Product
Better UI, more concise scan report improved detection of insecure webview usage, and multiple bug fixes.
This update improves the user interface of the platform, adds new detection for Webview-related vulnerabilities, and ships multiple bug fixes.
Tue 23 April 2024
Objetive C instrumentation, detection of insecure data storage, Regex DoS, and multiple bug fixes.
This update significantly improves objective-C instrumentation, adds new detection for insecure data storage and Regex DoS, and ships multiple bug fixes.
Mon 15 April 2024
Detection of Apple's Privacy Manifest, liblzma backdoor, and Attack Surface fixes.
This update introduces fixes for the Attack Surface, detection for the liblzma backdoor, and a public store for agents.
Mon 01 April 2024
Discovering & Monitoring Mobile Applications Attack Surface with Ostorlab
The article introduces Ostorlab Attack Surface Discovery as a solution for discovering and continuously monitoring mobile applications, alleviating the manual burden on security teams. It outlines steps for adding applications to an inventory, configuring monitoring rules, and emphasizes the platform's ability to streamline mobile application security management.
Tue 26 March 2024
Addition of CSS Injection Detection, ARM64 support, and migration of Agent's Docker Images.
This update introduces fixes for the Attack Surface, migration of Agent's Docker Images to Docker Hub, enhanced detection capabilities for vulnerabilities, and support for ARM64 architecture in OSS.
Exposed Scan PCAP and JIRA custom Mapping
This update introduces a series of new features related to the IDE, Jira integration, OXO, and many improvements to the platform.
Latest posts
Enhancements to the Open Source CLI, Platform, and Detection.
This update introduces various improvements to the XSS scanner, the functionality of the open-source CLI, and monitoring rule creation.
Mon 11 March 2024
Attack Surface, Remediation, Automation Rules, and Detection improvements
This update introduce a series of updates aimed at enhancing user experience, platform improvements, and bug fixes across various features.
Mon 04 March 2024
OXO Open-Source Improving
The latest update of OXO open-source introduces substantial improvements, providing users with faster startup and execution times. Additionally, this update enhances search capabilities in the CLI for more effective querying. Users now also benefit from increased customization options, including the ability to define accepted agents and specify in_selector in the agent group definition.
Mon 26 February 2024
Test Credential Name
The latest update introduces the addition of a "test credential name" feature, allowing users to label test credentials for easier identification and management.
Mon 19 February 2024
Attack Surface Discovery paths
The latest update incorporates attack surface discovery paths, offering detailed insights into how assets were discovered. This addition helps understand from which asset(s) a particular asset came from.
Fri 16 February 2024
IAM, XSS and over 1000 new dynamic rules.
Recent updates have significantly enhanced dynamic analysis with new programming language support and vulnerable pattern detection, refined IAM management with new roles, improved granularity in attack surface access, advanced XSS detection, and vulnerable dependency identification, alongside crucial bug fixes across the system.
Mon 12 February 2024
Support for Basic Authentication, HTTP folders and other improvements
Ostorlab has added support for Basic Authentication, HTTP folders and various enhancements to the attack surface and stack traces sections.
Tue 16 January 2024
2023 in review
As 2023 has concluded, it's time to reflect and prepare for an optimistic 2024.
Wed 10 January 2024