XM newsletter week 30
Improved workflow from recommendation details to related findings and assets
- Recommendations details page introduces a tabbed widget for Findings and Assets related to a recommendation
- Findings tab of the widget grouping the findings by finding type to avoid cluttered view by repeating finding instances on different assets.
- Findings table rows (having finding definitions now) can be expanded to visit the affected assets. e.g for CVE vulnerabilities there is now only a single row by expanding which, affected assets by that single CVE can be viewed.
- Findings widget shows first few findings only, to see them all in a fly out, "Show All" link on the top of the table has to be clicked on
- Simulated attack path visualization "preview" added to the recommendations detail page as a new widget
- Attack path preview widget with a best effort approach highlights the critical asset in the attack path
New EASM recommendations added for misconfigurations within web applications
- Requires setting up a vulnerability web scan against the target that runes the web application. Please refer to this document for how to set up a web scan.