Introducing Dynamic API Scanning
Application environments are more complex than ever, with APIs forming the critical connective tissue. But this proliferation has created a vast, often invisible, attack surface. …
We know that managing SSL/TLS certificates across hundreds – or even thousands – of Internet-facing assets is often a manual job for most security teams. Certificates that have expired, for example, offer an excellent opportunity for malicious actors to execute a variety of hacks (in some instances, even a MITM attack) and can also put sites at risk of becoming inaccessible.
We’re excited to share that automated SSL/TLS certificate assessments are now a part of Surface Monitoring. This new feature will save your security team time and reduce the risk of various certificate issues occurring across your attack surface.
A few weeks ago, we launched Groups to all of our users. Many of our users have attack surfaces that are made up of hundreds of thousands of assets which are nearly impossible to manage. Add vulnerabilities and risks to that equation and you suddenly have a problem that your existing security tech stack can’t solve.
Groups make it easier for security teams to organize assets, such as a cluster of domains, so that you can get detailed vulnerability and risk information about those specific assets.
To set up your first group:
Groups are created using the following assets: APEX, subdomains, or IP addresses. After you’ve created a group, you will be able to see specific information about those assets from the Attack Surface and Vulnerabilities view. Check out our latest product release webinar to get a demo of Groups.
Here is a list of all new modules that have been recently added from our community of ethical hackers. You can find a complete list of new vulnerabilities added to Surface Monitoring and Application Scanning by viewing the “What’s New?” section in-tool.
Log in to get an overview of what is exposed on your attack surface. If you’re not using Detectify, consider trying it out by signing up today.
Application environments are more complex than ever, with APIs forming the critical connective tissue. But this proliferation has created a vast, often invisible, attack surface. …
The average organization is missing testing 9 out of 10 of their complex web apps that are attacker-attractive targets. To address this, we’re launching new …