Changelog 2024-07

This page provides an overview of the products' evolutions deployed this month.

[CORE] Restrict session access to login IP addresses

  • This "session access restriction" increase the security level of users' session by restricting the usage of a session to the IP address from where the login was established (i.e., current session login IP is stored in the current session JWT).
  • If a new IP address use the same token, the session will not work.
  • It is disabled by default, but it can be enabled from the menu "User / Settings / Authentication" (password is required).
  • If the user's connection legitimately uses several or dynamic egress IP addresses (e.g., mobile networks), it is recommended to disable this feature.

 

[ASM] Import assets list (CSV)

  • This feature allows users to add assets in batches. Import is via a CSV file.
  • Two columns are required: asset type and asset value.
  • A CSV template is available to help create the file to be imported.

 

[CORE] Tag filters in Dashboard and Vulnerability Center

  • Tags are now available to filter dashboards and the vulnerability center's reports list.
  • This enables assets and vulnerabilities to be classified according to criteria specific to the organisation of each BU, so that they can be easily exploited or visualised using the associated metrics.