Overview
What's New?
Overview
What's New?
We are continuing to update the Shield Platform and will be posting about recent changes that have been made and will link to the appropriate documentation
Per-Host API Enhancement
| Date | 8-1-24 |
| Scope | Shield API |
| Description | Shield has extended the capabilities of their API to be more functional at the host level. Users can now query a specific host to get information regarding the asset information and vulnerability information on each asset and/or identity object within a subscription. |
| References | Shield API |
UI Enhancements & Workflow Updates
| Date | 7-31-24 |
| Scope | Subscriptions; Attack Surface Management; Internal Network; Identity Security |
| Description | Shield has been making major improvements to the user interface, the charts that are shown across all modules, and implemented several workflow actions when signing up, creating subscription(s), and deploying resources. Users will notice a change in the simplicity of what is shown and how the flow of the platform works to drive more actions and retrieve the results at a faster pace. |
| References | Reporting |
Shield Risk Reduction Recommendations
| Date | 7-22-24 |
| Scope | Internal Network |
| Description | Shield now provides each subscription with dynamic recommendations that focus on reducing the most risk within each subscription. The recommendations will aggregate the most critical vulnerabilities for each subscription and provide specific instructions on how to these critical issues across the number of hosts that are affected. |
| References | Internal Network |
New Shield Scanner Deployment Method
| Date | 7-15-24 |
| Scope | Internal Network; Deployment |
| Description | Shield released their own deployment package for the Shield vulnerability scanner. Users can now navigate to the Deployment within the Internal Network > Network-based tab to access the single script that will deploy the Shield service, install the scanner, and link the scanner to the respective subscription. |
| References | Deployment |
Shield Exposure Index
| Date | 6-25-24 |
| Scope | Shield Exposure Index; Attack Surface Management; Internal Network; Identity Security |
| Description | Shield has now released their own proprietary vulnerability scoring system that weights the most impactful threat vectors around exploitation, impact, and likelihood which augments the traditional vulnerability criticality scores. |
| References | Shield Exposure Index |
Vulnerability Name Filtering
| Date | 6-19-24 |
| Scope | Attack Surface Management; Internal Network |
| Description | The vulnerabilities within each module (ASM, VM, ID Security) are now filtered by the name so that organizations can view the overall count of the specific vulnerabilities, rather than viewing the total instances, which enhances the overall user experience. |
| References | Attack Surface; Internal Network; |
Reporting
| Date | 5-7-24 |
| Scope | Reporting |
| Description | Users now have the ability to generate reports with limited, results-based customizations. Users can navigate to the reports module and choose to export the information in full detailed reports or executive summary reports for different modules that identify information within the platform. |
| References | Reporting |
Admin-Level Views
| Date | 4-29-24 |
| Scope | Overview |
| Description | Users can now view all subscriptions and high-level information regarding each subscription within the Overview section within the platform. This will allow users to quickly see all of the connected agents, services, and important risks that may arise within the subscription. |
| References | Overview |
Enhanced Network Scan Configuration
| Date | 4-17-24 |
| Scope | Scans; Scan Creation |
| Description | Within the Scans module within the Target creation, users can now specify different configurations for performing network-based scans. Additional options, such as port lists and alive tests can be configured to perform more comprehensive and robust scans from a network perspective. |
| References | Scan Creation |
Endpoint Configuration Assessment
| Date | 4-12-24 |
| Scope | Internal Network |
| Description | The Shield Platform will now assess all deployed agents for secure configurations according to the Center of Internet Security’s (CIS) benchmarks for each Operating System the agent is running on. Additionally, users can export this information in CSV format from the Configurations tab within the Internal Network module or in JSON format from the Shield API. |
| References | Internal Network; Shield Cyber API |
Export Assets Feature
| Date | 3-19-24 |
| Scope | Attack Surface Management; Internal Network |
| Description | The Shield Platform now allows all assets to be exported, like all vulnerabilities, in a CSV format or JSON format via the Shield Cyber API. |
| References | Attack Surface; Internal Network; Shield Cyber API |
Streamlined Service Deployment
| Date | 3-14-24 |
| Scope | Internal Network Agents, Internal Network Scanner, & Identity Security Service |
| Description | The Shield platform now has a streamlined user sign-up workflow, where after account creation, users will be directed to create their first subscription, and then will be directed to start deploying the services necessary to use the Shield platform. |
| References | Deployment |
Help Documentation Platform Integration
| Date | 3-08-24 |
| Scope | Attack Surface, Internal Network, and Identity Security Vulnerabilities |
| Description | The Shield Platform now has all of the documentation linked on each page. To access the documentation for a specific page, click the question mark button in the top right corner to access the specific documentation for the page you are on. |
| References | Shield Cyber Documentation |
Shield’s Public Facing API
| Date | 2-20-24 |
| Scope | Attack Surface, Internal Network, and Identity Security Vulnerabilities |
| Description | Shield now has a public facing API endpoint to retrieve results from the Attack Surface, Internal Network, and Identity Security Modules. Additionally there are endpoints that support CSV file export for all results. |
| References | Shield API Swagger; Shield API Documentation |
Export Vulnerabilities Feature
| Date | 2-15-24 |
| Scope | Attack Surface, Internal Network, and Identity Security Vulnerabilities |
| Description | The Shield platform now has the capability to export all vulnerabilities for each module in the form of comma separated value (CSV) files. |
| References | Attack Surface; Internal Network; Identity Security |
Network-Based Scanner Deployment
| Date | 2-12-24 |
| Scope | Network Scanner Deployment & Automation |
| Description | The Shield network scanner can now be deployed and launched with automated scripts on a Linux-based host. This removes the need for having a separate service that needs to run alongside the Shield scanner after deployed. |
| References | Network Scanner Deployment; Shield Cyber Network Scanner GitHub |
External Attack Surface Scanning & Hosting
| Date | 1-29-24 |
| Scope | Attack Surface Scanning |
| Description | Each Shield subscription that is created now comes configured with an external attack surface scanner. With this added feature, users have the ability to configure and create scans that target their external (internet-facing) infrastructure. |
| References | Attack Surface |
Scan Creation
| Date | 1-29-24 |
| Scope | Network Scan Creation |
| Description | The Shield Platform now has the ability to create and launch network-based scans within the Scan Creation module of the platform. |
| References | Scan Creation Documentation |
Agent-Based Scanning
| Date | 12-18-23 |
| Scope | Agent-Based Vulnerability Scanning (Windows OS) |
| Description | The Shield Platform can now perform vulnerability scanning via the Shield Agent. Please navigate to the Agents to manage and add new agents for each subscription. |
| References | Agent-Based Scanning |