What’s new with TrustedSite Security | June 2021 Release Notes

Check out the recent updates to TrustedSite Security that will help you better manage and protect your attack surface.

Get a better overview of your attack surface in the all new dashboard

Big improvements to your security dashboard have arrived. First and foremost, you’ll see your account level risk score, along with a map of the locations where your assets exist. In the Attack Surface section, you’ll see your different types of assets broken down by risk, along with a list of riskiest targets and a list of services that you have applied to your targets. In the Attack Vectors section, you’ll see what issues are contributing most to your risk score. You’ll also see the status of other TrustedSite services you may be utilizing, like PCI Compliance and Penetration testing, along with a list of our recommendations for how to reduce risk in your account. These improvements should provide you with better guidance on where to focus your attention and remediation efforts.

Eliminate blindspots with improvements to the Discovery section

We’ve made updates to the Discovery section to help you get a better view of your inventory and any associated risks. On the new Discovery Overview page, you’ll see cards showing the number of domains and networks you’ve applied the Discovery service to. Within the cards, assets are broken down by color code to show you which have the highest risk. In addition to our standard colors, we added black as a new way to highlight your blindspots. Whenever you see a black bar, it indicates the number of hostnames or subdomains that are not a part of your inventory but may need to be added.

Also on the Overview page you’ll find a master list of your inventory which you can view either in table mode, to see asset details, or in preview mode, to see an image of your assets’ landing pages. Use filtering options to see what’s going on with domain discovery, network discovery, or specific domains and networks.

Easily collaborate with your team to resolve issues with improvements to the Vulnerabilities section

We’ve made team collaboration even easier with updates to the Vulnerabilities section. On the new Vulnerabilities Overview page you’ll see several new cards including the By Status card which gives you an overview of the status of your vulnerabilities. You’ll quickly see which vulnerabilities are open (those that have not been looked at yet), confirmed (those that your team have acknowledged are an issue), or in progress (those that your team is actively working to correct). Additionally, on each individual vulnerability page, we’ve added a summary section that includes information on which department within your company we think is most likely to be responsible for resolving the issue. These updates can help reduce the time you spend communicating back and forth with your team, and free up more of your time to resolve pressing issues.

Additional improvements

We’re also excited about the new Vulnerability Timeline on the Vulnerability Overview page which shows you a heat map of how your risk score has changed over time. This can give you a quick historical view of when your attack surface was most vulnerable and when your remediation efforts went into effect.

Here’s a list of other improvements we made last month:

• Improved platform detection helps you better identify the services in use on your targets
• Easily preview your target home pages as they appeared with each scan within the target view
• New calendar view of upcoming certificate expirations
• View the response codes detected during website scans
• A new country breakdown report for website scans
• We've replaced the primary http header x-xss-protection with referrer-policy
• The firewall scan now detects DNS records
• We've added an account changelog to track who makes changes and when they were made

Questions about these updates or want to suggest an improvement? Reach out to your account rep. We’ll do our best to accommodate your suggestions in future releases.