We've been working hard over the last few months to prepare this new version of the Ethiack Portal. It changes everything, and I mean it.
We’ve collected feedback from dozens of people about what our product was missing. And this is the result. Version 2.14 expands what organizations can test, better embeds our Automated Pentester into their workflows, and brings more clarity to their attack surface.
Let me show what changed and how that solidifies our place as the best Automated Pentester on the market.
Until now, we’ve only focused on testing external assets.
But one of the most frequent requests we’ve had was the ability to test what’s hidden from the public eye. We’re talking about internal assets.
A compromised external asset can set off a chain of events that lead attackers to critical internal assets, which could contain intellectual property, code repositories, or other highly sensitive data.
Allowing the Artificial Hackers to connect to your internal assets through the Beacon will improve your security posture by making sure every edge of your infrastructure is being tested. All of your findings will be added to your Ethiack Portal, too.
You can learn more about how to connect your internal assets in this guide.
And you can test more kinds of assets, too.
Another addition is Idroid: the new Artificial Hacker for white-box testing of Android apps, developed in partnership with Zezadas. Mobile apps contain specific vulnerabilities that could compromise your users and data, and adding this module ensures a more robust security posture. All of OWASP Mobile's Top 10 are covered by this Artificial Hacker, ensuring a well-rounded security posture for your app.
We’re now supporting integrations with several CI/CD tools: Github, Gitlab and Jenkins. This means you can integrate Automated Pentesting events in your pipeline and if a vulnerability is found, your application won’t reach production. You can customize your testing criteria to set a minimum threshold (CVSS ≥ 4, e.g.) to fail testing.
Learn how to integrate our Automated Pentester with your CI/CD software here.
You’ll find a new kind of report available in the Portal: Asset Inventories. You can use this report to comply with NIS2 standards.
Want to know more about NIS2? Read one of our articles on it here.
And last but not least, we’ve also added support for SSO via SAML, making your login and account management easier and more secure.
Read more about how to set it up here.
These features were highly requested by you, our community. Right now, here’s what you need to do:
Thank you for using Ethiack and trusting us to keep you safe!