April has seen the introduction of change notifications into FractalScan Surface, alongside a number of other improvements. Keep reading to find out more.
For your continuous Own Asset or Third-Party Monitoring scans you can now set up notifications to alert users in your organisation to key changes between the iterations. Change notifications can be set up to alert you of:
- Newly identified risks with a given severity.
- Risks that are no longer present with a given severity.
- Newly discovered domains.
- Domains that are no longer discovered.
- Newly discovered IPs
- IPs that are no longer discovered
By default, you will receive change notifications for new & removed risks, severity high or above. What you get notified of can be varied by scan type, meaning you can have different alerts for scans of your infrastructure to those of any third parties you are monitoring.
If any of your configured changes are identified on a new scan iteration, you will receive an email with the details of the changes identified. You, and other users in your organisation, can choose to opt out of these notifications in your user settings.
For more detailed information about the notifications capability read: How to get the most out of your FractalScan Surface notifications.
Improvements to the Changes page
Your default view of the Changes page is now showing you the changes that have occured between your most recent scan iteration and the one before it. You can easily change which iteration you want to see the changes for, or switch to use a date range if you want to view the changes over a longer period of time.
If you come to the Changes page from a Change notification, the page will be filtered to the iteration the email relates to.
We have also added the risk severities onto this page, so when you see risks change between iterations, you can more easily understand the impact of this, all in one place.
Improved component and CVE detection
When detecting components, FractalScan Surface is no longer case sensitive. So if we find “bootstrap” and “Bootstrap” in use we will only show one component in your results, giving a more accurate representation of your attack surface.
Where a domain is discovered via a DNS PRT record, FractalScan Surface will now detect the components used by that domain, and any CVEs known against that component version. This means you will have even better coverage of CVEs that impact your attack surface.
We’re always working on new features and improvements to FractalScan Surface, here’s an insight into what you will see coming soon.
- The ability to invite new users to your organisation.
- Better visibility of all the checks FractalScan Surface is running for your scans.
- The ability to remove a seed domain or IP from your scan while retaining the history of the scan.