Lately, we’ve been hearing a lot from our customers requesting help on how to manage their evolving attack surface. As new 0days appear, new applications are spun up, and cloud instances change hourly, it can be hard for our customers to get a full view of risk into their environments.
We put together a webinar to chat more about how Rapid7 can help customers meet this challenge with two amazing presenters Cindy Stanton, SVP of Product and Customer Marketing, and Peter Scott, VP of Product Marketing.
At the beginning of this webcast, Cindy highlights where the industry started from traditional vulnerability management (VM) which was heavily focused on infrastructure but has evolved significantly over the last couple of years. Cindy discusses this rapid expansion of the attack surface having been accelerated by remote workforces during the pandemic, convergence of IT and IoT initiatives, modern development of applications leveraging containers and microservices, adoption of the public cloud, and so much more. Today, security teams face the daunting challenge of having so many layers up and down the stack from traditional infrastructure to cloud environments, applications, and beyond.They need a way to understand their full attack surface. Cindy, gives an example of this evolving challenge of increasing resources and complexity of cloud adoption below.
Cindy then turns things over to Peter Scott to walk us through the many challenges security teams are facing. For example, traditional tools aren’t purpose-built to keep pace with cloud environment, getting complete coverage of assets in your environment requires multiple solutions from different vendors that are all speaking different languages, and no solutions are providing a unified view of an organization’s risk. These challenges on top of growing economic pressures often make security teams choose between continued investment in traditional infrastructure and applications, or investing more in securing cloud environments. Peter then discusses the challenges security teams face from expanded roles, disjointed security stacks, and increases in the threat landscape. Some of these challenges are highlighted more in the video below.
After spending some time discussing the challenges organizations and security teams are facing, Cindy and Peter dive deeper into the steps organizations can take to expand their existing VM programs to include cloud environments. We will cover these steps and more in the next blog post of this series. Until then, if you’re curious to learn more about Rapid7’s InsightCloudSec solution feel free to check out the demo here, or watch the replay of this webinar at any time!
It’s always a good thing to take a step back every once in a while to take the lay of the land. Like you, we are always working at a breakneck pace to help secure the web applications being built today and ready ourselves to secure the innovations of the future. When Forrester put out The State of Application Security, 2022 report a few weeks ago, we thought it was a great time to share where we think AppSec is headed and several places where we agree with Forrester’s take on the state of play.
Here are a few of the highlights.
Modern apps require end-to-end SDLC coverage
When we think of the software development life cycle (SDLC), there is always a key focus on “shifting left.” This makes sense: We want to find security vulnerabilities earlier to save time, money, and risk exposure in production. However, if there’s one thing we’ve learned in the last 12 months with recent emergent threats, it’s that no matter how much you try to secure your applications pre-production, you still need to have runtime protections in place for your business-critical applications. The Forrester report notes that the idea of “shift everywhere” seems to be gaining traction, which is inclusive of shifting both left and right. According to Forrester’s report, 58% of global senior security decision-makers plan to increase their application security budget this year. We can expect the spend on tooling across the SDLC to be prioritized.
An example of this – highlighted by recent vulnerabilities such as Log4Shell and Spring4Shell – is the adoption of software composition analysis (SCA) in-production. While finding and fixing third-party packages with vulnerabilities in pre-production environments is absolutely critical, customers are also going to require production coverage for open-source libraries. Rapid7 tools have helped our customers detect vulnerable third-party packages in their runtime environments. You can check out more how we helped our customers do this at this blog.
As infrastructure continues to become code and modern development technologies such as containers are adopted, the risk associated with these technologies grows as well. This modern approach to application development means investment in modern security practices like container and IaC scanning are key to a best-in-class AppSec program.
APIs are growing, as is their risk
APIs are the way in which modern applications communicate. Nearly every modern application utilizes one or multiple APIs – or even is an API. API usage continues to rise across the world – and attackers have started to take notice. Malicious API traffic almost doubled from the timeframe of Dec 2020 to January 2021, Forrester reports.
