WASP Release Notes
Release Notes

(03.04.2024)

Overview

We are pleased to announce the latest release of WASP, packed with new functions, substantial enhancements to existing features, and security updates.

With an emphasis on seamless integration, web asset enrichment, and bug resolution, this update aims to provide a secure, streamlined user experience and augment your team’s efficiency.

Explore this improved iteration of WASP, meticulously designed to meet your professional needs.

WASP Release Notes
- June 2024

VERSION June 2024

New Notifications Feature

The deprecated “Latest Analysis” feature is replaced with a new notification widget. Accessible by clicking the bell icon, this feature shows changes in ticket statuses and every new detection/change in WASP, ensuring you stay up-to-date with all relevant information.

New notifications

Dark Mode

We have recently published Dark Mode for WASP, enhancing accessibility and providing an option for those who prefer a darker interface. Enjoy a more comfortable viewing experience with our new Dark Mode.

Custom User-Agent String for WASP’s Security Scanners

Users can now choose the user-agent string for their scanners in order to streamline the whitelisting process of WASP scanners.. This feature makes the whitelisting process more agile and customizable to meet your specific needs.

Mobile Version

We have launched a mobile version of WASP, enabling you to manage and monitor your security operations on the go. Access all key features and stay connected with your security landscape anytime, anywhere.

Onboarding Wizard

Designed to serve new customers, this guided wizard is also available for existing customers to complete their onboarding process. The onboarding wizard helps you get fully onboarded within minutes, ensuring a seamless start with WASP.

AWS Certified Partner

WASP is now an AWS Certified Partner and is available on the AWS Marketplace. This partnership allows us to offer our advanced security solutions to a broader audience, leveraging the power and reach of AWS.

WASP Release Notes
- January 2024

VERSION January 2024

New Integrations

We’ve expanded WASP’s capabilities with three new integrations: AWS, Cloudflare, and Okta. While the AWS and CloudFlare integrations enhance your ability to map and understand your organization’s attack surface more deeply and accurately, the Okta integration simplifies user connectivity and management.

For the full Okta integration tutorial, press here.

PT Scheduler (Beta)

Introducing our new Penetration Test Scheduler. This self-service tool allows users to easily schedule penetration tests. The intuitive wizard simplifies the process of gathering scope data and other necessary information for planning and executing penetration tests.

Interactive Page Tours

Enhance your understanding of WASP with our new semi-interactive page tours. Simply click the ‘Tour’ button on any page to receive detailed explanations about the widgets and key features specific to that page.

Bulk Findings Export to PDF

For streamlined reporting and analysis, we’ve added the capability to export a bulk of findings directly to PDF format, making it easier to share and review your security data.

Rich Text Comments in Findings

Our findings feature now supports rich text comments, enabling you to include images, links, and other rich media in your annotations for more comprehensive documentation.

Advanced Filtering for Findings

We’ve introduced new filtering options for findings, allowing you to sort and manage them by criteria such as CWE, CVSS score, Assignee and SLA expiration date. This enhanced functionality provides a more targeted approach to managing your security findings.

WASP Release Notes
- October 2023

VERSION October 2023

Support chatbot

We have integrated a chatbot into the WASP platform to assist with common enquiries. This tool is designed to provide immediate answers to frequently asked questions about WASP’s functionalities. If the chatbot does not suitably address your query, our support team remains available for further assistance.

New ASM scanners - XSS dynamic scanner

We have incorporated a new automated scanner into the ASM specifically designed to detect Cross-Site Scripting (XSS) vulnerabilities. This enhancement aims to bolster the security measures of our platform by identifying potential XSS threats. This feature can be easily toggled on or off through the scanner settings section for users who wish to customize their scanning preferences.

This addition underscores our commitment to providing robust security tools tailored to our users’ needs.

Risk score widget refinement

The risk score feature has been updated for clarity. This enhancement offers a more comprehensive view of the factors that go to make up the risk score, allowing users to better understand the determinants of their risk assessments.

Risk score widget refinement

Full Automated Report Generator

1. Fully Automated Reports Generator

  • Introducing our new feature that allows users to generate reports with zero manual intervention. Just set your parameters, and let the system do the rest!

2. Enhanced Report Types:

  • Catering to diverse needs, we now support four distinct types of reports. Choose the one that fits your requirements:
    • Full Report: A comprehensive report detailing all aspects of the analysis.
    • Executive Report: A high-level summary tailored for executive audiences, focusing on key findings without going into technical details.
    • Retest Report: A report that focuses on areas that underwent retesting and highlighting the vulnerabilities identified and their resolution status.
    • Attestation Letter: A formal document attesting to the accuracy and completeness of the data presented, designed for sharing with third party stakeholders.

Export findings to CSV

To make it more convenient for users to access and utilize review findings even when offline, we have implemented a new feature on the Analysis page. We have added an export findings button, which allows users to easily export the filtered findings that are currently being displayed on the screen to a CSV file. This enhancement provides users with the flexibility to save and share the review findings in a format that is widely supported and easily accessible for further analysis and collaboration purposes.

Indication of first seen and last seen dates from Assets

The Assets page has been enhanced to provide users with a more comprehensive data set. In addition to displaying the date an asset was first seen and last seen, the page now also includes additional information such as the asset’s source, category, and status. This expanded data set allows users to gain deeper insights into the lifecycle of each asset and make more informed decisions based on the available information.

Enhancements to Latest Analysis badges

The Latest Analysis section on the main dashboard has been enhanced for improved user experience. It now precisely indicates the reason a finding has been queued in the latest analysis by displaying a relevant badge, providing users with more clarity on the analysis process.

Enhancements to Latest Analysis badges

Introduction of history log in Finding Details

Users can now view a chronological history of actions on the findings’ entity page. This feature allows for better tracking and understanding of the actions performed on each finding.

Addition of New Assets in Assets Page

Customers have the capability to add new assets. Navigate to the assets page, click on ‘Add New Asset’, enter the necessary information, and select ‘Add Asset’. This feature provides users with more control and flexibility in managing their assets.

Asset deletion

WASP now provides the option for users to delete assets themselves. To do this, go to the asset entity page and select Edit -> Delete.

Project-based access control

Project-based access control is a system that allows organizations to manage and control access to resources based on projects. This approach enhances security, streamlines workflows, and protects sensitive information so that only those users who require access to a project, have access.

As always, we welcome your feedback and requests. If you have any questions or comments, please don’t hesitate to contact us at [email protected].

Thank you for choosing WASP.
The WASP Team

Under Cyber Attack?

Fill out the form and we will contact you immediately.