Software Updates 20/07/23

This blog post summarises AppCheck’s latest software releases for July 2023. These changes are paving the way for a more asset-centric approach, aligning with our goal of providing you with even better insights and services.

This blog post summarises AppCheck’s latest software releases for July 2023. These changes are paving the way for a more asset-centric approach, aligning with our goal of providing you with even better insights and services. Let’s dive into the details:

 

New Data Gathering Services Now Live!

New services for customer logs, customer notifications, vulnerability management, credential management, and asset tracking are now in full production.

These services are currently having data migrated to support new services into the AppCheck UI, two features that will be landing soon related to these are:

 

  • Customer Logs: Enhancing Transparency

We’re introducing a new “Customer Logs” feature that will revolutionize how you interact with scan results. This dedicated tab on the scan results page will display log messages from both the web app scanner and the infrastructure scanner. It’s a troubleshooting goldmine, allowing you to quickly identify issues and track progress. While initially for internal use, we’re working toward making this available to you soon.

 

  • Customer Notification: Stay in the Loop

Say hello to “Customer Notification,” a new portlet in your dashboard that keeps you informed about daily and weekly releases. This feature provides an inside look into our ongoing work, offering insights into what happens behind the scenes. We’re also connecting release updates with relevant blog posts and syncing it with our status page output, as well as Zendesk notifications.

 

Simplified Export: New JSON report for importing into other systems.

You can now download a JSON version of your scan results to be used in automations or other tools, this is available in the vulnerabilities table next to the standard reports.

 

Password cracking for hashes detected during a scan: We have extended the web application scanner to now crack MD5 hashes that are observed during scanning.

 

Scan Profile Addition: MoveIT: We’ve also added a new scan profile for MoveIT, expanding our coverage and capabilities to provide you with even more comprehensive results.

 

All plug-ins for this update:

  • Swagger UI XSS
  • TLS SNI SSRF
  • JavaScript Prototype Pollution (Server Side)
  • MoveIT Transfer (CVE-2023-34362 / CVE-2023-35708)
  • Text4Shell (CVE-2022-42899)

 

More to Come: CVE Database: Our new customer facing CVE database is now undergoing UAT testing and is expected to be released in September, this new service allows our customers to browse and see every CVE that we are capable of detecting as well as provide additional information.

Stay tuned for more updates, and as always, feel free to reach out to our support team if you have any questions or feedback.

Our team remains dedicated to enhancing functionality and ultimately providing you with a smoother and more efficient user journey. Your valuable feedback guides our continuous efforts to improve, so please don’t hesitate to share your thoughts with your account manager. As we move forward, stay tuned for more innovations and updates and stay tuned in the coming months for a roadmap of expected major releases.

 

About AppCheck

AppCheck is a software security vendor based in the UK, offering a leading security scanning platform that automates the discovery of security flaws within organisations websites, applications, network, and cloud infrastructure. AppCheck are authorized by the Common Vulnerabilities and Exposures (CVE) Program as a CVE Numbering Authority (CNA).

 

Additional Information

As always, if you require any more information on this topic or want to see what unexpected vulnerabilities AppCheck can pick up in your website and applications then please get in contact with us: info@localhost

Get started with Appcheck

No software to download or install.

Contact us or call us 0113 887 8380

About Appcheck

AppCheck is a software security vendor based in the UK, offering a leading security scanning platform that automates the discovery of security flaws within organisations websites, applications, network and cloud infrastructure. AppCheck are authorized by te Common Vulnerabilities and Exposures (CVE) Program aas a CVE Numbering Authority (CNA)

No software to download or install.
Contact us or call us 0113 887 8380

Start your free trial

Your details
IP Addresses
URLs

Get in touch