APIs are now clearly a part of organizations’ growing attack surface, and their importance will continue to grow over the next few years. That means they need to be a critical component of any security program. There are many ways to secure APIs, including proactively scanning and monitoring them for any malicious activity.
Developers’ influence is increasing
Between the threats we’ve experienced from vulnerabilities in open-source software components and the fact that open source accounts for 75% of audited code bases, as Forrester’s latest State of Application Security Report points out, we see the growing need for including developers in security decision-making. Development teams are critical stakeholders – and often, they need just as much input when it comes to what security tools and practices to implement.
As modern applications require modern development technologies, development teams are looking to partner with security teams on ways to implement compensating controls, without slowing down the speed of development. We can continue to expect an increase in the influence that development teams will have on security programs.
These are just a few highlights about the current state of application security and the trends that will shape it this year, next year, and years to come. As always, we will keep our finger on the pulse of application security and help to drive the practice forward to help you keep your organization safe.
For the second year in a row, Rapid7 has been named a Visionary in the Gartner® 2022 Magic Quadrant for Application Security Testing. We believe we accomplished this by combining an industry-leading dynamic application security testing (DAST) solution with container and cloud security, security across the software development life cycle (SDLC), strategic partnerships, and a customer-centric approach that anticipates the needs of not just security teams but DevOps teams as well. All in a package that is easy to utilize and highly accurate.
We are proud of the approach we have taken to keeping applications and APIs safe and secure. We recognized early that while DAST is the bedrock of a strong application security program, it works best when combined with the core capabilities we have built into our platform that allow for teams across the company to work together, rather than be siloed and inefficient.
Workflows that actually work for your business
We offer support for developer stakeholders across the SDLC (pre- and post-production), actively moving left in the lifecycle, and ensuring that applications and APIs are secure throughout the development process. This means teams can work cross-functionally, saving time and resulting in stronger security protections baked into the applications themselves. Our Attack Replay feature allows developers to confirm a vulnerability on their own, without the need to run a scan, making it even easier to find and remediate risks at any point in the process.
“The product provides our developers with actionable solutions to security risks that was missed during development.”
At Rapid7, we are very proud of our history of innovative, modern, and forward-thinking vulnerability management solutions. However, it takes more than that to secure modern web applications. InsightAppSec integrates with the Insight platform, giving you a full view of your production environment. We have made a series of strategic investments and partnerships to expand the level and competency of our Insight platform, including those with Snyk and Checkmarx, which ensure that InsightAppSec is prepared to cover every level of your attack surface from every angle.
Our focus on cloud-native applications, in particular, means we have the tools to protect the most cutting-edge applications and to help those transitioning into the cloud — all with the ease and confidence that comes from our customer-centric approach to application security.
“In my opinion InsightAppSec approaches DAST the optimal way, with a cloud-based interface and the ability to spin up on-premises engines to perform scans. This means we’re not responsible for software updates, and the on-premises engines have an auto-update functionality that make them very low maintenance.”
At the heart of our capabilities is our world-class DAST. It’s powerful, it’s accurate, it’s streamlined, and it’s cloud-based. This allows for security teams to spin up scans quickly and easily. We frequently hear from customers that we provide the most reliable results. Our Universal Translator allows coverage and attacks to be developed in parallel and released to customers as they are available, and it lets users perform security testing for traditional applications and modern applications.
“Our experience with Rapid7 products has always been positive. InsightAppSec is a great solution for DAST scanning of web apps and API. It gives great results even in unauthenticated scans and has a great UI.”
We are truly excited to be recognized as a Visionary in the latest Magic Quadrant, but we’re more excited for the many plans we have to improve and grow our AppSec offerings. We have always sought to redefine what modern application security looks like and are grateful to our customers and partners for taking this exciting journey with us.
