product updates

SecurityTrails Blog · Aug 08 · by Esteban Borges

August Product Update: Exposed Admin Panels, Risk Rules API, Risk History by Host, and more!

Reading time: 3 minutes
Listen to this article

At SecurityTrails we continuously upgrade, improve and enhance the quality of user experience in our Attack Surface Intelligence platform.

Today, we are thrilled to announce several Attack Surface Intelligence updates we’ve recently been working on: Risk History by Host, Risk Rules API, Search for Signatures, and other upgrades! Keep reading to learn more.

Admin Panel detections in Inventory

A great new feature from our latest release is Admin Panels, located within the Inventory tab.

This option will help you locate administrator panels in mere seconds. This allows security teams to find exposed control panels from popular technologies and software, which may be out of compliance with policies, and therefore, adding unnecessary risk to your organization.

Among its many highlights, the Admin Panel feature:

  • Works on deep paths
  • Works on IPs without hostnames
  • Includes firewalls, enterprise software, developer tools, and CMS’s
  • Adds new signatures frequently and automatically

On that interface, you’ll find a Counts by Panel summary, where you’ll find the top exposed panels, along with the number of affected IP addresses and hostnames.

Counts by Panel summary

Scrolling down, you’ll also find the full list of panels we found, along with a description, the port where it was found, the affected service, and a quick target link so you can jump right into each one of them:

Full list of panels

Risk Rules API

The new Risk Rules API allows users to get immediate data for CVEs, including vulnerability name, description, risk severity (classification), affected hostnames, technical references found on the Internet, and project metadata such as ID, title and snapshot creation date.

Immediate data

Risk History by Host

The new Risk History by Host feature is the perfect tool for keeping an historical tracking of your current vulnerabilities and misconfigurations. By listing them, you’ll know when they appeared for the very first time, and most importantly when they were cleared (fixed/patched) and no longer showing on the Risk Rules report.

Full list of panels

As shown in the above screenshot, you can also filter the Risk History by Severity or Event type (added or cleared), and even export the results into a CSV file.

End-user ability to search signatures

This new feature gives Attack Surface Intelligence users the ability to search for risk signatures, so customers can determine whether to check for a certain vulnerability or if a misconfiguration is present on our Attack Surface Intelligence checks, as shown in the following screenshot.

Risk Rules API

SecurityTrails periodically releases updates that improve the performance, security, and logic of your experience in Attack Surface Intelligence. By enhancing the usability of the Attack Surface Intelligence interface, we create a new environment that allows you to identify and prevent threats much more effortlessly.

Why don’t you try it yourself and facilitate your most thorough and effective way of protection?

Esteban Borges Blog Author
ESTEBAN BORGES

Esteban is a seasoned cybersecurity specialist, and marketing manager with nearly 20 years of experience. Since joining SecurityTrails in 2017 he’s been our go-to for technical server security and source intelligence info.

X