Improvements to the attack surface overview

We’ve made several improvements to the attack surface data visible from the overview, such as new IPs and both covered and uncovered assets. We’ve also improved your interaction with fingerprinted technologies across your attack surface.

New data visible from your overview

We know that getting the latest information about your attack surface helps your team stay in control by responding quickly to new vulnerabilities and exposures. Previously, users could get information about newly detected technologies, vulnerabilities by severity, and assets with the most vulnerabilities, to list a few data points. Users can also see IP data from the overview, such as newly detected hosting providers and IP addresses.

Have you ever wondered what Detectify is covering? Users can now see the number of root assets and subdomains we’re continuously monitoring and, more importantly, what we’re not covering. This new feature will allow you to quickly expand your attack surface coverage from the overview.

Improving how you work with fingerprinted technologies

New technologies are bound to be discovered as your attack surface grows. Identifying these new technologies is challenging and usually requires manual work from your team. It is now possible for you to see new technologies detected on your attack surface from the overview.

We’ve also improved your interaction with technologies discovered across your attack surface so you can quickly take action where needed. We’ve now added the ability to group your technology view by version, which allows you to see all unique combinations of your fingerprinted technologies and their different versions.

Additional product updates:

• We’ve made some improvements to Surface Monitoring, such as filtering assets that are actively monitored by Surface Monitoring and enabling monitoring of assets.
• We’ve updated the recipe template for Jira so that you can import all open vulnerabilities without risking duplicates.
• We’ve added a new integration recipe that allows sending emails to your preferred email address for any new vulnerabilities found on your Attack Surface. Please note the email will come from this email address mailer@eu.workato.com.
• We’ve added the ability to send alerts for any newly discovered domains or subdomains to your preferred system. We’ve also added a template Integration recipe for how to set this up for Slack.
• A new parameter to the assets API endpoint called include_subdomains allows all subdomains to be included in the response, not just the roots. 

We publish product release notes on this blog every few weeks. If you’d like to review the latest releases to Detectify as they are shipped, follow this link to sign up to get notified: https://changes.detectify.com/en.