Internet Scanner - Phase 1

1. Allows users to get accurate open ports and services running on those open ports.
   

Other Enhancements

1. Enable multi-workspace ID as a request for the /accountSummary API.
   

Other Enhancements

1. Provided user access to the account management page in case of blank accounts.
   
2. Moved Social Media icons to a central location.
   
3. Added unsubscribe email across all email templates.
   
4. Implemented queues for reporting.
   
5. Removed platform-level implementation flags.
   

Age Sort - Bug Fix

1. Allows users to sort exposures based on age.
   
2. Users can leverage this feature to find exposures in the most recent scans, e.g., data breaches.
   
3. This feature works only on open exposures; closed exposures will be part of future releases.
   

Other Enhancements

1. Users can delete a removed asset.
   
2. Report Template Changes:
   
1. Executive Summary - Address changed.
   
2. Detailed Summary - Social Media Handles.
   
3. Recommendation change for SSL Exposure: “SSL Expiry longer than best practices.”
   
4. Feature tip expands and collapses - Manage Seeds and Notifications.
   

Configurable Domain Discovery

1. Flag in the backend signifies at the seed level whether to go for a Lite scan or Extended scan.
   
2. Extended scan will be the default scan for a seed asset.
   

Tech Debt Items

1. Dal service Pipeline moved to AWS ECS.
   
2. ALT DNS pipeline would not get an out-of-memory exception.
   
3. Solved the issue - Scan Cadence overridden based on the account ID.
   

1. ElasticBeanstalk.Environment
   
2. Lambda.Function
   
3. Lightsail.Instance
   
4. DAX.Cluster
   
5. DocDB.DBInstance
   
6. DocDB.DBCluster
   
7. Neptune.DBCluster
   
8. RDS.DBCluster
   
9. RDS.DBInstance
   
10. Redshift.Cluster
    
11. EC2.VPNConnection
    
12. EC2.CustomerGateway
    
13. Serverless.Application
    

API Endpoint Enhancements - Multiple Workspaces

1. Enables users to query data across multiple workspaces from within an account.
   
2. Users can query for one, multiple, or all workspaces within an account.
   
3. Cross-account queries are not allowed.
   

Ticketing Integrations - Attachments

1. Offers users additional context on exposures within the ticketing system.
   
2. Provides the ability to attach one or several exposures to a ticket.
   
3. Allows for attachments to tickets, attaching the Exposure Export to the ticket.
   
4. Available for all ticketing integrations.
   

Enhancements

1. Provided port override that covers around 30 services, such as HTTP, auto, plc5, and SSH.
   
2. Added additional analytics to the Manage Seeds and Import Data pages.
   

1. Assets coming in from the AWS connector are categorized as monitored assets.
2. Assets coming in from ASM scans are categorized as unmonitored assets.
3. Assets common to both AWS connector and ASM scan are categorized into monitored assets.
4. Added new KPIs to the Asset List view.
5. In reports, added a new column for asset management and eight new columns for assets fetched from the AWS connector.
   

Redefine Description Template in Ticketing Integrations

1. Users can get the entire information of an exposure in the description.
2. Introduced a new description template used while creating a connector.
3. Users can view the raw JSON data of an asset coming through the AWS connector.
   

Delete Group

1. Users can now delete the groups and all the assets and exposures under them.
2. Introduced a warning message highlighting the hard delete of selected assets and exposures of the group.
3. Groups cannot be deleted if active integrations are enabled (cloud and scanner).
   

New Filters in Exposure List View

1. Introduced the closed-on filter in the exposure list view, which will be beneficial for users to filter closed exposures with from and to date ranges.
2. Introduced the closed-by filter in the exposure list view, which will be beneficial for users to filter closed exposures with the multi-select option.
3. Introduced the closed-reason filter in the exposure list view, which will be beneficial for users to filter closed exposures with the multi-select option.
   

Enhancements

1. Admin users can now invite users and generate credential intel reports.
2. Tenable.io was renamed to Tenable Vulnerability Management.
3. Seed domains can be added as long as they have an NS mapping.
4. Users can create Tenant-specific API keys in the Security section.
5. Dashboard APIs and Asset APIs can accept multiple workspace IDs.
   

Bugs

1. Fixed the issue where the PAM user role is not upgraded from the Account Manager role.
2. Fixed List view export failure when the selected count is more than 100.
3. Fixed the ticketing URL column value mismatch in the list view exports (in DNS health risk vector).
4. Addressed where some URLs were not refreshed.
5. Added a handler for a URL that goes into an infinite redirect loop.

