Product Updates

Discover the latest feature releases, improvements and updates.

Intro

How great are filters? They allow us to enjoy grain free coffee, breathe cleaner air, and provide our cars with refined fuel. They also allow us to sift through copious amount of data about targets and present specifically what we need. Therefore, this and the next issue will be focusing on filters. Starting with the Asset Management screen in this newsletter and then Vectors in the next one.

Meet the Filters

In this newsletter we are going to explore some of the things you can do with the Asset Management screen filters which includes three types of filters:

Toggle filters - This filter allows users to turn on one or more of the built-in filters.
Multi-select filters - This type of filter allows users to select multiple options from a list of available choices. It currently supports ‘Exists', 'Where Not’, ‘AND', and 'OR’, operators.
Exists - marked with a checkmark
Where Not - marked with an X
Single-select filters - This type of filter allows you to select one of the provided options to display and leave out all the rest.

Toggles offer the most general type of filter. Meaning that only using the toggles we cannot really get too deep and specific into the data. To do that we would need to combine several filter types and filters within the filter types, we will talk about that later in this newsletter. For now, let's focus on general filtering. For example, we can display all the new (added in the last 10 days) and vulnerable (have vectors attached to them) assets using just two toggles.

Saving Custom Filters

The filters listed above function as separate entities, we can mix and match several filters to create a new, custom filter which can be saved to be used later. This allows us to achieve granular control over the data presented by the platform.

SSL Issues

SSL certificates are used in every web application, it is crucial to an organization’s security posture to have all their certificates use strong encryption ciphers, be up to date and signed by a well-known certificate authority. Using the 'Enrichment Type' filter we can create a new filter that will display any SSL issues your assets may have.

Apache Web Servers

There are cases where we want the platform to display certain information and not display other information. For instance, let’s say we want to display all the web servers under the target, one way to do that is to scroll down to the ‘Technology Category' filter and select ‘Web Servers'. Another option, if we want to be more specific with it, we can go to the 'Technology Type’ filter and select which web server types we want to display or not to display.

In the example below, we wanted to display only Apache Web Servers, so we first filtered out all the Web Servers and then got more specific by selecting only Apache web servers and not regular HTTP server or Nginx servers.

DDoS and MiTM

While being very powerful, there are some vectors which are difficult to detect using conventional methods, that the platform can’t detect yet. This does not mean however that it cannot provide some indication wether or not there are assets that are susceptible to such attacks.

The platform can detect which technologies are used on assets; we can use that data to provide insights into the preparedness of our assets to face such attacks.

HSTS - is a policy mechanism that forces websites to use HTTPS, designed to prevent man in the middle attacks.
Cloudflare - is a content delivery network service that has built-in cloud cybersecurity features such as DDoS mitigation.
Amazon CloudFront - is also a content delivery network that provides DDoS protection.

By filtering using these technologies, whether they are present or not, we know which assets are protected from these attacks and which are not and can take appropriate action.