Introduction
We have released a couple of new, exciting features this month that will help improve your experience with Hexiosec ASM. Simplifying the invites process and improving how IP range seeds are processed will save you time and make sure you get the most out of your scan allowances.
Roles & groups on invites
The Admin or Owner role is required to create and manage invites for new users.
The process of inviting a new user to your organisation has been streamlined, allowing you to select the relevant role and groups for the new user at point of invitation. This makes it quicker and easier to get new users set up.
When inviting a new user the role and groups, with corresponding group roles, can be selected. You can also create a new group for the new user at this point if required.
When the invite has been created, it will be visible in the Pending Invites table and can be edited here before it has been accepted.
Once the new user has accepted the invite, they will be able to access the scans for the selected groups straight away, and/or create new scans if their role allows. At this point, any changes to roles and groups can be managed on the Users page by organisation admins and owners. The look and feel of this has been updated to match the invites process.
IP range seeds: scanning active IPs only
When an IP range is used as a seed, before adding all of the individual IPs from the range into the scan, Hexiosec checks which ones have open ports. Only IPs from the range with open ports will be added to the scan and processed.
This means your domain and IP limit on your plan will not be used up unnecessarily on IPs that are not being used and your results will be clearer to understand for IP range seeds.
You will see a reminder of this each time you add an IP range seed to a scan.
If you would like to discuss having IP range seeds enabled on your plan, please contact [email protected].
Other improvements
As well as the new features described above, there have also been some improvements to existing features based on your feedback.
Separate columns for Risks in the Risks & Actions report
The Risks & Actions Report has been improved to make it easier to sort and filter. On the Actions tab, each risk severity now has its own column.
Easier to drill into details of Risks
The risk counts are now clickable on all the widgets in the app. This means, in context, you can click through a risk count to see the details of the risks associated with that asset.
Clicking the “29” above, takes you to a filtered list of just those 29 critical risks.
Risks counts have also been added to the Explore page for domains and IPs, meaning you can easily access the risks associated with a specific asset in one click.
Improved filters for Risks and Actions
On both the Risks and Actions pages, the risk severity filters can be multi selected. This means you can, for example, look at all Critical and High risks together rather than having to view as two separate lists.
Coming soon
- Better visibility of your rescan allowance.
- Weekly scan confirmation notifications for Free accounts.