PentestPortal.io

PentestPortal release - January 2023

DATE:
AUTHOR: CyberCloud Team

Much work has been done to fulfill some major wishes of our partners and their customers. In this first release of the new year, the following has been delivered and released to production.

Features - Penetration Testers

  • #523 - Fields that have default values are not auto-focused anymore, saving time and enhancing uxer-experience.

  • #392 - Pentester IP addresses can be managed centrally now and they can be chosen from within a pentest. Pentester IP addresses will be shown in the report, according to the CCV Keurmerk Pentesten.

  • #515 - We have added a button to prefill the CVSS3.1 field with the default value.

  • #522 - Yay! Assessments can be assigned to pentesters now. This gives managers more control and overview of all pentests happening, but is also the first step for a 'Pentester Dashboard' (we will update you in the next release about this).

  • #536 - We introduced a new target type: API It has some common properties, such as name, URL and DTAP mode.

  • #287 - We have completely rebuilt the way how risks can be assigned to targets. The new screen incorporates the feedback we've got from our pentesters and makes it even easier to work with our platform.

  • #375 - Support for the Common Weakness Enumeration (https://cwe.mitre.org/index.html) standard has been implemented.

  • #533 - The new spellingchecker has been improved as it takes into account the pentest/asssessment language.

  • #550 - The risk status column is now also shown in initial pentests (so, not only in retests).

Features - Partners

  • #538 - The frontpage and contentpage can now be customized for both Dutch as English, as well for all different assessments that we support.

Features - Customers

  • #545 - We have added more extensions to the file-upload, enabling you to upload different file-formats. Of course, as our platform needs to stay on-top in cyber security, we had to design and check this feature very carefully and with defense-in-depth.

  • #551 - Customers are allowed to adjust their CSV export settings now.

Features - General

  • #517 - We did some code clean-up by removing hardcoded Cyber Cloud references.

Basic Security Scan

  • #524 - The subdomain enumeration container has been rebuilt completely. Now discover even faster all your (sub) domains.

Bugfixes

  • #516 - Table of Contents was not rendered properly, has been fixed now.

  • #523 - When creating a new pentest starting from a customer context, it is no longer required to explicitly select the customer.

  • #527 - In rare cases, when switched between front-end screens, incorrect data was shown due to incorrect local caching and triggers.

  • #537 - Risk links did not have the styling of the partner applied. This has been fixed now.

  • #546 - Some icons were not visible when adding a new target.

  • #547 - Some datatables were not loading properly.

Powered by LaunchNotes