YesWeHack

<img src="https://downloads.intercomcdn.eu/i/o/tr8grriy/105984244/0c8d71631347d3922c7161aef65a/1f195.png?expires=1772658000&amp;signature=70630ef5f6f254c2533ce0d915e859ccc384598c9401e683096e1934399614f6&amp;req=0dVqzFD%2BrjMslxv0%2B9pgpisvwLzv2NaYeFg%2BrbriLGYu1o8u%2Bue2fMA3jTc2%0A" width="32" alt=""> [ASM] Preventing Subdomain takeover

A subdomain takeover occurs when an attacker gains control over a subdomain of a target domain, typically when the subdomain has a canonical name (CNAME) or an IP address pointing to a cloud provider in the Domain Name System (DNS), but no host is providing content for it.

New Subdomain takeover checkpoints are now available, and automatically enabled, on the platform. 

ℹ️ Click <a href="https://yeswehack.atlassian.net/wiki/spaces/Product/pages/2009170030/How+it+works" rel="nofollow noopener noreferrer" target="_blank">here </a>to learn more about how the YWH solution works to prevent Subdomain takeover.

Organisations can now prevent subdomain takeover on a predefined list of cloud providers.

- Organisations can now prevent subdomain takeover on a predefined list of cloud providers.

All ASM customers with Security Check enabled.

- All ASM customers with Security Check enabled.

Click on "Attack Surface" in the left-side menu

Go to "Security Check" and look for “Subdomain takeover” checkpoints

- Go to the "Admin Panel"
- Click on "Attack Surface" in the left-side menu
- Go to "Security Check" and look for “Subdomain takeover” checkpoints

The results of these checkpoints are the usual Detected Issues. They can be managed in the exact same way as CVEs and misconfigurations. 

- The results of these checkpoints are the usual Detected Issues. They can be managed in the exact same way as CVEs and misconfigurations. 

___________________________________________________________

⬆️[CORE] Executive report - Closed reports table

Previously, the executive report only covered open reports. Now, closed reports also appear in the executive report’s charts, giving organisations a more comprehensive overview of all vulnerability reports received on a program.

Through the updated executive report, organisations can now have a better overview of all reports they received on a program and their remediation process. 

Thanks to these changes, organisations can now more easily communicate internally or externally about the resolution status of reports and showcase the work completed.

- Through the updated executive report, organisations can now have a better overview of all reports they received on a program and their remediation process. 
- Thanks to these changes, organisations can now more easily communicate internally or externally about the resolution status of reports and showcase the work completed.

All YesWeHack customers with closed reports in their vulnerability center.

- All YesWeHack customers with closed reports in their vulnerability center.

Export an executive report from the Vulnerability Center to access the different charts including closed reports. Example:

- Export an executive report from the Vulnerability Center to access the different charts including closed reports. Example:

<img src="https://downloads.intercomcdn.eu/i/o/tr8grriy/105851081/839df80917e149fa4647dccd6c33/1f195.png?expires=1772658000&amp;signature=a586300d3085c848d6c37ba725d116f6b4019692e4bb390d16a1f63f76d14218&amp;req=0dVqzV37rD8plxv0%2B9pgpgP4xMA4LCJ5n8dqezv8GbCfqyrFr1KatnnC1QuH%0A" width="32" alt=""> [CORE] "View as" from program management page

A new button is now available in all programs, allowing organisations to switch to a hunter/pentester view and better tailor their program to the security researcher community.

Click the “View as hunter” button (“View as pentester” for pentest programs)

- Go to the “Admin Panel”
- Select a program
- Click the “View as hunter” button (“View as pentester” for pentest programs)

A new screen will appear displaying the hunter view of your program

Click on “View as manager” to go back

- A new screen will appear displaying the hunter view of your program
- Click on “View as manager” to go back

Hunters must complete KYC verification (i.e., be validated) before submitting a vulnerability report to a program (the Dojo program is excluded). Previously, hunters could submit a report even with a pending KYC status.

New invitation notifications are now available on the platform. Team members and hunters are now notified when they are invited to a program.

Two new buttons - “View in Vulnerability Center” and “View in Dashboard” - are now available in all programs, allowing access to the program’s reports and dashboard, respectively. New “Go to” and “View in” buttons also appear in the Attack Surface tab (e.g., “View in Vulnerability Center”).

[ASM] In the Admin panel &gt; Attack Surface &gt; Assets, find the new design of the “Actions” column:

- Hunters must complete KYC verification (i.e., be validated) before submitting a vulnerability report to a program (the Dojo program is excluded). Previously, hunters could submit a report even with a pending KYC status.
- New invitation notifications are now available on the platform. Team members and hunters are now notified when they are invited to a program.
- Two new buttons - “View in Vulnerability Center” and “View in Dashboard” - are now available in all programs, allowing access to the program’s reports and dashboard, respectively. New “Go to” and “View in” buttons also appear in the Attack Surface tab (e.g., “View in Vulnerability Center”).
- [ASM] In the Admin panel &gt; Attack Surface &gt; Assets, find the new design of the “Actions” column:

Changelog 2026-02

Create a custom design with text, images, and links

Platform Code of Conduct

Find answers and get help from Intercom Support and Community Experts

This site employs cookies and other technologies that we and our third party vendors use to monitor and record personal information about you and your interactions with the site (including content viewed, cursor movements, screen recordings, and chat contents) for the purposes described in our Cookie Policy. By continuing to visit our site, you agree to our {websiteTermsLink}, {privacyPolicyLink} and {cookiePolicyLink}.

This site uses cookies and similar technologies ("cookies") as strictly necessary for site operation. We and our partners also would like to set additional cookies to enable site performance analytics, functionality, advertising and social media features. See our {cookiePolicyLink} for details. You can change your cookie preferences in our Cookie Settings.

We use cookies to make our site work and also for analytics and advertising purposes. You can enable or disable optional cookies as desired. See our {cookiePolicyLink} for more details.

Advertising cookies are set by our advertising partners to collect information about your use of the site, our communications, and other online services over time and with different browsers and devices. They use this information to show you ads online that they think will interest you and measure the ads' performance. Social media cookies are set by social media platforms to enable you to share content on those platforms, and are capable of tracking information about your activity across other online services for use as described in their privacy policies.

These cookies enable the website to provide enhanced functionality and personalisation. They may be set by us or by third party providers whose services we have added to our pages. If you do not allow these cookies then some or all of these services may not function properly.

These cookies are necessary for the website to function and cannot be switched off in our systems.

These cookies allow us to count visits and traffic sources so we can measure and improve the performance of our site. They help us to know which pages are the most and least popular and see how visitors move around the site.

You have the right to opt out of the sale of your personal information. See our {cookiePolicyLink} for more details about how we use your data.

Your Privacy Choices

We use cookies to enhance your experience. You can customize your cookie preferences below. See our {cookiePolicyLink} for more details.

Cookie Settings

Link, Press control-option-right-arrow to exit

Empty Help Center

Uh oh. That page doesn’t exist.

Home

Search

Disappointed

Neutral

Smiley

Thinking...

Searching through sources...

Analyzing...

Tickets submitted through the messenger or by a support agent in your conversation will appear here.

Changelog 2026-02

[ASM] Preventing Subdomain takeover

Key changes

Impact

Audience

Usage

⬆️[CORE] Executive report - Closed reports table

Key changes

Impact

Audience

Usage

[CORE] "View as" from program management page

Key changes

Usage

[MISC]