Source: Gartner, Magic Quadrant for Application Security Testing, Dale Gardner, Mark Horvath, Dionisio Zumerle, 18th April
Gartner and Magic Quadrant are registered trademarks of Gartner, Inc. and/or its affiliates in the U.S. and internationally and are used herein with permission. All rights reserved.
Gartner does not endorse any vendor, product or service depicted in its research publications and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s Research & Advisory organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.
The warm weather is starting to roll in, the birds are chirping, and Spring… well, Spring4Shell is making a timely entrance. If you’re still recovering from Log4Shell, we’re here to tell you you’re not alone. While discovery and research of CVE-2022-22965 is evolving, Rapid7 is committed to providing our customers updates and guidance. In this blog, we wanted to share some recent product enhancements across our application security portfolio to help our customers with easy ways to test and secure their apps against Spring4Shell.
What is Spring4Shell?
Before we jump into how we can help you with our products, let’s give a quick overview of Spring4Shell. CVE-2022-22965 affects Spring MVC and Spring WebFlux applications running JDK versions 9 and later. A new feature was introduced in JDK version 9 that allows access to the ClassLoader from a Class. This vulnerability can be exploited for remote code execution (RCE). If you’re looking for more detailed information on Spring4Shell, check out our overview blog here.
Updated: RCE Attack Module for Spring4Shell
Customers leveraging InsightAppSec, our dynamic application security testing (DAST) tool, can regularly assess the risk of their applications. InsightAppSec allows you to configure 100+ types of web attacks to simulate real-world exploitation attempts. While it may be April 1st, we’re not foolin’ around when it comes to our excitement in sharing this update to our RCE Attack Module that we’ve included in the default All Modules Attack Template – specifically testing for Spring4Shell.
Cloud customers who already have the All Modules Attack Template enabled will automatically benefit from this new RCE attack as part of their regular scan cadence. Please note that these updates are only available for InsightAppSec cloud engines. However, we expect updates for on-premises engines to follow shortly. For those customers with on-premises engines, make sure to have auto-upgrade turned on for your on-prem engines to have the latest and greatest version of the engine.
NEW: Block against Spring4Shell attacks
In addition to assessing your applications for attacks with InsightAppSec, we’ve also got you covered when it comes to protecting your in-production applications. With tCell, customers can both detect and block anomalous activity, such as Spring4Shell exploit attempts. Check out the GIF below on how to enable the recently added Spring RCE block rule in tCell.
NEW: Identify vulnerable packages (such as CVE-2022-22965)
A key component of Spring4Shell is detecting whether or not you have any vulnerable packages. tCell customers leveraging the Java agent can determine if they have any vulnerable packages, including CVE-2022-22965, in their runtime environment.
Simply navigate to tCell on the Insight Platform, select your application, and navigate to the Packages and Vulns tab. Here you can view any vulnerable packages that were detected at runtime, and follow the specified remediation guidance.
Currently, the recommended mitigation guidance is for Spring Framework users to update to the fixed versions. Further information on the vulnerability and ongoing guidance are being provided in Spring’s blog here.
Utilize OS commands
One of the benefits of using tCell’s app server agents is the fact that you can enable blocking (after confirming you’re not blocking any legitimate commands) for OS commands. This will prevent a wide range of exploits including Shell commands. Below you will see an example of our OS Commands dashboard highlighting the execution attempts, and in the second graphic, you’ll see the successfully blocked OS command events.
What’s next?
We recommend following Spring’s latest guidance on remediation to reduce risk in your applications. If you’re looking for more information at any time, we will continue to update both this blog, and our initial response blog to Spring4Shell. Additionally, you can always reach out to your customer success manager, support resources, or anyone on your Rapid7 account team. Happy April – and here’s to hoping the only shells you deal with in the future are those found on the beach!
NEVER MISS A BLOG
Get the latest stories, expertise, and news about security today.
