New Features and Improvements - June 2024

Tim Cowell
28 June 2024
|
2 min Read
|
Tim Cowell
Create free account

Contents

Introduction

This month we’ve added improvements to FractalScan, to help you gain more insights into scan results, and to check the security of your own FractalScan users.

In this blog we’ll describe how you can now see which of your FractalScan user accounts have MFA enabled, and how an update to the certificates widget allows you to list which certificates have expired.

Visibility of certificate expiry

An expired TLS certificate or one nearing expiry can impact the security of the domains it is securing, and to protect people browsing the web, most modern browsers will stop users accessing websites which have expired certificates.

FractalScan Surface will already find and extract details on TLS certificates found in scan results. This includes the validation dates, when a certificate is valid from and when it is valid to. FractalScan already raises a risk for any discovered certificates which have expired.

To make it even easier to identify all the expired certificates or those which are nearing expiry, we’ve made a change to the Certificates widget on the Overview page. This widget now includes the expiry date for all found certificates, which you can sort on, allowing you to quickly see those certificates which may be at risk.

Expiring Certificates Widget

User MFA status

When following any guidance on securing online user accounts, enabling MFA is always at the top of the list, and for this reason we’ve supported MFA in FractalScan from day zero. To help you audit which of your users have MFA enabled, we’ve updated the user management page, to clearly show which users have MFA enabled, and which don’t. Allowing you to take any steps to follow your own security practices.

User MFA status is available to any user in the organisation roles, Owner, Admin or Manager, those which are used to manage user access and which can view an organisation’s users page.

Users MFA Status

You can also filter the user list of MFA status, allowing you to quickly see all users without MFA enabled.

MFA Users Filter

Coming soon

  • Increased visibility and control over Apache risks, which may have been resolved by backports
About Tim Cowell
Tim is an experienced software engineer, who has worked across the Defence, Government and Commercial sectors for the past 21 years. After leading a diverse range of projects Tim has a strong background in Cyber Security, software engineering, research and development practices.
Tim Cowell

REVIEWS

What our customers think

Haas Automation Logo

Ken Shannon

Haas Automation

"FractalScan Surface is an impressive tool that we use to monitor our external cyber risks and those of our dealers worldwide. We've even used it to perform due diligence security checks on third-party suppliers. I appreciate the easy-to-understand summary views, and my team likes that the daily scans automatically reflect their ongoing risk mitigation efforts. I'd really encourage other companies to use this tool and start tracking their cyber risks."

View The Space

Robin Craib

VTS

"FractalScan's capability to mark domains hosted on shared cloud services gives us the ability to remove risks associated with IP addresses which are not part of our infrastructure, allowing us to focus our resources. The consultancy we've had from the professional services team at Red Maple Technologies confirms the credibility and background of the team building FractalScan. I'm excited to see what's coming next for FractalScan."

Formula 1

CIO

Formula 1

"FractalScan Surface has been great for discovering our online-visible assets and exposures, allowing us to make some immediate improvements to reduce our cyber risk." Daily scanning enables us to keep on top of our external attack surface, which is particularly important to us since we have complex digital content output. FractalScan gives us the view on our data we didn't have."

Capterra Logo

Andy K.

Financial Services

"Simplicity - give it a domain and it will find out what it can about subdomains, related domains and any issues it identifies with them. We may not be privy to sites or subdomains other parts of the business may implement. FractalScan gives us a discovery tool to identify previously unknown public infrastructure, we can reduce our external attack surface by identifying and resolving issues and getting "old" public infrastructure decommissioned."

Capterra Logo

Tim N.

Information Technology and Services

"What I appreciate the most about FractalScan is the level of accuracy this platform provides while maintaining a passive approach to data collection. As someone who works in technical sales and consulting, I have a lot of clients working with products in this space. The common problem is the overwhelming amount of results and the operational overhead required to make those results actionable. FractalScan's unique solution provides results that are immediately accurate and actionable."

Capterra Logo

Jason C.

Financial Services

"FractalScan Surface provides a compact and concise overview of vulnerabilities that have been identified on our assets. It is important for teams to be able to understand the issue, prioritise remediation activities and focus on removing vulnerabilities from our estate....this tool enables all of this and has proven to find vulnerabilities that other tools do not."

Capterra Logo

Jack S.

Information Technology and Services

"FractalScan Surface delivers an exceptional experience, principally by enhancing our understanding of customers' digital assets. The platform's intuitive interface facilitates a user-friendly experience that our team appreciates. This, in turn, allows us to proactively identify vulnerabilities and address them before they escalate. We've found the platform to be markedly superior to its market counterparts in terms of capability and efficiency. Integration into our existing business processes was seamless, minimising any potential operational interruptions."