Application Features

New Features

• Exploit Detection Service – New Resource Added – We have now included a further resource to enhance this feature. The Cybersecurity and Infrastructure Security Agency (CISA) in the United States now has an extensive tracked exploit list that will add further coverage and context to our Rootshell clients. This will work in the same way as our current providers, Exploit DB and the Zero Day Initiative. Welcome!
• User Teams – Rootshell users can now create and delegate users to teams. This helps those clients that have different teams covering different parts of their digital estate. Users can perform this through the Users page.
• Ransomware Report Template – Users can now generate a ransomware assessment PDF report to supplement the visuals available in platform.
• Issue Numbering – Rootshell now includes visuals within the platform, excel and PDF exports to display the unique issue number of a vulnerability. This will help when referencing issues with colleagues and testing providers.
• Users – Rootshell now allows clients to onboard multiple users to their Rootshell instance at once, by uploading a spreadsheet of the users details. Rootshell will digest this information and in turn send out onboarding invites in bulk. Hit the Import Users button within the Users page to take a look!

Application Improvements

• Assets – Users are now able to run the new merge assets process against all assets within your Rootshell instance. Rootshell will detect the duplicate assets and walk you through each asset in order to build up the final asset artefact to be used in Rootshell. Once completed using the merge settings your asset inventory should be auto managed. This means clients can clean up historic asset entries with just a few clicks. Find this new feature within the merge settings button on the Assets page.
• Projects – Users can now view an issues overview listing for all phases within a project.
• Issues – Project filters have been included within the Issues and Assets pages.
• Issues – Included an updated at field so users can identify those issues that have been changed or edited.
• Issues – Assigning a user has now been included within the actions menu within an issue detailed view.
• Audit Log – The audit log has had a facelift and performance improvements. Also questionnaire activity has been added to the coverage. Users now have more ways to get to the data they need to see with the inclusion of a search field.
• Access Controls – ACL rules have had their wording updated to better explain their usage. We have also given the page a facelift.
• Parent/Child Relationships – Now including the parent/child relationships for JSON and Spreadsheet imports based on the issue name where a tool ID is not present.
• Notifications – Users can now manage both email and in platform notifications within your user profile page.

Operational Features

New Features

• CVE Watchlist/Active Exploits – Security providers are now able to manage and curate an active exploit database that compliments the already implemented Rootshell Exploit Detection Service. This watchlist allows providers to add CVE’s that are known to be actively exploited for a period of time, allowing the end user to prioritise further any issues found within their digital estate.
• Security Tester Biographies – Security providers are now able to include the biographies of their testers to add a more human element for the end client.
• Removal of Issues and Phases – Safeguards have been put in place that will alert users trying to delete issues that may already have been passed off to ticketing systems. Also alerts are shown if users are trying to add issues to closed phases.

• Issue Merging – A number of improvements have been made for this security provider feature such as, references and CVSS data are now included within the merge, filters can be applied to bulk merge issues, styling has been cleaned up, duplicate IP/Ports have been removed and a summary table has been included to contain the list of issues, their severity and affected hosts.
• Audit Log – This has been added within the Tenant Overview area of Rootshell.
• Platform Performance – Numerous platform upgrades and speed efficiencies are included within this release to make the Rootshell experience even more reliable and quicker!