November 2025
Application Features
New Integration Method: AWS Inspector via IAM Role-Based Access
We’ve expanded our AWS Inspector integration to support secure, IAM Role-based access, aligning with best practice security standards.
New Setup Option
Users can now integrate AWS Inspector by specifying:
AWS Account Number
Region
Scanner Frequency
Platform-Generated unique External ID
The External ID is used in the AWS IAM Trust Policy to establish a secure connection between the Rootshell platform and your AWS environment.
Simplified Role Setup
The platform provides a clear trust policy template to copy and use when creating your IAM role. This ensures the integration is secure, policy-compliant, and easy to validate.
Why This Matters
IAM Role access replaces the need for long-lived static credentials, providing a more secure and scalable way to connect AWS Inspector with the platform.
Access Key/Secret Key integration remains fully supported for flexibility.
Note for Admins:
Updated documentation is available outlining both integration methods and IAM policy configuration. Please refer to the Knowledge Base or contact support for setup assistance.
Bulk Ticket Creation from Affected Instances
You can now bulk create tickets across all supported ticketing integrations—Jira, ServiceNow, Freshdesk, and TOPDesk—directly from the Affected Instances view.
This improvement streamlines the remediation process by allowing users to:
Select multiple affected instances in one action
Trigger bulk ticket creation to the relevant service desk
Use a consistent export experience across all integrations
This enhancement is available from both the Issues and Assets pages, helping to reduce manual effort and improve operational efficiency.
⚠️ Important Note:
For performance and accuracy, bulk ticket creation is limited to 25 rows at a time. Please select up to 20 items per bulk action to ensure smooth processing and to prevent accidental mass ticket creation.
Fix for Regression Issues Linked to Closed External Tickets
We’ve resolved a critical issue where vulnerabilities previously remediated via external ticketing systems (e.g. Jira, ServiceNow) were incorrectly marked as remediated again upon reappearance in later scans.
What’s Improved:
When an issue reappears in a new scan (i.e. a regression), the platform breaks the link to the previous external ticket (e.g. Jira).
The issue is now correctly marked as vulnerable and tagged with Regression.
This ensures the issue is not auto-marked as remediated based on a previous ticket’s status.
Users are now required to create a new external ticket, maintaining clarity and accountability in remediation workflows.
This change helps ensure accurate vulnerability tracking, avoids false positives in remediation metrics, and supports better triage and ticketing flows for clients using ongoing scanning workflows.
Filter Assets by Components or Certificates
You can now filter assets more precisely on the Assets page using two new filter types:
Components Filter: Select one or more software components to view assets linked to those technologies.
Certificates Filter: Select from available certificates to find assets associated with specific certs.
These new multi-select filters function like tags and support OR-based logic — making it easier to locate and triage relevant assets across large datasets.
Only assets with linked data visible to the user (based on access permissions) will be returned in filtered results.
Comment Logging for ASM Asset Status Changes
We’ve introduced the ability to add comments when changing the status of an asset within the Attack Surface Management (ASM) workflow. This ensures better auditability and accountability, particularly when setting sensitive statuses like Rogue or False Positive.
When a user changes the status of an ASM asset, they are now prompted to enter a reason for the change. This comment is recorded and viewable via a new Asset Status History modal, which logs all previous status changes, including the project, date, user, and accompanying notes.
This improvement enhances transparency between MSPs and end clients, providing vital context behind asset decisions during triage.
Operational Features
Tenant Tagging for Enhanced Management
Security partners can now organise and manage their tenants more effectively with our new Tagging Capability at the Tenant Overview level.
This feature introduces:
Tag assignment directly within the Tenant Management page and dashboard tab
Advanced filtering options (AND, OR, NOT) to refine tenant views
A dedicated Tag Management page to create, delete, and merge tags
Tag visibility and management restricted to users with Tenant Management permissions
Perfect for tracking different services, configurations, or partner-specific setups across your client base.