AWS Asset Detailed view

1. Users can view cloud specific details for an asset discovered through AWS connector.
   
2. New section of Additional information in the asset detailed view of an AWS asset.
   
3. Users can view the raw JSON data of an asset coming through AWS connector.
   

Manage Seeds Enhancements

1. Workspace name and Group name added on UI and API response when the seed asset is a duplicate asset.
   
2. Warning message highlighting the hard delete of selected seed and duplicate seed(if any) while removing the seed asset.
   
3. Seeds in processing state cannot be deleted.
   

Filters - Breach Age and Name

1. Introduced breach name filter in the exposure list view that will be beneficial for user to filter data leaks exposures.
   
2. Introduced breach age filter which help the user to filter based on the breach age of the email.

Enhancements

1. Introduced a confirmation pop-up when navigating to other screen while editing configuration rules.
   
2. Improved Data leaks cycle time. 20X throughput increment.
   
3. Renamed Top Exposures dashboard widget title as Top 50 Exposures.
   
4. Removed the disclaimer section in Exposures breakup widget.
   
5. Rephrased the text for adding tags as "Propagate this Asset Tag to All the Associated Exposures".

Bugs

1. Fixed the issue where the PAM user role is not getting upgraded from account Manager role.
   
2. Fixed List view export failure when selected count is more than 100.
   
3. Fixed the ticketing URL column value mismatch in the list view exports (in DNS health risk vector).
   
4. Addressed where some URLs were not refreshed.
   
5. Added a handler for a URL that goes into an infinite redirect loop.
   

ASM-as-API 

1. Enhanced the List Workspaces API to accommodate Multiple Workspace ID should be passed in it - GET api/v1/listWorkspaces
   
2. Added Asset criticality ID parameter in the Update Asset Criticality APIs so the user can use the codified values in PUT api/v2/assets/criticality and the older POST /api/v2/updateEntityCriticality

UX Enhancement

1. Minor UX enhancements for the Configurable Checks page.
   
1. Introduced Expand/Collapse in the feature tip on the Rules Page.
   
2. Change in color codes for the disabled checkbox.
   

Release 24.6.1 [June 13, 2024]

Release 24.5.2 [May 25, 2024]

Unified Login Page

Features/Enhancements

1. Added Filter to Filter by Assignee, which is available if the ticketing system is enabled.
   
2. Integrated Azure DevOps Ticketing System with Securin ASM. Users can now natively connect with three ticketing systems: Jira, ServiceNow, and Azure DevOps.

Bug Fixes

1. Network Scanners: Handling Empty scanner files.
   

Release 24.4.1 [April 22, 2024]

Release 24.3.2 [April 2, 2024]

Features/Enhancements

File Upload

1. Provisioned file upload option for Account Manager and Admins in the Reports page, making it possible to manage and share documents related to reports.

Tenable Integration

1. Enabled the Tenable connector in the platform.

Updated the Monitoring Frequency of Deep and Dark Web Data 

1. Updated the monitoring frequency of Deep and Dark Web data for every scan instead of a monthly refresh.

UI Enhancements

1. Enhanced shadow effect while hovering, font styling of table headers in asset and exposure list view.
   
2. Re-skinned the Open Exposures by Age and Severity Widget in the Analyst Dashboard.
   
3. Optimized column spaces for the Breach information table on the Exposure Detail page.

Bugs

1. Resolved the issue where deactivated/disabled IPs were retained as active in the platform.
   
2. Fixed sorting issues in the list view of Assets and Exposures.
   
3. Fixed the pagination issue that was getting reset when navigating to the Detail view.
   
4. Addressed minor issues in the Omnisearch functionality.
   
5. Optimized the efficiency of the redirect script to increase the coverage of valid redirect identification.

Scanner Bug Fixes

1. Corrected the reconciliation issue for on-premises network scanners, where findings were not closed even when not available in the next scan.
   
2. Implemented restrictions for manually resolving Scanner findings.
   
3. Fixed the issue where Exploits Data were not populating for scanner-related findings.
   
4. Corrected Reference links that were not populating in the findings from scanners.
   
5. Fixed the issue where only partial solution was populated from the Nessus scanner.
   

Release 24.3.1 [March 19, 2024]

Delete Seed

1. Added the option to remove seeds from the Manage Seeds page, enabling the self-serve removal of seeds and their derivatives and clearing duplicates/invalid seeds from the seeds page.
   

