Category

Product

This update improves the user interface of the platform, adds new detection for Webview-related vulnerabilities, and ships multiple bug fixes.

Product

Objective C instrumentation, detection of insecure data storage, Regex DoS, and multiple bug fixes.

This update significantly improves objective-C instrumentation, adds new detection for insecure data storage and Regex DoS, and ships multiple bug fixes.

Mon 15 April 2024

Product

Detection of Apple's Privacy Manifest, liblzma backdoor, and Attack Surface fixes.

This update introduces fixes for the Attack Surface, detection for the liblzma backdoor, and a public store for agents.

Mon 01 April 2024

Product

Discovering & Monitoring Mobile Applications Attack Surface with Ostorlab

The article introduces Ostorlab Attack Surface Discovery as a solution for discovering and continuously monitoring mobile applications, alleviating the manual burden on security teams. It outlines steps for adding applications to an inventory, configuring monitoring rules, and emphasizes the platform's ability to streamline mobile application security management.

Tue 26 March 2024

This update introduces fixes for the Attack Surface, migration of Agent's Docker Images to Docker Hub, enhanced detection capabilities for vulnerabilities, and support for ARM64 architecture in OSS.

This update introduces a series of new features related to the IDE, Jira integration, OXO, and many improvements to the platform.

Latest posts

Enhancements to the Open Source CLI, Platform, and Detection.

This update introduces various improvements to the XSS scanner, the functionality of the open-source CLI, and monitoring rule creation.

Mon 11 March 2024

Attack Surface, Remediation, Automation Rules, and Detection improvements

This update introduce a series of updates aimed at enhancing user experience, platform improvements, and bug fixes across various features.

Mon 04 March 2024

OXO Open-Source Improving

The latest update of OXO open-source introduces substantial improvements, providing users with faster startup and execution times. Additionally, this update enhances search capabilities in the CLI for more effective querying. Users now also benefit from increased customization options, including the ability to define accepted agents and specify in_selector in the agent group definition.

Mon 26 February 2024

Test Credential Name

The latest update introduces the addition of a "test credential name" feature, allowing users to label test credentials for easier identification and management.

Mon 19 February 2024

Attack Surface Discovery paths

The latest update incorporates attack surface discovery paths, offering detailed insights into how assets were discovered. This addition helps understand from which asset(s) a particular asset came from.

Fri 16 February 2024

IAM, XSS and over 1000 new dynamic rules.

Recent updates have significantly enhanced dynamic analysis with new programming language support and vulnerable pattern detection, refined IAM management with new roles, improved granularity in attack surface access, advanced XSS detection, and vulnerable dependency identification, alongside crucial bug fixes across the system.

Mon 12 February 2024

Support for Basic Authentication, HTTP folders and other improvements

Ostorlab has added support for Basic Authentication, HTTP folders and various enhancements to the attack surface and stack traces sections.

Tue 16 January 2024

2023 in review

As 2023 has concluded, it's time to reflect and prepare for an optimistic 2024.

Wed 10 January 2024