Release Notes March 2019

Release notes: 2019-03-28

Version: G4.4-2.0

The following material is proprietary to Outpost24. This material may not be disclosed in any manner to anyone other than the addressee and employees or authorized representatives of Outpost24.

Important Notice

As our business grows, and with more customers joining us, it has been necessary to grow our infrastructure accordingly to ensure we can continue to offer an ever-improving level of service to our customers.

To meet these needs, it has been necessary to extend the IP range from which scanning may originate.

The additional IPv4 range from which scans may originate is:

80.254.228.0/22

This is in addition to our existing network range of:

IPv4:

91.216.32.0/24

IPv6:

2001:67c:1084::/48

These IP ranges are exclusive to Outpost24, and any IPS whitelisting for PCI ASV scans should include these new ranges.

This information will also be available in the Support > Resources area of Outscan.

Netsec Performance Improvements

After the February release, as part of the ongoing performance improvements to Netsec (Outscan/HIAB) we will be removing information about which scanner was used from the findings in the report tool by default. Customers who wish to continue to see this information should reenable the column in the targets panel.

New Features

Appsec

Ability to submit applications for scoping
New credential storage and submission for scoping purposes
Lua examples available on /examples
SWAT Automated data retention guidelines

Scout

Discovery renamed to Scout
Added new dashboard
Improvements on the UI

Datasec

Availability on Netsec appliances (HIAB)

Netsec

PCI compliance improvements

RESTFul API (Beta)

A number of additional changes, enhancements and end points have been added to the API. Detailed information on the new functionality can be found in the API Documentation located here: https://outscan.outpost24.com/opi/rest/openapi.json

Vulnerability Detection

Added detection for vSphere client
Added detection for Tanium client
Added detection for FireEye Endpoint Agent
Added detection for Carbon Black Protection
Added detection for McAfee endpoint products
Added active detection for Drupal RCE (CVE-2019-6340)
Improved detection of SMTP
Improved detection of Heartbleed
Resolved bugs related to Hadoop checks
Resolved bug in Adobe Acrobat Reader DC detection
Resolved bug related to FTP service fingerprinting
Resolved bug where portscanner SSH verification could fail
Resolved bug where the "SSH Authentication Failed" rule could trigger despite valid credentials

Compliance

Added compliance policy for Microsoft SQL Server 2016
Resolved bug in hardening policy for Red Hat Enterprise Linux 7 Benchmark v1.1.0

Web Application Scanning

Improved detection of database error messages
Resolved bugs related to various product detection
Resolved minor bugs related to X-Content-Type-Options

Bug Fixes and Minor Improvements

Internal granular time limit settings for SWAT tasks
Redesigned Service details and Asset details
Moved attributes in the output from GET /appliances/images to the root of the image object
Removed limitation of 2 levels for reporting
Improved permissions handling
Removed HTTP code in error message
Fixed Live status when scan fails
Fixed sending event information other than email
Added check for credential submission
Fixed some EWP API authorization
Updated some EWP Libraries

End of Life Announcement

Elastic Detector (ED)

Elastic Detector assessment features will be merged into Outscan and HIAB products. We are now formally announcing both the end of life and end of support dates for Elastic Detector.

Official End of Life date: 31th December 2018
Official End of Support date: 30th June 2019

We recommend all remaining Elastic Detector customers to contact their account managers to discuss upgrading to Outscan and HIAB as soon as possible and no longer than the formal end of life date.

Legacy Syslog Implementation

The current syslog implementation is undergoing a number of changes to correctly follow the necessary RFC’s (RFC5424 & RFC3164). We are formally announcing the end of life of the current syslog implementation. The current implementation will still be active until this time.

Official End of Life date: 25^th September 2018
Official End of Support date: 26^th February 2019

Appsec Scale UI and Swat UI EOL

The Scale Classic UI has now been removed from the Outscan Portal. The SWAT Classic UI will continue to be available for an additional three months before it will be deprecated. Currently we expect this to happen in June 2019.

_Copyright

_{© 2024 Outpost24® All rights reserved.}_{This document may only be redistributed unedited and unaltered. This document may be cited and referenced only if clearly crediting Outpost24® and this document as the source. Any other reproduction and redistribution in print or electronically is strictly prohibited without explicit permission.}

_Trademark

_{Outpost24® and OUTSCAN™ are trademarks of Outpost24® and its affiliated companies. All other brand names, product names or trademarks belong to their respective owners.}