Faraday Blog

In the dynamic world of IT security, proactive vulnerability management is key. This comprehensive guide introduces steps to set up an enhanced vulnerability management system utilizing freemium and open-source tools, including Faraday for continuous scanning, SonarQube for static application security testing (SAST), and Kibana, Wazuh, or Splunk as your Security Information and Event Management (SIEM) solution.

Pentesters use a comprehensive and complete toolkit to expose different platforms and evaluate the security of an IT infrastructure. They safely try to exploit vulnerabilities and are experts at reporting failures, data leakage, or other vulnerabilities.
In this post, we present these tools and the several ways they can be applied.

But the outcome of all that is so rewarding. It only placed the bar higher for us, which means we have a tough job for next year. We're saying goodbye to 2023 with a major release. We're pleased to welcome Faraday v.5.0.0. It represents a huge leap in performance for all of our users and customers. We're euphoric about it and very thankful for the team that made it happen. We're a top-tier product that keeps getting better. You can leave your feedback at Gartner and read more about other users' opinions.

Pentesters use a comprehensive and complete toolkit to expose different platforms and evaluate the security of an IT infrastructure. They safely try to exploit vulnerabilities and are experts at reporting failures, data leakage, or other vulnerabilities.
In this post, we present these tools and the several ways they can be applied.

Our risk scoring system goes beyond mere criticality analysis, pinpointing precisely where real vulnerabilities lie. It offers a straightforward representation, not just an objective evaluation framework, but a curated set of filters tailored to prioritize based on specific contexts. Prioritization becomes a time-saving asset; now, you can filter vulnerabilities from a hacker's perspective.

We are thrilled to introduce Faraday v4.6.0. In this release, we've significantly added improvements to our pipeline section performance and introduced new tools useful for DevOps and security professionals, helping them identify security and compliance issues within their code earlier in the development process.