Ostorlab Team
Objetive C instrumentation, detection of insecure data storage, Regex DoS, and multiple bug fixes.
This update significantly improves objective-C instrumentation, adds new detection for insecure data storage and Regex DoS, and ships multiple bug fixes.
Mon 15 April 2024
Ostorlab KEV update for 02 April 2024
New vulnerabilities added to Ostorlab known exploited vulnerabilities catalog
Tue 02 April 2024
Detection of Apple's Privacy Manifest, liblzma backdoor, and Attack Surface fixes.
This update introduces fixes for the Attack Surface, detection for the liblzma backdoor, and a public store for agents.
Mon 01 April 2024
Addition of CSS Injection Detection, ARM64 support, and migration of Agent's Docker Images.
This update introduces fixes for the Attack Surface, migration of Agent's Docker Images to Docker Hub, enhanced detection capabilities for vulnerabilities, and support for ARM64 architecture in OSS.
Mon 25 March 2024
Security Landscape of Mobile Banking Applications in North America
This article examines the security of mobile banking applications in North America, uncovering widespread vulnerabilities and the urgent need for enhanced cybersecurity measures. It highlights the fast-paced technological advancements in the sector, alongside challenges such as supply chain vulnerabilities and the adoption of potentially insecure programming practices.
Exposed Scan PCAP and JIRA custom Mapping
This update introduces a series of new features related to the IDE, Jira integration, OXO, and many improvements to the platform.
Latest posts
Enhancements to the Open Source CLI, Platform, and Detection.
This update introduces various improvements to the XSS scanner, the functionality of the open-source CLI, and monitoring rule creation.
Mon 11 March 2024
Ostorlab KEV update for 11th March 2024
New vulnerabilities added to Ostorlab known exploited vulnerabilities catalog
Mon 11 March 2024
Attack Surface, Remediation, Automation Rules, and Detection improvements
This update introduce a series of updates aimed at enhancing user experience, platform improvements, and bug fixes across various features.
Mon 04 March 2024
OXO Open-Source Improving
The latest update of OXO open-source introduces substantial improvements, providing users with faster startup and execution times. Additionally, this update enhances search capabilities in the CLI for more effective querying. Users now also benefit from increased customization options, including the ability to define accepted agents and specify in_selector in the agent group definition.
Mon 26 February 2024
Ostorlab KEV update for 26th February 2024
New vulnerabilities added to Ostorlab known exploited vulnerabilities catalog
Mon 26 February 2024
Test Credential Name
The latest update introduces the addition of a "test credential name" feature, allowing users to label test credentials for easier identification and management.
Mon 19 February 2024
Attack Surface Discovery paths
The latest update incorporates attack surface discovery paths, offering detailed insights into how assets were discovered. This addition helps understand from which asset(s) a particular asset came from.
Fri 16 February 2024
IAM, XSS and over 1000 new dynamic rules.
Recent updates have significantly enhanced dynamic analysis with new programming language support and vulnerable pattern detection, refined IAM management with new roles, improved granularity in attack surface access, advanced XSS detection, and vulnerable dependency identification, alongside crucial bug fixes across the system.
Mon 12 February 2024