🛡️ Privacy Compliance Testing

We added a new type of scan, Privacy Compliance Testing, which is available for all asset types. The Privacy Compliance Testing identifies privacy concerns by analyzing the application's data collection, usage practices, and compliance with privacy policies.

To learn more about this new feature, see the Privacy Compliance Testing page.

🇼 Agent WhatWeb

Added detection for several fingerprints:

• OFBiz plugin: An open-source enterprise resource planning (ERP) system.
• Cisco Smart Software Manager On-Prem (SSM On-Prem): A Smart Licensing solution that enables customers to administer products and licenses on their premises.
• Raisecom: A global leading vendor providing comprehensive access solutions and network devices.
• Acronis cyber infrastructure plugin: A multi-tenant, hyper-converged infrastructure solution for cyber protection. The agent was also fixed to not scan non HTTP services.

🌌 Agent Asteroid

• Known Exploitable Vulnerabilities: Enhanced security tracking by adding new CVEs - CVE-2024-5217, CVE-2024-38856, CVE-2024-43044, CVE-2024-7120, and CVE-2024-20419.

🛡️ OXO

• Fixed a crash when OXO is run with no asset (--no-asset).

🎨 User Experience Enhancements

• In order to provide more clarity on what each type of scan does, all scan profiles are now visible, even if they're inactive.

  

• Fixed a bug when confirming an asset without selecting an owner.
• Fixed a bug which was causing some fingerprints not to show.