Over the last two months, Ostorlab team has introduced several new features to the platform and its detection capabilities,

Automation Rule Policies

The new automation rules features can be used to auto assign-owners, set tags, send email notifications, and more. Some of the scenarios where the rules come in handy:

• Automatically assign vulnerabilities to a user for remediation;
• Automatically confirm discovered assets and assign an owner;
• Tag-specific assets match certain filters;
• Send an email when assets match a specific pattern, like if a potential service has SSH exposed on a different port than the default one.

Improved Attack Surface Discovery

We have also significantly enhanced the attached surface user interface by adding new search capabilities in various platform parts. These search queries can be saved and shared across organizations, providing easy access to important information.

Artifacts and Scan Coverage

The scan artifacts and call coverage pages have been redesigned for faster performance, and a slideshow feature has been added.

Improved Reporting

Other notable features include notifications for expiring subscriptions and enhanced scan summary addition to PDF reports.

Subscribed organizations can now receive a weekly summary email with statistics & metrics about the organization's performance, including the latest scans, findings & items requiring attention.

Open-Source

We have also released several open-source contributions. For instance, we have released a new open-source agent for the infamous TruffleHog to detect hard coded credentials and added support for Wireguard VPN configuration in most web and network open-source agents.

Vulnerability Detection

In terms of detection, a large number of improvements have been added. In addition, web scans now benefit from improved Web Authentication recorder support, which enables complex authentication scenarios.

The crawler now extracts paths of dynamically routed web frameworks such as Next.js and Nuxt.js. Additionally, we have improved SMS-based 2-FA for mobile scans and added the detection of insecure biometric authentication implementations on Android.

We have also improved the detection of Personally Identifiable Information (PII) in logs of applications, as well as the detection of insecure file provider path settings.

Several other vulnerabilities have also seen improved reporting, like public Firebase databases and clear text traffic vulnerabilities; overall, over 50 vulnerabilities have been enhanced.

Upcoming releases will focus on more detection vulnerability improvements and introduce significant new capabilities.