Welcome to another Faraday version!
For this new release and driven by your valuable feedback, we’ve introduced enhancements that provide full control over vulnerabilities and changes that enhance your security workflow.
Highlights
Advanced notifications
Evidence
New knowledge base template
Advanced notification
For our corporate clients, we’ve upgraded our notification feature. Now, they can take advantage of an easy-to-use system designed to keep them ahead of significant changes in their vulnerability status or to be notified when changes should be made to specific vulnerabilities. For instance, users can receive notifications when the vulnerability risk score exceeds the desired level or when critical vulnerabilities don’t meet the SLA.
Now, they can take advantage of an easy-to-use system designed to keep them ahead of significant changes in their vulnerability status or to be notified when changes should be made to specific vulnerabilities
Evidence
Whether it’s for regulatory compliance, transparency, accountability, or other reasons, working with evidence is extremely important. Therefore, being able to insert them during the discovery process or in your vulnerability report is crucial. That’s why we’ve incorporated a feature to make it easier for our users to drag and drop, or use the old and reliable Ctrl+C / Ctrl+V, when describing vulnerabilities.
New knowledge base template
Vulnerability templates were extended to include CVE and CVSS. Now these fields are included in the template, for their use when applying templates to existing vulnerabilities.
Custom attribute
We added date type as custom attributes for vulnerabilities.
Plugins
For our community of developers and small teams looking to stay secure as they build. We are excited to incorporate Snyk to our stack of plugins. Scan and import vulnerabilities from Snyk to Faraday in simple steps.
Run Snyk as usual, but we will be adding the json flag to obtain all the Vulnerability details from the scan. For example:
$ cd gitlab_integration_demo $ snyk test --json > /tmp/snyk.json && faraday-cli auth -f $FARADAY_URL -u $FARADAY_USER -p $FARADAY_PASSWORD && faraday-cli tool report /tmp/snyk.json -w snyk
We’ve also updated Prowler and AWS Inspector plugin to support the latest tool output format
And last but not least, we added a new agent Dependabot.
We hope to see you soon with more advancements and news!
Documentation:
Homepage
Documentation
Download
Issue tracker and feedback
Frequently Asked Questions
Twitter
Try our Quick Tour
If you have any questions, please let us know. Our support team will assist you support@faradaysec.com
