Changelog 2023-12

This page provides an overview of the products' evolutions deployed this month.

[CORE] Video attachments in reports

Hunters, pentesters, managers and triagers can now upload videos as attachments in their reports and comments, if it has been enabled by the manager in the program settings. MP4 and WEBM formats are allowed. The LIVE RECORDING option allows users to record directly their screen using native browser capabilities.

[CORE] Detect #YWH identifier and create direct links

In reports and comments, the #YWH-XXXX-YYYY pattern is now detected as a reference to a vulnerability report. Direct links to reports are automatically created if the authenticated user has access to these reports. It also works for old reports and comments.

[ASM] Asset coverage

In the context of ASM, the Asset Coverage enables managers to observe an actionable metric for the effective coverage rate of their ASM-discovered assets (IP addresses and domains), by YesWeHack's security testing programs (Bug Bounty and/or PTM). It focuses only on active programs and campaigns.

Organisations' objective is to have a coverage rate close to 100%. To achieve this, they can use the Attack Surface view to identify which assets are covered (shield pictogram) and which are not.