We can all agree at this point that the Log4Shell vulnerability (CVE-2021-44228) can rightfully be categorized as a celebrity vulnerability. Security teams have been working around the clock investigating whether they have instances of Log4j in their environment. You are likely very familiar with everything regarding Log4Shell, but if you are looking for more information, you can check out our Everyperson’s Guide to Log4Shell (CVE-2021-44228). In this blog, we will share how Rapid7 customers can test for Log4Shell with InsightAppSec.
Testing for Log4Shell with InsightAppSec
With InsightAppSec, our dynamic application security testing (DAST) solution, customers can assess the risk of their applications. InsightAppSec allows you to configure various attacks of your applications to identify response behaviors that make your applications more vulnerable to attacks. These attacks are run during scans that you can customize based on your needs. In this case, we’ve introduced a new default attack template for Out of Band Injection specific to Log4Shell attacks.
What’s this mean? Customers can now run an Out of Band Attack Injection from our default template, which includes an attack type for Log4Shell. The new default Out of Band attack template in InsightAppSec will perform sophisticated web application attacks that do not rely on traditional HTTP request-response interactions. Our Log4Shell vulnerability detection will simulate an attacker on your website. InsightAppSec will validate the exploitability of the application and the associated risk.
How to run a Log4Shell attack in InsightAppSec
You can scan for this new Out of Band attack using either a new attack template we have created or by creating your own custom attack template and selecting this new attack module. We have added some highlights below, but you can find a detailed guide via our help docs.
Attack templates
Out of Band Injection attack template
Out of band Log4Shell attack module
Run a scan
Scan Config
Depending on the choice of either using the new Out of Band Injection attack template or creating your own custom attack module, you now need to choose this template on your scan config and run a scan against your selected app(s).
Scan results
Now you run your scan, you can review your scan results to see if your app(s) have any findings that could be exposed as per the details in CVE-2021-44228.
What’s next?
Though official mitigation steps are changing as new information arises, we recommend for Java 8+ applications, upgrade your Log4j libraries to the latest version (currently 2.17.0) to fix any new issues as they are discovered. Application using Java 7 should upgrade Log4j to at least version 2.212.2 If you’re looking to validate any fixes have been implemented, feel free to run a validation scan with InsightAppSec to verify the fixes have been made.
If you’re looking for additional information on how Rapid7 can help support you during this time, check out our Log4j resource hub.
By now, we’re sure you’re familiar with all things Log4Shell – but we want to make sure we share how to protect your applications. Applications are a critical part of any organization’s attack surface, and we’re seeing thousands of Log4Shell attack attempts in our customers’ environments every hour. Let’s walk through the various ways tCell can help our customers protect against Log4Shell attacks.
1. Monitor for any Log4Shell attack attempts
tCell is a web application and API protection solution that has traditional web application firewall monitoring capabilities such as monitoring attacks. Over the weekend, we launched a new App Firewall detection for all tCell customers. This means tCell customers can leverage our App Firewall functionality to determine if any Log4Shell attack attempts have taken place. From there, customers can also drill in to more information on the events that took place. We’ve created a video to walk you through how to detect an Log4Shell attack attempts using the App Firewall feature in tCell in the video below.
As a reminder, customers will need to make sure they have deployed the JVM agent on their apps to begin monitoring their applications’ activity. Make sure to check out our Quick Start Guide if you need help setting up tCell.
2. Block against Log4Shell attacks
Monitoring is great, but what you may be looking for is something that protects your application by blocking Log4Shell attack attempts. In order to do this, we’ve added a default pattern (tc-cmdi-4) for customers to block against. Below is a video on how to set up this custom block rule, or reach out to the tCell team if you need any assistance rolling this out at large.
As research continues and new patterns are identified, we will provide updates to tc-cdmi-4 to improve coverage. Customers have already noted how the new default pattern is providing more protection coverage than yesterday.
