Introduction
This month the engineering team have been busy updating our backend processing and data storage, as well as a number of improvements to your Hexiosec ASM experience. Read on to find out more.
System improvements - weekend maintenance
You may have noticed that we scheduled a period of maintenance for Hexiosec ASM over the weekend of the 20-21 July. This was to enable us to update our system and make some changes in how we processes and store Hexiosec ASM data. The updates have resulted in some immediate improvements to scan times as well as overall performance benefits in the app.
The changes also puts us in a strong position to leverage other performance and resilience benefits going forward, this fits with our approach to continuously make Hexiosec ASM better for users and ensure we keep up with demand.
The update went smoothly, and we thank you for your patience if this affected you in anyway, but ultimately our scheduling meant that none of our continuous scanning was impacted by the update.
This is a more visible example of an update we’ve made to Hexiosec ASM, but in reality, every month we’re optimising how the system operates to bring you (and us) improvements.
Updated scan changes email
If you have scans running continuously in Hexiosec ASM and there are significant risk changes you will already receive an email informing you of those changes, if configured. We’ve made an update to this email making it even easier to see these changes.
The changes email now includes a summary of newly discovered risks, enabling you to see detail on the higher severity risks in the email body.
We’ve also improved the link to Hexiosec ASM, which will now take you to a filtered view on the Changes page, showing the changes listed in the email. This means that if you are informed of a new high severity risk, the link will take you straight to a view showing that risk, allowing you to quickly investigate.
If you still want to see all the result changes in for a scan iteration, you can simply select to remove the filter.
Explore page risk navigation
We’re always looking for ways to help users navigate Hexiosec ASM results and help you understand the impact of risks or other changes. Each risk in Hexiosec ASM has its own explore page, e.g. an explore page for a CVE detailing the vulnerability, and what is impacted (provenance).
We’ve improved the navigation from the explore page to impacted actions. The ‘Go to Actions’ button at the top of a risk’s explore page will now take you to the actions page, which will be filtered for all the actions impacted by this risk. e.g. if a CVE impacts multiple versions of nginx, you’ll see all the actions relating to domains and IPs for which the CVE might be a risk.
Telnet wording
Finally we’ve made a subtle change to the risk wording for vulnerable ports, which gives us an opportunity to highlight a factor in the discovery of at-risks ports. Previously the actions and risk wording for a Telnet risk would suggest that the port found is always Telnet’s default port, which is port 23.
In fact, Hexiosec ASM has the ability to discover Telnet (or other at risk protocols) on non-default ports, e.g. port 2323 in the example below, and we have updating the wording accordingly.
Coming soon
- Increased visibility and control over Apache risks, which may have been resolved by backports.
- A new API endpoint for risk data, allowing you to extract all risks data for your own processing.