Rootshell Platform – Patch Notes June 2023

Application Features

New Features

• Automatic Dynamic Remediation – Rootshell now supports a fully automated end-to-end vulnerability management solution with the ability for users to set Rootshells existing Dynamic Remediation option to be fully automated. Trusting Rootshells tried and tested remediation feature means that users can now tell Rootshell to remediate past issues not detected in their latest scan results. Users can verify what Rootshell did on a scan by scan basis and also view a project insight to show your teams progress over time.
• New Integration – Freshworks Freshdesk – A new ticketing integration has been included in this update to support the Freshdesk product from Freshworks. Users can now export issues to this platform for tracking and assignment purposes. This integration works in the same way as our current supported systems in that bi-directional updates are tracked by Rootshell and closed tickets will remediate issues within Rootshell too.
• New Integration – Qualys WAS (Web Application Scanning) Module – A new addition to the web application scanning coverage for Rootshell see’s the Qualys WAS module being supported for parser, on demand API and auto importing. Users can now benefit from Qualys powerful infrastructure and web application capabilities with this update.
• New Integration – Invicti Web Application Scanning – Continuing in the vane of application testing coverage, Invicti (once netsparker) has been included in to the supported third party vendors for Rootshell. Users can now import data from Invicti by file parsing, API on-demand and auto importing of completed scans capabilities with this update.
• Universal Data Importer Field Mapping Improvement – Do you have data that you need to import into Rootshell but it’s currently not supported natively by the platform? The new universal importer now allows you to import any spreadsheet containing your vulnerability data, map the required fields, save the template for future use and import directly into the platform to gain all the benefits and visibility of Rootshell. With just a handful of mandatory fields to map and having the ability to save that configuration for future use, so you don’t need to perform the mappings again, is a real time saver and easy way to import any vulnerability data into Rootshell.
• Automation Centre – Reverting a Process – Users are now able to revert a single line process or a bulk action process from the Automation Centre. Therefore helping users to clean up any unexpected changes to their data.

Platform Improvements

• Report Exporting – PDF and Excel Reports are now handled by a queuing system to support high volume reporting. A report is then generated and once completed is available for download and also passed off to the SFE for availability.
• Trending Data – The main dashboards have been updated to trend vulnerability scanning data more accurately. Now Rootshell will track those peaks and troughs precisely given any remediation activity that has occurred within a given month. This may mean that you will see a change in historic trending and metrics but current issue data will be unaffected.
• Vulnerability Titles – Rootshell now wraps long vulnerability titles based on your screen settings and resolution.
• Authentication Logging – Rootshell now tracks users login and authentication to the platform.
• Platform Optimisations – A number of changes to improve the performance of the platform have been carried out including optimisations for the Main Dashboard, Asset pages, SLA calculations, Vulnerability Age and more.

Operational Features

New Features

• QA Process – The QA process has had a major overhaul to include more granular steps in the process to accurately track where a tests QA is up to. Rootshell now supports in stage comments and tasks to be iterated until their resolution. A cleaner UI and audit capabilities has also been added. The new statuses have also been reflected within QA Reports and Penetration Tester dashboards within the tenant overview area.