3. Identify vulnerable packages(such as CVE 2021-44228)
We’ve heard from customers that they’re unsure of whether or not their applications are leveraging the vulnerable package. With tCell, we will alert you if any vulnerable packages (such as CVE 2021-44228 and CVE 2021-45046) are loaded by the application at runtime. The best way to eliminate the risk exposure for Log4Shell is to upgrade any vulnerable packages to 2.16. Check out the video below for more information.
If you would like to provide additional checks outside of the vulnerable packages check at runtime, please refer to our blog on how InsightVM can help you do this.
4. Enable OS commands
One of the benefits of using tCell’s app server agents is the fact that you can enable blocking for OS commands. This will prevent a wide range of exploits leveraging things like curl, wget, etc. Below you’ll find a picture of how to enable OS commands (either report only or block and report).
5. Detect and block suspicious actors
All events that are detected by the App Firewall in tCell are fed into the analytics engine to determine Suspicious Actors. The Suspicious Actors feature takes in multiple inputs (such as failed logins, injections, unusual inputs, etc.) and correlates these to an IP address.
Not only can you monitor for suspicious actors with tCell, but you can also configure tCell to block all activity or just the suspicious activity from the malicious actor’s IP.
All the components together make the magic happen
The power of tCell isn’t in one or two features, but rather its robust capability set, which we believe is required to secure any environment with a defense-in-depth approach. We will help customers not only identify vulnerable Log4j packages that are being used, but also assist with monitoring for suspicious activity and block attacks. The best security is when you have multiple types of defenses available to protect against bad actors, and this is why using the capabilities mentioned here will prove to be valuable in protecting against Log4Shell and future threats.
Get more critical insights about defending against Log4Shell
We’re excited to share that we’ve coordinated our recent .NET and .NET Core agent releases with the brand new .NET 6.0 release from Microsoft.
What is tCell?
Since the founding of tCell by Rapid7, our web application and API protection solution, we’ve prided ourselves on providing both breadth and depth of coverage. We recognize the importance of shifting left in the software development lifecycle (SDLC), and we also see the equal importance of shifting right. This is why Rapid7 approaches application security from a holistic perspective that’s inclusive of testing, monitoring, and protecting to prevent the exploitation of web applications and APIs across the SDLC.
In addition to coverage throughout the SDLC, we recognize modern applications require modern AppSec solutions to meet them where they are. This is why our solution offers flexible deployment options including our App-Server agents, Web-Server agents, proxy agents, and CDN agents. So whether you’re securing a traditional application written in Java, you’re a Windows shop, or you’re deploying applications with a Kubernetes architecture, we’ve got you covered.
Sounds great… but what’s new?
Today, Microsoft announced the release of .NET 6, a significant release with an expected lifetime of 3 years and a slew of new features. Today, tCell also announced support for .NET 6. This is in line with a promise to our customers to support modern languages and frameworks, as soon as possible.
With this new tCell release, customers leveraging .NET or .NET Core frameworks will continue to be supported with our native .NET and .NET Core agents. Additionally, we’ve added functionality for new and existing tCell customers. For those customers who are leveraging tCell’s .NET or .NET Core agents 2.2+, they will now have full visibility into their API endpoints. What’s this mean? tCell will automatically enumerate your application’s API endpoints and show you attack attempts, attack types, and any app exceptions.
This is helpful because it provides visibility into key API endpoints, what attacks were attempted, and what attacks were successful, automatically reducing the number of high alerts our customers receive. From here, customers can drill down for more context on the attack attempts and view detailed stack trace information.
So, tell me more!
In addition to the real-time monitoring and detection for your web applications and APIs, tCell provides a robust set of use cases that it helps solve when leveraging either our .NET or .NET Core agents. Here are just a few examples:
Want visibility into your dev teams’ third-party packages and their associated vulnerabilities? Check out our runtime software composition analysis (SCA) feature, which will highlight any vulnerable third party code.
Want to make sure no one gets access to your user accounts? Attackers will often use a stolen list of credentials to login to an app and mimic real user behavior. With tCell’s Account Takeover capabilities, we monitor for these auth events and can take action on blocking anyone that is deemed a threat. We can also share a list of compromised users your team can follow up on.
