Release Date: 2022-10-04

Version:  8.3.1.1.el7


New Features

Appsec

AppSec changes affecting the SWAT, Snapshot and Assure offerings.

Over the past year we have been working hard in the background to improve the way we identify and store application assets, providing more ways to identify uniqueness.  This work allowed us to integration the AppSec services into the portal in a more unified way.  We are pleased to announce that as part of the September release, a number of improvements are being released to allow us to achieve that goal of unification.  As such the following changes will be available to our AppSec customers.

  • AppSec assets, specifically those assets that are either currently, or have previously been subject to an AppSec service is now displayed in the Assets tab of the Portal.
  • Findings for these assets is also displayed in the findings view with a source of AppSec.
  • A new Web application view has been added which provides customers with the ability to see all of the AppSec assets in logical grouping based on the Web application and any instances. This view provides information on the web applications such as how many findings exist, when the last finding was reported, how many have been fixed, when the last finding was marked as fixed, as well as trending information over time on the remediation efforts made by your organization. Note that the trending graphs may initially not show complete trends until trend information is gathered over the coming months.
  • A new comment system which allows organizations to specifically send comments or questions to the AppSec team, comments are displayed in reddit style threaded conversations and indicate those that are sent to the AppSec team or those that are marked specifically for internal (your organization) only. Note you cannot mix and match the destination (Outpost24 or internal) in a single thread.
  • An improved verification process which gives better feedback in the findings view of which findings have been marked for verification, which have been verified fixed or verified and still open.

This marks the first of a number of improvements being made to the Portal for our AppSec customers and we welcome feedback on these initial changes via the Support desk or your Account manager.

Appsec details

  • Integrate SWAT configs, services and findings with the new Appsec Portal.

  • Improve SWAT visualization of data collected for a customer.

  • Portal - Verification should be sent to Appsec team.

  • Portal - Support Discussions for Appsec in the comments section.

  • SWAT Internal - Make account list more reader friendly.

Farsight

Over the last twelve months we have engaged with many of our customers on the Farsight risk based vulnerability management module we released in early 2020. One of the pieces of feedback related to the likelihood score, which provides a risk indicator out of a 38.46 score for each vulnerability. Customers indicated that this was a ‘hard’ number to understand and communicate to remediation teams and senior managers and would much prefer a more logical 1 – 100 (or similar) score.  In Mid 2021 we release the Farsight risk score which is a percent value shown between 0 and 1. Today we are pleased to announce some upcoming changes to the Farsight module.

  • Firstly, in the October release we will be changing the way we show the Farsight risk score to a value between 1 and 100, removing any lingering confusion the score may cause. 
  • Secondly, we are announcing the deprecation of the Likelihood score and likelihood delta. These will be removed from the platform  by the January 2023 release.
  • Thirdly, we will be adding additional information to help customers understand why a vulnerability has been risk rated, such at the number of threat actors using the vulnerability, how many mentions the vulnerability has and other elements. These will be announced in due course.

Bug Fixes and Minor Improvements

Netsec

  • Fixed mapping for business criticality when importing targets.

  • Fixed Out of memory when sending findings to external database.

  • Fixed import failed on HIAB.

  • Fixed validation of email on user creation.

  • Fixed access denied when editing target.

  • Fixed Reportservice with external database.

  • Changed column "last-tested" data to display time ago format.


  • Resolved minor issue related to Default Credentials checking over FTP.
  • Resolved rare false positive related to Radmin.
  • Reworked detection of Microsoft SQL Server.
  • Reworked detection of SAP NetWeaver CVE-2020-6287.
  • Added detection of Office when installed from the Microsoft Store.
  • Added detection of FortiClient and its vulnerabilities.
  • Added detection of improper TLS downgrade protection (TLS_FALLBACK_SCSV).
  • Added detection of Atlassian Bitbucket.
  • Added detection of WSL extension in Visual Studio Code.
  • Added detection of NXLog.
  • Added detection of Cisco Identity Services Engine.
  • Added detection of Nasuni Filer.
  • Improved check for directory traversal vulnerabilities.
  • Improved detection of common Diffie-Hellman primes.
  • Improved detection and distinction of Cyberoam and Sophos devices.

Appsec

  • Fixed "Asset" and "Asset name" columns being empty in the Scans view.

  • Fixed removing subscription from webapp doesn't unlink it.

  • Changed layout in new-findings-summary to accommodate for scaling.

Unified View (beta)

  • Fixed finding details in dark mode in Unified UI.

End of Life Announcement

SWAT Classic UI

We are announcing the End of Life of the SWAT Classic UI. Due to feedback from customers we have extended the end of Support date for the SWAT Classic UI to 31st December 2022. We do not envision extending support further.

  • Official End of Life date: 31st March 2022.
  • Official End of Support date: 31st December 2022.




Copyright

© 2022 Outpost24® All rights reserved. This document may only be redistributed unedited and unaltered. This document may be cited and referenced only if clearly crediting Outpost24® and this document as the source. Any other reproduction and redistribution in print or electronically is strictly prohibited without explicit permission.

Trademark

Outpost24® and OUTSCAN™ are trademarks of Outpost24® and its affiliated companies. All other brand names, product names or trademarks belong to their respective owners.