Discover What’s New 🚀: RedHunt Labs ASM Platform’s Latest Feature Drops, Fixes and Enhancements [June 2024]

We’re excited to announce a series of enhancements to RedHunt Labs’ 360° Attack Surface Management Platform, NVADR. Our continuous efforts bring new features and improvements designed to simplify and enhance your experience.

Join us in setting new standards in attack surface management as we innovate to keep your digital assets secure in an ever-evolving threat landscape. Here’s a summary of the June release notes:

Here’s a detailed overview of what’s new:

New Features & Enhancements 🚀

1. AWS Marketplace Launch

Our comprehensive Attack Surface Management Platform is now live on AWS Marketplace! We are excited to announce that our Attack Surface Management (ASM) platform is now available on the AWS Marketplace. 

This milestone allows AWS customers to seamlessly procure and integrate our Attack Surface Management solution into their existing cloud environments. Simplifying procurement and deployment, our platform ensures a more streamlined and efficient approach to managing your organization’s security posture. Fun fact for finance teams, you can also use your AWS credits for the same.

Visit this link for more details and purchasing: https://aws.amazon.com/marketplace/pp/prodview-tnkutegpqtswo

2. Accelerated Asset Scoring with the HTTP Judge

Meet the HTTP Judge Tool which calculates the Importance Score for any asset, a powerful feature that has been part of our system for a while but might have flown under your radar. This tool helps you score the importance of your assets accurately to filter more important assets. By using a combination of AI and parameters, it evaluates your HTTP assets and scores them based on their significance to your security.

In this latest release, we’ve added browser orchestration to the HTTP Judge Tool, optimizing it for even better performance. This means it now uses advanced techniques to simulate browser interactions, making data collection and analysis much faster. As a result, the speeds are amazing, allowing your security team to quickly focus on the assets with higher asset importance scores.

3. Extended CVE Identification Window: 60 Days for Better Security

In our continuous effort to provide comprehensive security coverage, we have extended the identification window for Common Vulnerabilities and Exposures (CVEs) affecting technologies used in your organization, from 30 days to 60 days. This change means that any CVEs updated, modified, or published in the last 60 days will now be included in our scans.

This extended timeframe allows for more thorough analysis and identification of potential vulnerabilities. With a longer window, your organization gains greater insight into emerging threats and can better prepare to defend against them.

4. Streamlined Vulnerability Management: Issue Tracker Updates

We have implemented significant changes to our Issue Tracker to optimize vulnerability management. Vulnerabilities associated with “Won’t Fix” tickets will no longer be subject to rescan. 

This change aims to reduce unnecessary noise and allow your security team to concentrate on actionable vulnerabilities. Now you can streamline your remediation process with our improved internal issue-tracking system.

5. Detailed Asset Inventory CSV

We are pleased to announce the release of the Detailed Asset Inventory CSV, a significant enhancement to our asset management reporting capabilities. This update introduces a broader set of information, including ASN, country, status code, city, and title, providing a more comprehensive view of your assets. 

The inclusion of these additional data points offers deeper insights and actionable information, enabling your security team to better understand the context and significance of each asset, as well as filter out based on specific requirements.

6. Availability of PoC (Proof Of Concept) for Security Risks / Vulnerabilities

Understanding and reproducing security issues just got easier with the addition of our Proof of Concept (PoC) section. This new feature is designed to provide clear and detailed PoCs for certain vulnerabilities, helping your team grasp the nature of the issues more quickly and accurately. 

By offering a visual representation of a vulnerability/security risk, the PoC section aids in bridging the gap between detection and resolution. This enhancement not only accelerates the remediation process but also improves your team’s ability to address vulnerabilities with precision and confidence, ensuring a more robust defense against potential threats.

7. CSV Report for Discovered Third-Party Assets

Our latest update introduces a powerful new feature: the CSV Report for the discovered third-party assets. This functionality allows you to obtain a list of all third-party assets discovered by our platform.

Whether you’re assessing third-party risks or conducting compliance checks, this report provides a comprehensive overview of such external assets, helping you identify potential vulnerabilities and areas of concern. 

8. Integrated Grouping for Similar Web Applications – Find Pentest Candidates

We are excited to introduce Integrated Grouping for Web Applications, a feature designed to simplify the management of complex web environments and similar websites. This enhancement automatically identifies and groups similar web applications, including those with numerous redirects or shared characteristics, into single entities.

