Significant changes to attack surface overview and many new tests

The new attack surface overview puts the changes and potential risky exposures to your attack surface front and center. But that’s not all we’ve shipped in February. We’ve improved our Azure domain connector, simplifying onboarding for those users, and sent dozens of new vulnerability tests, such as CVE-2024-27199: TeamCity Authentication Bypass and CVE-2024-21893: Ivanti Connect Secure, Policy Secure SSRF.

Spot changes to your attack surface from a single view

Detectify continuously discovers and monitors customers’ attack surface for changes that could lead to potential risky exposures. Exposures include newly fingerprinted technology that may not be approved for use or even a cloud service provider that a user might not recognise. These exposures signal security practitioners to take steps to mitigate these risks that could lead to vulnerabilities. Detectify’s new overview now makes it possible for users to see changes to their attack surface over various periods, which will help spot risks and support post-incident investigations.

Smoother onboarding of the Azure domain connector

About 1 in 3 organizations today use at least two or more cloud providers to run their business (including  Detectify). We know that getting the most out of Detectify means that users need a simple and efficient method to connect their DNS data to our platform to benefit from our continuous monitoring of their attack surface. Now, if you don’t provide any Subscription ID and give read access to the subscriptions, we will loop through all subscriptions and add all resources.

Additional product improvements 

• Issue found with port scanning resolved. A recently identified problem in the Surface Monitoring port scanner causing data loss in scanned ports has been resolved. With this issue resolved, you might notice ports having reappeared as open or new ones appearing available when they were previously not, and some might see specific vulnerability findings appear or reappear.
• Newly discovered vulnerabilities available with PagerDuty integration. We’ve now added the ability to integrate Detectify with your PagerDuty account. With this, we have also added a recipe template that helps you get started with triggering incidents in PagerDuty for newly found vulnerabilities.

Newly added tests

Want to learn about the tests we shipped? Here is a snapshot of a few new tests we shipped throughout February:

• Adobe ColdFusion Directory Listing
• Atlassian Confluence Macro ‘linking’ SSRF
• ConnectWise Setup Exposure
• CVE-2014-0030: Apache Roller XXE
• CVE-2019-0232: Apache Tomcat RCE
• CVE-2024-27199: TeamCity Authentication Bypass
• CVE-2024-27198: TeamCity CI Authentication Bypass
• CVE-2024-21893: Ivanti Connect Secure, Policy Secure SSRF and Neurons for ZTa

Read more about all of the vulnerability tests we shipped so far here.

We publish product release notes on this blog every few weeks. If you’d like to review the latest releases to Detectify as they are shipped, follow this link to sign up to get notified: https://changes.detectify.com/en.