Introduction
In October we continued the theme of the last couple of months by adding more features to help you view and manage risks discovered by Hexiosec Attack Surface Management (ASM). This month I’ll cover:
- Created and resolved dates added to the Risks & Actions report
- Made the ‘Created At’ field default for risks and actions
- Update to the in-scan sidebar for Risk Management
Read on to hear about all this, as well as what else we have coming soon. The team are working on some major new features to perform more checks against your attack surface as well as cloud integrations with our cloud connectors.
Created and Resolved dates added to Risks & Actions report
Risks & Actions reports are not available to all tiers, please contact us if you would like to discuss adding these features.
In September, and from user feedback, the team updated the risks and actions detail shown in the Hexiosec ASM application. The update was to include the dates (and time) which indicate when risks and actions are first discovered by ASM. We’ve now increased the availability of this information by making it also available in our Risks & Actions report.
The Risks & Actions Report is an XLSX document which you can generate (including via our public API) for your scans, and includes the details on all risks, actions and the counts of risks per severity for primary domains and IP addresses. This is a popular feature in Hexiosec ASM, as it allows users to extract risks detail, including remediation wording, for integration or use in other tools or for wider reporting.
The XLSX document has the following changes:
- The ‘Risks’ sheet now includes a ‘Created At’ column, with a date and time value
- The ‘Actions’ sheet also includes the ‘Created At’ column
- The ‘Actions’ sheet additionally includes a ‘Resolved At’ column, which will show as
Unresolvedfor open actions
Showing ‘Created at’ column by default
On the same theme as the above improvement, such was the popularity of the new ‘Created at’ column in the Hexiosec ASM app, that we promoted this column from optional to default. This means you don’t need to think about where to find it, it will be automatically available for you on both the Risks page and Actions page in the app.
Helping you keep track of your attack surface, and any changes to it, is a key aspect of Hexiosec ASM. As simple as this column is, it can be hugely beneficial in allowing you to simply sort on, and quickly see any new risks or actions you may need to address. And especially as not everyone can be expected to keep an eye on changes to their risk data every day, but now you can quickly see new risks over the last few days or weeks.
Risk management sidebar menu
You wait for one risk based improvement, and three come along at once…
A few months back we made some changes to the Hexiosec ASM sidebar menu to better reflect and group the pages relating to Asset Management. Following an entirely sensible suggestion, this time from someone at Hexiosec, we’ve made the same change for the risk related pages.
In the sidebar, you will now find a new “Risk Management” grouping, including:
- Actions
- Risks
- Health
This clearly highlights the two key aspects of Hexiosec ASM:
- Risk Management - for helping you view and manage risks
- Asset Management - for helping you view and understand your discovered assets
Coming soon
As always, we have many more great features in the works, including:
- Mail security checks: We’re working on some improvements to our mail security checks, including MTA-STS checks.
- Cloud connector - Link your cloud infrastructure configuration to your Hexiosec ASM scan to ensure complete coverage. Includes cloud integration code for Azure, AWS and GCP.
- Security.txt checks- Hexiosec ASM will check for the existence of ‘security.txt’ files, which are recommended to help security researches report issues.
If there are other features you’d love to see in Hexiosec ASM, or indeed in Hexiosec Transfer (our true end-to-end encrypted file transfer app), please let us know.
Related Posts