Want to ensure your apps only load specific content? tCell makes it seamless and easy to enable Content Security Policies to enforce what content is loaded on your site and ensure a safe and happy user experience.
… And so much more, from specific actor detection to prevention of unauthorized executions of OS commands and app-level attacks.
We’re proud of our continued investment in helping customers secure their applications and APIs. Curious to learn more? Feel free to reach out to get a demo of tCell or try it out yourself!
Late last week, the Open Web Application Security Project (OWASP) released its top 10 list of critical web application security risks. The last OWASP Top 10 came out in 2017, and in the intervening 4 years, we’ve seen a fundamental shift in application security that includes greater emphasis on securing web applications during the ever-evolving development process.
In this post, we’re going to discuss the 2021 OWASP Top 10, how the list is evolving alongside the web application security discussion, and what you should take away from this year’s Top 10. And if you want to learn more, stay tuned in the coming weeks for deeper dives into several of the main recommendations this year’s OWASP team has identified.
What is the OWASP Top 10?
The OWASP Top 10 is an awareness document that highlights the top 10 most critical web application security risks. The risks are in a ranked order based on frequency, severity, and magnitude for impact.
OWASP has maintained this list since 2003, and every few years, they update the list based on advancements in both application development and application security. Many organizations look to the OWASP Top 10 as a guide for minimizing risk.
So, what’s changed?
As mentioned above, OWASP and their Top 10 have evolved to focus more on helping developers build secure applications and work with security teams. After partnering with organizations and once again taking into consideration frequency, severity, and magnitude for risk that these vulnerabilities introduce, OWASP recently released their new OWASP Top 10 for 2021. Check out the changes below:
Some of the notable changes include the introduction of new categories, consolidation, and scope changes to categories. Examples of these changes include:
The introduction of insecure design — We’ve seen this repeatedly highlighted as an area to watch, as the pressure mounts to continuously deliver new apps and features. An application’s architecture must take thoughtful security principles into account from the very beginning of the design process.
Broadened focus of injections — The new injection vulnerability category now includes 33 CWEs and many common injection types, such as SQL and NoSQL. The notable consolidation that took place this year was the inclusion of Cross-Site Scripting (XSS) into the injection category.
Vulnerable and outdated components replace “using components with known vulnerabilities” — This is an example of an expanded scope of category to include using outdated open-source libraries and their associated vulnerabilities.
What do these changes mean?
The changes to the OWASP Top 10 reflect the shifts we’ve witnessed in application development and security. As the pressure mounts for teams to deliver high-quality products faster than ever, and we see the introduction of many cloud-native technologies to facilitate the acceleration of development cycles, developers must focus on scalable security from the start.
The 2021 OWASP Top 10 highlights a strategic approach to security that includes the architecture that supports the application, as well as the APIs, data, and so much more. The methodologies for testing and monitoring your applications through development to production are also critical in this framework. The 2021 OWASP Top 10 highlights many of these changes with the adoption of best-in-class tools and practices such as shifting left, DevSecOps, and a focus on preventing risk through a combination of both testing and monitoring.
Want to learn more? Stay tuned for our follow-up blogs, where we’ll take a deeper dive into some of the OWASP Top 10 to discuss what’s changed and why these updates are important.
NEVER MISS A BLOG
Get the latest stories, expertise, and news about security today.
It’s crazy to believe 2020 has come to an end, and we’re sure we’re not alone in our excitement for 2021! Without a doubt, 2020 has presented some challenges for us all in the security world, as many companies quickly adopted a work-from-home model and pivoted from an in-store experience quickly to a digital one. This accelerated digital transformation encouraged us at Rapid7 to create new programs and think about how we can continuously improve the customer experience.
