Search Go hack yourself with Detectify

An EASM blog from Detectify

Automated certificate assessments now possible

Victor Arellano / April 5, 2023

Certificate assessments across the attack surface

We know that managing SSL/TLS certificates across hundreds – or even thousands – of Internet-facing assets is often a manual job for most security teams. Certificates that have expired, for example, offer an excellent opportunity for malicious actors to execute a variety of hacks (in some instances, even a MITM attack) and can also put sites at risk of becoming inaccessible. 

We’re excited to share that automated SSL/TLS certificate assessments are now a part of Surface Monitoring. This new feature will save your security team time and reduce the risk of various certificate issues occurring across your attack surface.

The following assessments are now live:

  • Expired certificates – Checking if the date of expiry for a certificate has passed.
  • Common name mismatch – Checking if the domain/IP in question (mis)matches the domain/IP specified on the issued certificate.

Organize assets according to how your team works together

A few weeks ago, we launched Groups to all of our users. Many of our users have attack surfaces that are made up of hundreds of thousands of assets which are nearly impossible to manage. Add vulnerabilities and risks to that equation and you suddenly have a problem that your existing security tech stack can’t solve. 

Groups make it easier for security teams to organize assets, such as a cluster of domains, so that you can get detailed vulnerability and risk information about those specific assets.

To set up your first group:

  1. Log into Detectify and select “Organizations” from your account dropdown menu.
  2. Select “Groups” from the top menu tabs.
  3. Then, select the “Create group” black button and enter some descriptive information about your group, such as a title.

Groups are created using the following assets: APEX, subdomains, or IP addresses. After you’ve created a group, you will be able to see specific information about those assets from the Attack Surface and Vulnerabilities view. Check out our latest product release webinar to get a demo of Groups.

Additional product updates:

  • You can now save filters on the vulnerabilities page in order to easily access them later. This is useful for quick access to data sets that you might want to return to often, like the basis for a monthly report or to monitor your flagship brands (for example, by combining a group with specific severities).
  • “Scan status” and “Scan profile” endpoints are now available via the API. Users now get access to information about the latest scan even if the scan has already ended. Examples include errors and warnings, such as a lacking IP address or recorded login failures.

Recently added crowdsourced vulnerabilities

Here is a list of all new modules that have been recently added from our community of ethical hackers. You can find a complete list of new vulnerabilities added to Surface Monitoring and Application Scanning by viewing the “What’s New?” section in-tool.

  • CA SiteMinder DOM XSS
  • CVE-2023-28432: Information Disclosure in Cluster Deployment
  • CVE-2023-23752: Improper Access Check In Webservice Endpoints
  • CVE-2023-0669: GoAnywhere RCE
  • CVE-2023-0126: SMA1000 Sonicwall Pre-Authenticated Path Traversal
  • CVE-2022-47966: ManageEngine RCE
  • CVE-2022-44877: Centos Web Panel RCE
  • CVE-2022-39195: L-Soft LISTSERV Reflected XSS
  • CVE-2022-21587: Oracle Oracle E-Business Suite RCE
  • CVE-2022-0188: Coming Soon & Maintenance Plugin by NiteoThemes < 4.0.19 – Unauthenticated Arbitrary CSS Update Vulnerability
  • CVE-2022-0234: WordPress WooCommerce Currency Switcher XSS
  • CVE-2018-11409: Splunk Server Info Disclosure
  • CVE-2017-17736: Kentico CMS Privilege Escalation via Installer
  • Apache Struts OGNL Console & devMode
  • Apache Struts ShowCase Application Exposure
  • Atlassian Jira Installer Exposure
  • Avaya Aura Utility Services Administration RCE
  • Avaya Aura Utility Services Administration XSS
  • Brandfolder XSS
  • Dolibarr “phpinfo.php” Exposure
  • GLPI session disclosure
  • Joomla! Registration Enabled
  • Nagios XI installer exposure
  • SiteMinder XSS
  • Vmware Cloud Director XSS

Already using Detectify?

Log in to get an overview of what is exposed on your attack surface. If you’re not using Detectify, consider trying it out by signing up today.