Switching Accounts The Account User option on the top right corner shows the details of ...