Copyright

© 2021 Outpost24® All rights reserved. This document may only be redistributed unedited and unaltered. This document may be cited and referenced only if clearly crediting Outpost24® and this document as the source. Any other reproduction and redistribution in print or electronically is strictly prohibited without explicit permission.

Trademark

Outpost24® and OUTSCAN™ are trademarks of Outpost24® in Sweden and other countries.


Release Date: 2021-01-27

Version: G.4.23-26.0



The Data Processor Agreement has changed

The updated DPA can be found at outpost24.com/legal.

Advanced Notice on SWAT

In the coming months, we are migrating the currently separate SWAT functionality of the Portal fully into the portal. Once this change is complete customers will be able to benefit from the capabilities and functionality of the portal - such as role based access control and being able to clearly identify which applications are using what type of license (SWAT, Snapshot, Assure). When we are ready to announce the release, we will provide a comprehensive overview of the functionality. If you want to be kept informed and provided with more details ahead of the release, contact Support or your Account Manager. 

Advanced Notice on Proxy Detection

From February we are improving the way we detect Proxy Servers and also improving the way we interact with them.

For Netsec scans of Forward Proxies, this will lead to better detection, faster scanning, and we will no longer add large numbers of entries into proxy logs

For Netsec scans of Reverse Proxies using those policies derived from the 'Normal' or 'Normal + Webapp' policy we will have a better detection of the proxy and be able to test the proxy itself, rather than the servers which may be beyond the proxy, concentrating on scanning the infrastructure. We always advise that, if the Web Application is critical to be scanned, then our Appsec suite of products is more suitable.

New Features

Changes to the way we report Netsec findings

As noted in previous Release Notes, we are continually improving our scan engine and the ways we report findings. We also collaborate with customers who provide valuable feedback on how we report certain findings to ensure that we can provide the best possible information, tied to the highest accuracy we can achieve. We also want to ensure we remove all possible confusion from findings and how we find them.

Based on feedback from a large number of customers, we are breaking out the Gathered Information for some findings when scanning with multiple Virtual Hosts.

In scans running with the Normal or Normal with Webapp policy (or derived from these):

Netsec Findings

Previously
Report
one finding per port with all vhosts listed in the vhosts column.

Now
One findings for each vhost and port combination.

Webapp Findings

Previously
One finding per vhost and all ports (Port listed as Generic).

Now
One findings for each vhost and port combination.

This may therefore result in an increase in findings during a scan as we are reporting separately for each individual vhost. If an affected finding has previously been marked as an Accepted Risk, there will instead be separate findings for each of the included vhost and port combinations, allowing much greater granularity in risk evaluation and remediation.

Bug Fixes and Minor Improvements

Netsec

  • Fixed an issue with PCI scans where all targets were regarded as new for the license count, occasionally resulting in a license error.
  • Fixed an issue where scanning an AWS ELB may not trigger an Event Notification.
  • Fixed an issue where filtering is not working when a report target is an AWS ELB.
  • Fixed an issue where release note notifications emails may not have been sent to all sub-account holders.
  • Resolved an issue with SLS scans not running where a DNS lookup may have been required and was timing out.
  • Fixed an issue where exported trend graphs had the potential not to show all information.
  • Updated the link in release notes notifications to point to the new Knowledge Base release note location.
  • Fixed an issue where exporting a report, the LastSeen date may not be set for all new findings.
  • Fixed an issue where DNS lookups would fail when using a Scanner Group for the local scanner.
  • Added authenticated identification of AS400/OS400.
  • Added a new 'System Identifiers' finding which gathers together potential name identifiers for the system being scanned.

Appsec

  • Fixed a potential issue with feedback permissions when completing scoping requests.
  • Fixed an issue with SWAT discussions in Portal where they may be misidentified as False Positives.

End of Life Announcement

Elastic Workload Protector (EWP)

Elastic Workload Protector (EWP) is now EoL and EoS. Customers still using EWP will be renewed and migrated to Cloudsec Inspect which has the same feature set. Your sales representative will contact you to prepare the migration.