Private notes, scoring breakdown, rescan visibility and failures, vulns reporting for shared IPs.
Release Notes - Jul 23 2019
- You can now add “private” notes to questionnaires and remediation requests. These are visible to users of your account, but not to the recipients of the questionnaire or remediation request.
- We’ve improved how we present your own score. When we display your own company’s score to you, we can draw on public information (such as the configuration of your websites) as well as private information (such as which vendors you have marked as “in use”). This lets us provide the most complete view of your security posture. When someone else (another CyberRisk customer) looks up your company however, we report your score based only on the publicly available information. This has caused some confusion, and to address this, we’ve changed the way you see your own score on your “Risk Profile” page. You can now choose to either see your “public” score, or also factor in the private data you have provided.
- When you manually request a scan for a given website, we are now rescanning for open ports on that website more quickly. At times it may still take a while for refreshed port scan data to flow through, but it should often appear within 10 minutes or so. Note that when ports change from “open” to “filtered” (as opposed to “closed”), it will still take up to 30 days for changes to flow through.
- When you manually request a scan for a given website, and the scan fails (for instance, if the website is no longer running) we now report the failure, as well as how many times it’s failed previously, and when the website will be removed (after 4 consecutive failures).
- You can now request remediation or create a risk waiver from the Risk Profile page, or while looking at the details of a specific website.
- We fixed a problem with vulnerabilities where some websites that use shared IP addresses would have vulnerabilities incorrectly assigned to them.
- We’ve made a number of UI improvements and bug fixes.