For application security in particular, we saw restaurants creating new apps to facilitate takeout and delivery orders, fast-growing platforms like Instacart and DoorDash developing internal apps to keep in touch with their employees, and small-business owners creating web apps to continue selling their products and services. With the rapid increase in web application development came the need to make sure these applications were as secure as possible.
Here at Rapid7, we view your application security program as a key component of your vulnerability risk management (VRM) program. Considering the challenges of 2020, we wanted to make sure we not only continued to support our existing customers through their challenges, but that we also provided new ways for our customers to get visibility into their application security program while helping them to scale with the pressures of 2020.
We’ve previously recapped some of our product enhancements from this year, such as this blog covering Q2 and this one covering Q3 for 2020, but now we will cover the highlights for Q4. Below, we’ll recap some of the new and exciting features we have released as a part of our application security portfolio (inclusive of our industry-leading testing and monitoring solutions).
Increase your visibility
We continue to hear the desire to gain more visibility into application security programs, which is why we have released:
New ‘All Apps’ report in InsightAppSec
The New “All Apps” report in InsightAppSec is now available for companies that are looking to get a single view into risk activity across all of their applications and communicate this up to their leadership teams. Want to check it out? Click here to see how you can create your own All Apps report in InsightAppSec today!
New joint ‘All Apps’ and ‘All Assets’ report (between InsightAppSec and InsightVM)
Are you currently using InsightAppSec and InsightVM and looking for a view into the risk across your vulnerability risk management portfolio? Check out this new joint report, where you can get a single view into your full-stack vulnerability risk management activity across both InsightVM and InsightAppSec. You can find more information about this here!
Scale up with ease
While visibility is a key component to a successful VRM program, many teams were challenged this year with the need to scale their application security programs and activities. We wanted to make it easier on these teams, so we released the following features to help security teams save time and effort when it came to these scaling activities:
Application tagging in InsightAppSec
You can now easily create and manage tags across one or multiple apps based on what matters to you, such as criticality, tech stack, environment, or business unit. This helps you manage your application portfolio by filtering both apps and vulnerabilities based on these tags.
New pages in InsightAppSec
We have launched a new global schedule page that allows you to create and manage scan schedules and blackouts in a single view, and we have created a new manage files tab that saves you time when it comes to edits or updates that need to be made to macros for scan authentication (you can now download the macro file and make edits, rather than having to re-record the entire macro!).
tCell now available in Europe
We understand the importance of data sovereignty, which is why we wanted to make sure we made tCell available globally, with new data centers in Europe and new ones to be added in Q1 of 2021.
AppFirewall filter on IP CIDR ranges and Groups
Looking to reduce the noise and number of events in the AppFirewall dashboard in tCell? We have added filtering on IP Groups and CIDR ranges so you can get faster, more actionable insights.
Keep up with constant change
While we are only highlighting some of our updates above, we recognize application development is ever-changing and we want to be able to support our customers to build secure software. For that reason we wanted to share one more update with you from this quarter:
New Envoy agent in tCell
If you are currently (or looking to explore) leveraging the Envoy Proxy for your cloud-native apps, tCell now has a dedicated Envoy agent that plugs directly into the proxy layer to provide monitoring and protection capabilities for modern architectures. You can find more information on this here!
As always, many of our releases this quarter went through early access programs with our customers, and if you were one of our customers who participated and gave us feedback, we just want to take a moment to say thank you! We appreciate your feedback and always look for ways to incorporate it to make our solutions provide the maximum value to our customers. Want to participate in an on-going or upcoming early access program to have your voice heard on areas where we can continue to improve our products? Reach out to your CSM, who can tell you about ongoing early access programs and get you signed up!
Thank you for your loyalty and support through 2020. We look forward to 2021 and our continued partnership!
NEVER MISS A BLOG
Get the latest stories, expertise, and news about security today.
By continuing to use the site, you agree to the use of cookies. more information
The cookie settings on this website are set to "allow cookies" to give you the best browsing experience possible. If you continue to use this website without changing your cookie settings or you click "Accept" below then you are consenting to this.
