This release continues to improves the asset discovery and management experience. We are enhancing PDCP with more context and options for assets. Future updates will include asset filtering, labeling, and additional metadata (for example: asset categories and screenshots).

• This release introduces a new asset detail page, providing additional columns: Technology, Title, Status, IP.

• Added the ability to manually create tickets for vulnerabilities and view the referencing issue link, enabling you to track and manage vulnerabilities more effectively.

• Implemented sorting functionality in various part of the app including scans and assets.

• Introduced URLs with query parameters to easily share specific pages including filtering, templates, and search.

• Added DSL based function auto-completion in the template editor, enhancing the template creation and editing experience.

• Added asset export options for CSV and JSON, in addition to existing .TXT option.

• Introduced a new in-app feedback option, enabling you to easily share your ideas, suggestions, and bug reports.

• Fixed many other bug fixes and enhancements.

In this release, we have refreshed and simplified the assets page. Now a single screen displays all of your assets across cloud integrations, file uploads, and discovered assets. We have also included an option to run a vulnerability scan directly from assets view. Asset discovery is still in early beta, so expect to see a lot of improvements in the coming releases.

• All your assets across cloud integrations, file uploads, and discovered assets have been consolidated into a single, easy-to-navigate screen.

• Now you can view the new assets discovered in the recent run.

• Updated to discover custom port ranges under the advanced settings. This option allows you to define custom ports and ranges during the discovery process.

• Initiate vulnerability scans directly from the assets page for any given asset.

• Roll out for early pricing experiments and billing features.

• Various UX improvements and bug fixes.

New Features

• Added the ability to reconfigure scans, allowing users to edit assets, templates, and configurations (including integrations and custom headers). Changes made to existing scan configurations will be applied on the next scan run or according to the modified schedule.
  

  Note: Asset and configuration settings are not visible in scans created before this release. You can still update the settings, but previously applied configurations won't be visible.

• Support for setting up multiple reporting integrations from same provider and selecting a specific one when editing or running a scan.

Improvements

• Streamlined the scan creation flow by merging the asset and configuration setting steps into a single, more intuitive flow.

• Enhanced the scan list for better readability and easier navigation between different scans.

• Implemented various UX updates (pop-ups, dialogue) throughout the application to ensure a consistent theme and improved user experience (ongoing effort).

• Refactored significant portions of the application to improve content loading speed.

• Users now have the option to delete their account under settings.

API Updates

• Sorting options available on scans and stored vulnerabilities. You can sort the results by time, severity. API Reference.

• Get or export all the assets in one API call. Now you can list all your assets under. API Reference.

• Filter vulnerabilities and assets by “new”, this allows you to query or list the vulnerabilities or assets that were seen as new in the recent runs. This can be applied both at a specific scan or asset level, as well as across all the results. API Reference.

• Filter vulnerabilities by the tags defined within the vulnerability template. API Reference.

New Features and Improvements

Results Page

• Results are now grouped by matched templates, vulnerable assets, and related meta information for better organization.

• Bulk status updates and result deletion can be performed directly from the results page for increased efficiency.

• Vulnerabilities are uniquely filtered across all scans to eliminate duplicates.

• Detailed vulnerability information can be accessed within the table of vulnerabilities using the side view.
  

  Note: This is the initial iteration of these changes, and further improvements, such as sorting features, advanced filtering, and search functionality, will be added in the coming weeks. We appreciate your feedback and ideas to enhance the user experience.
  

Scan Logs

• Scan Logs, our newest feature has been introduced to support browsing logs of individual scans. This includes details on template matches against a given asset and any encountered errors during test execution.

• Logs can be easily navigated for each scan to verify template matches.

• Advanced filtering options are available to filter scan logs by host, template, and result status for targeted analysis.

Scheduling Enhancements

• Custom scheduling allows users to set specific times, days, or intervals (in days) for their scans.

• Hourly scans can now be automated by defining a set number of hours interval for scan repetition.
  

API Updates

• New APIs have been added for viewing and modifying existing scan configurations, including templates, assets, and configurations. These features will soon be available as UI updates in the platform.

• A new result filter API has been introduced for efficiently filtering new results and assets from enumeration.
  

Template Leaderboard

We have enabled the live leaderboard for the public template contributors. Browse here.

Bug Fixes and Improvements

• Resolved an issue that prevented team members from viewing the team workspace.

• Fixed a bug related to template variable inputs on the scan configuration page.

• Improved settings page.

• Improved login and invitation experience.

Added

• Ability to download Assets content (currently supports TXT).

• Ability to view uploaded assets content.

• Support for leaving and deleting a team.

• Multiple email input support for email alerts, enabling users to receive notifications across various emails.

Enhancements

• Improved user experience when creating a new scan.

• Enhanced team invitation acceptance process.

• Improved control over privacy in template sharing.

• Multiple bug fixes and performance improvements, enhancing the overall stability and performance of the platform.

This version introduces integrations with major cloud providers for continuous vulnerability scanning.

• Cloud Integrations (AWS, GCP, DigitalOcean, Kubernetes, Cloudflare, Fastly, Alibaba, Azure): Now, you can run vulnerability scans on assets from your cloud providers continuously.

• Configure the frequency of asset discovery.

• Alerts now support MS Teams and custom webhooks.

• Vulnerability reporting now supports GitHub and GitLab.

• Upload custom templates from your local system.

• Scan configuration now supports a custom Interactsh server (OOB server) with an option to set the configuration globally (for all scans).

• Switch between Personal and Team accounts.

This is a major release that introduces several enhancements and new features across various parts of the app.

Highlights include:

• The introduction of Asset Discovery, allowing users to find subdomains, ports, and endpoints. This feature is currently in early preview and is integrated with scanning capabilities.

• New integrations with GitHub, enabling the pull of templates directly from repositories and the ability to contribute to public templates using GitHub.

• The addition of Slack, Email, and Jira integrations for alerting and ticketing functionality.

• A new file attachment option supporting multi-file selection for uploads.

• Enhanced template editing with the introduction of a "Paste As Template" context menu option, supporting both URL and RAW request formats.

• New homepage for platform.

• Many other improvements and bug fixes.

Scan Export (JSONL, CSV & PDF)

Easily export scan results from an individual scan in multiple formats including JSONL, CSV, and PDF.

Early Template Access

Early access to unreleased templates to immediately implement in a scan across all your assets. Access to some exclusive templates written by the PD Research Team.

Note: Early Template Access is only available for Teams tier and above.

Subscription for Teams

Starting with our Teams plan, users can self-subscribe to ProjectDiscovery Cloud Platform.

Additional Updates

• offset and limit API parameter is now optional instead of required.

• Some UX and minor feature updates.