Scanner File Upload

1. Increased the maximum file upload size for scanners from 20 MB to 500 MB.
   
2. Resolved the issue causing uploaded files to remain in the processing state.
   
3. Updated the platform to support .xml file format for scanner file uploads.
   

Dashboard and UI Enhancements

1. Enhanced dashboard UI for spacing optimization.
   
2. Applied camel case to the navigation bar and widgets for improved readability.
   

Bug Fixes

1. Corrected the status mismatch between the list view and the detailed view of some exposures.
   
2. Addressed false positive findings in DNS Zone Transfer.
   
3. Fixed incorrect expansion on non-contiguous subnets.
   
4. Resolved the issue where hosts created from a redirect URL failed to include IP/PORTs in the first scan.
   

Release 24.2.1 [March 1, 2024]

Executive Dashboard

1. Improved Plaintext Password Visibility: Introduced a new Key Performance Indicator (KPI) in the executive dashboard, tracking the number of plaintext passwords identified by ASM. This enhancement gives users valuable insights into security vulnerabilities, enabling prompt action to strengthen system security.
   

Bug Fixes

1. Pipeline Efficiency Enhancements: Fixed pipeline bug for smoother and more efficient whois detail data retrieval, enhancing overall job workflow.
   
2. Redirect Check-Null Pointer Exception Handling: Resolved a critical bug causing null pointer exceptions in the redirect check feature, ensuring accurate asset refresh and uninterrupted asset monitoring.
   

Other Enhancements

1. Minor UI Enhancements
   

Release 24.1.2 [February 19, 2024]

1. Accounts of Contract Type: Free
   
2. Subscription Type: Via Partner

1. Users can now review the count of affected assets and exposures associated with the account before performing a hard delete.
   

1. Deleting the default account for multi-account users now automatically assigns a new default account.
   

1. Recon Pipeline Optimization
   
1. Improved performance of the reconciliation pipeline for faster processing.
   
2. SSL False Positive Addressing
   
1. Resolved issues related to false positives in the SSL pipeline, particularly for IPs mapped to multiple hosts.
   
3. UUID Special Character Removal
   
1. Previously generated UUIDs required encoding to receive proper responses. Fixed this issue by removing special characters from the UUID string.
   
4. Seed Domain Removal
   
1. Fixed issues associated with the removal of seed domains.
   
5. Nessus File Upload Count Mismatch
   
1. Corrected discrepancies in the count when manually uploading Nessus files.
   

1. Redesigned status icons.
   
2. Implemented distinction between clickable and non-clickable numbers on dashboards.
   
3. Improved User Management page load speed for multi-account users.
   

1. Ensured the Last seen date gets updated for port-loaded assets.
   
2. Sorted issues encountered for bulk asset addition during Port load.
   
3. Added handler to queue user actions performed when the seed refresh was in progress.
   
4. ‘api/v2/CreateNewAccount’ returns 200 when the seed domain matches.
   

Release 23.10.1 [November 6, 2023]

1. Seed Types: Add various assets as seeds, including Hosts, Domains, URLs, APIs, Netblocks, and ASNs to your platform, enabling precise, independent monitoring, and flexibility in asset discovery. This is also emphasized by the ‘Add Domain’ button transitioning to ‘Add Seed’ on the landing page.
   
2. Flexible Account and Workspace Modelling: Customize your accounts and workspaces using asset types of your choice, allowing tailored asset management and monitoring for enhanced cybersecurity.
   
3. Enhanced Discovery: We've enhanced our netblock discovery to uncover any IP with an open port, enabling comprehensive asset discovery for a deeper understanding of your digital landscape and potential vulnerabilities. Explore complete IP details, including Whois information, Internet Exposed Services, and PTR (rDNS) records, within the IP detailed view.
   
4. Notifications Revamp: Notifications are now aggregated at the workspace level, streamlining alert management for a more simple and efficient experience.
   
5. AWSD: Assets and exposures no longer have to be associated with a preexisting domain, providing greater flexibility.
   

1. Rolled out Breach Intel Information from the Dark and Deep Web
   
1. Implemented additional breach intel capabilities including plaintext passwords and PII in the Data Leaks Risk Vector
   
2. Implemented a new metric "IP Breach Detected", for IPs where the Botnet has compromised an External/public-facing machine
   
3. Implemented a new Report "Breach Intel" which will contain leaked passwords that were found in the Dark and Deep Web
   
4. Introduced a distinct icon representation in the List and Detailed views for Credential Intel, Password leaks, and Botnet Breach
   
2. Revamped  Account Management - Internal Feature
   
1. Account management revamped to enable seamless Account Creation
   
2. Implemented Search, FIlters, and Exports in Account Management