We’re excited to announce the general availability of DeepSurface Risk Analyzer v2.6! There are a ton of changes under the hood, but we wanted to let you know about a few key improvements:
One rather unique feature of DeepSurface Risk Analyzer is our ability to automatically discover pathways in our threat model; paths an adversary can use to lead directly to your most sensitive assets. Each path may contain dozens of vulnerabilities across multiple subnets, and can often be difficult to summarize.
In 2.6 we’ve summarized the highest risk paths as they relate to each major Risk Insights reporting item. In this new “Top Critical Paths” section, we condense the paths down to just a few of the most important hops, but you can always click on them to show the full pathway through your environment. This at-a-glance view shows you the overall risk of the path, the major steps along the way, and the final destination. This is a ton of actionable information you can use to plan mitigation or use to educate stakeholders.
Image: Selecting any vulnerability in the model view will display Top Critical Paths: these are the pathways through your network an adversary can use to access your most sensitive assets.
New Onboarding Wizard
The old wizard walked you through the setup and configuration of an agentless scanning solution. Our newly-designed wizard will now walk you through an agent-based deployment, or agentless, or a combination of the two.
We’ve also broken the installation out to two modes: the verbose mode goes into detail regarding the why of each step. For experts, there’s a simple set of checkmarks to make sure you’ve completed all the steps. It may not mean much for our existing customers, but we think it will streamline configuration for all our new customers and anyone re-deploying DeepSurface.
Image: Once you decide on an agent or agentless installation, detailed help directs you through the configuration of DeepSurface, guiding you through adding credentials, configuring IP ranges, and more.
Image: You can always toggle between the full installation wizard and a brief list of installation steps. This helps remind our “pro” users about next steps without taking them out of the familiar user interface.
We’ve added Okta 2FA and SAML support to our web console, allowing you to use the same credentials you use elsewhere in your environment to log on to the DeepSurface console.
We extended our agentless scanning to support MacOS in this release, which is a new and unique threat landscape compared to your typical Windows environment. We also added support for Amazon Linux patch feeds, so we can map vulnerabilities discovered on Amazon Linux 1 and 2 to their respective patches.