By consolidating hundreds of web apps into coherent groups, this feature highlights potential pentest candidates, making it easier for your security team/infrastructure teams to prioritize and conduct thorough assessments. Integrated Grouping not only streamlines the testing process but also ensures a more focused and effective approach to securing your web applications. This ultimately enhances the overall security and resilience of your digital assets, providing a stronger defense against potential threats.

Bug Fixes 🛠️

1. Enhanced Port Scanning Results Management 

We have improved our system to better handle assets with over 250 open ports. These used to generate too many results and hence it was difficult for customers to navigate through open ports. When our port scanner returns more than 250 open ports on an asset, internally it is now identified as a potential honeypot or having intelligent firewall rules, and hence all these ports are ignored. This adjustment ensures more relevant data output, enhancing both performance and usability.

2. Optimized Sorting in HTTP-Grouping

The sorting functionality within the HTTP-Grouping feature was previously not working as intended. This issue has now been fixed, allowing for accurate and efficient sorting of ports, significantly improving the user experience.

3. Improved Accuracy in Bucket Reporting

We have resolved an issue where some generic buckets were being incorrectly identified, leading to false positives. With this fix, our commitment to maintaining a zero false positive system remains strong, ensuring more accurate and reliable bucket reporting.

4. Accurate Asset Exposure CSV Report

We addressed a problem where the Asset Exposure CSV report was returning technologies with empty string keys. The expression handling has been fixed, ensuring the CSV file now contains complete and accurate information for better analysis.

5. Enhanced Hawkeye Stability

The EPSs-based vulnerability finding component of our platform, Hawkeye, was breaking for certain targets on containers. This issue has been fixed, enhancing the stability and reliability of Hawkeye.

6. Functional Notification Filters

The custom date filters in the Notification section were not functioning properly. This issue has now been fixed, ensuring users can apply custom date filters accurately to their requirements.

7. Inadvertently Portal Logout Issue Fixed

We resolved an issue with the portal token implementation that was causing users to be logged out immediately after login. This was fixed by adjusting the sequencing of the authentication token implementation, ensuring a smoother and uninterrupted user session.

8. Accurate Notification Preferences 

We fixed an issue where multiple checkbox selections under Notification Preferences were not registering correctly. This fix ensures that users can now select multiple options accurately, improving the selection process.

9. Smooth Integrations with API

We fixed an issue where clicking the Add to PagerDuty button resulted in a blank page. This enhancement ensures a seamless integration process with PagerDuty, improving functionality and user experience.

Refactoring & Optimizations 🔧

1. Enhanced Data Reliability and Observability in Scan Save Functions

Our latest release brings significant improvements to the Scan Save Functions, ensuring robust data handling even during peak times. With the capacity to manage over 5 million scan events, the system is now optimized to handle millions of events with minimal risk of data loss.

This update also includes enhanced observability features, allowing for real-time monitoring of data-save operations. These advancements ensure that all scan results are accurately and reliably saved, enhancing data reliability. Users can now trust the integrity of their scan data, even during periods of high activity.

Additionally, the increased observability improves operational efficiency, enabling quicker issue resolution and smoother workflows. These enhancements underscore our commitment to delivering reliable and efficient solutions for managing and saving scan results.

2. Dashboard Timeline Graph

The dashboard timeline graph now automatically updates the last data point, offering real-time insights into the latest trends and events. This enhancement ensures that users always have the most current information at their fingertips, enabling more informed decision-making and timely responses to changes.

3. Asset Inventory API: Enhanced Efficiency for Large Datasets

In this release, the Asset Inventory API has been significantly upgraded to improve its efficiency in managing large datasets. The API now boasts enhanced scalability, allowing for the seamless handling of millions of asset records without compromising performance.

Data retrieval and processing have been optimized, reducing latency and ensuring faster query responses. Additionally, the reliability of the API has been bolstered with robust error handling and data integrity checks, guaranteeing consistent and accurate asset data even under heavy usage. These improvements also include better resource management, ensuring stable and efficient operations without system overload, thus reducing the page load time.

---

As we conclude this release, we’re committed to evolving the 360° Attack Surface Management platform to exceed your expectations and tackle the latest cybersecurity challenges. If you’re using our platform, start enjoying these new features now. If you’re not a customer, explore our product at app.redhuntlabs.com or request a free trial with manual support at redhuntlabs.com/request-free-trial/.

We’re dedicated to ongoing updates and new features, whether you’re on AWS Marketplace or using our tools for asset management and security assessments. Your success is our priority.

Stay tuned for more updates and enhancements as we strive to provide best-in-class attack surface management solutions. Together, we’ll confidently navigate cybersecurity complexities.

For any questions or further assistance, please don’t hesitate to contact us.