Attack Surface & Inventory 🎯

AI-automated Attack Surface

Released AI-automated Attack Surface feature, leveraging artificial intelligence for more comprehensive asset discovery and analysis. The new implementation allows: - Automatically seed the attack surface discovery using a simple prompt for example "Find all Microsoft and its acquisitions". - Automatically confirm/exclude the potential assets based on their connections and extracted contexts. - Allow the user to reconfigure the initial prompt to enrich the discovered assets.

Scans & IDE

• Enhanced function calls performance in the analysis environment for improved efficiency. The optimization was done by switching the function call extraction to a graph database, which retrieves the results in less than 200ms.
  

  

• Added the ability to notify a single user by email for new vulnerabilities. The automation rules action supports now notifying specific users for the remediation context. This answers for example the request Notify user X when there is a new vulnerability in asset Y.

  

OXO

• Added option to change scan timeout in local scans, providing more flexibility for users. The default value is 48 hours. Example command to run with a custom value:

ostorlab scan --runtime=local run --install --agent=agent/ostorlab/nmap --timeout=3600 ip 8.8.8.8

• Updated vulnerability reporting to include exploitation and post-exploitation details, offering more comprehensive security insights. The vulnerabilities report will include a section about the exploitation and post-exploitation details of the findings.

Detection 🔍

Secret Detection

• Added detection for Branch.io secrets
• Implemented IMEI Detection to identify potential privacy concerns.
• Added capability to detect the use of insecure UUID versions.

WordPress Agent

Added WordPress Agent to perform automated security checks on WordPress installations, identifying potential weaknesses and vulnerabilities. The scan covers the known vulnerabilities in the WordPress version, plugins and themes.

Threat Center

Added detection of several fingerprints:

• Ivanti Connect Secure
• Netgear Routers
• Apache Tomcat
• Calibre
• Aviatrix Controller
• Next.js
• Siemens
• FortiWLM
• Cleo products
• QNAP Turbo NAS
• Apache ActiveMQ
• Mitel Micollab
• Solana
• ZYXEL
• Sitecore
• SailPoint IdentityIQ

Added support for several CVEs: [CVE-2024-55591, CVE-2024-55591, CVE-2024-12847, CVE-2025-0282, CVE-2024-50603, CVE-2024-12987, CVE-2024-52875, CVE-2024-6782, CVE-2024-43919, CVE-2024-50379, CVE-2024-56145, CVE-2023-34990, CVE-2024-51479, CVE-2024-36404, CVE-2024-38819, CVE-2024-11772, CVE-2024-55956, CVE-2024-11205, CVE-2024-11205, CVE-2024-11639, CVE-2024-50623, CVE-2024-54134, CVE-2024-35286, CVE-2024-41713, CVE-2023-45727, CVE-2024-10905]

Privacy & Compliance

• The Privacy profile was released expanding access to privacy-focused detections. The privacy profile fetches the privacy ploicy from the store (Apple store or Play store) and analyzes the following:
• The content of the privacy policu and its conformity against the compliance standards (GDPR, CCPA, CPRA, HIPAA, LGPD).
• Analyzes statically the application and validates the used permissions and methods agains the privacy policy statements.
• Analyzes dynamically the application and validates the used permissions and methods agains the privacy policy statements.

  

• Added Privacy link to support packages not available in the store, improving transparency. If the application id is different then the one in the store, you can set the privacy link to fecth during the analysis.