DATE:
AUTHOR:
CyberCloud Team

Cyber Cloud summer release - July 2022

DATE:
AUTHOR: CyberCloud Team

Much work has been done to fulfill some major wishes of our partners and their customers. In this release, the following has been delivered and released to production.

New Features

  • Several customers asked for additional insight into the compliance level of their applications that were penetration tested for them through the Application Security Verification Standard (ASVS). In this release, we provided for penetration testers a very usable way to check all 'pentestable' norms and the results of this check are included into the report as a seperate appendix for the customer.

  • Many people believe penetration testing is only technical. However, the most important part and result of the pentesting process is the report. It's quality is dependent on several factors, besides the knowledge and experience of the penetration tester, such as: scope, manual verification of automated tests, client communication, report aspects, etc. For this, the 'CCV Keurmerk voor Pentesten' has been published in August 2021. For Penetration Testers, it is important that the pentest portal help them to meet several requirements, either automatically or manually. In this release, we have added a Quality Assurance module for penetration testers, which is activated automatically during each pentest assessment.

Minor updates

  • #4236a395 - ASVS validator implemented

  • #9a2511b0 - Translated technical names to human-readable names

  • #9fbf7e3a - Added skeleton of ASVS validator

  • #37a3402a - Support dynamic/async headers in datatable

  • #5a41ccc2 - Replaced temporary QADefinitions with production grade QADefinitions

  • #bdc67940 - Selector styling for resellers

  • #3f049440 - Restyle ASVS table on pentest page

  • #994dbe31 - Tags of selector defined, but optional

  • #10c0f88d - Able to add a random selector styling to reseller for reports

  • #8245640a - Remapping of report branding

  • #02d711f3 - NMAP import option to add all targets even if no ports open

Fixes

  • #a8c9a112 - Added missing translation

  • #7d88f7dc - Better "emptyfield" checks by removing html and trimming

  • #add42969 - Added OWASP errors to frontend validation info

  • #acf03478 - Added EvidenceAttachmentTextMissingErrors frontend validation info

  • #68299ce2 - Added LowLowHighErrors display

  • #5a98a91a - Upgrades to make sure the server still runs* selector static when choosen and no other

  • #38d7cc2f - Login page margin and height fix

  • #71e03fb3 - Fill reseller fix

  • #821a00c6 - Hotfix empty start page

  • #106d1393 - Move mgmt summary to other render to fix interal linking to issues

  • #ec62e4cd - Import bug,, questionMark

  • #cab49997 -Image is debian and requires apt-get for canvas

Powered by LaunchNotes