Better Transparency Around Checks - June 30, 2022
The new Checks tab on Entity pages showcases the active and passive checks that have been run against an Entity. Clicking on a relevant check will take you to the Issue Library, where you can discover the details of the check.
Documentation Has a New Home - June 29, 2022
ICYMI: We launched a new Mandiant Advantage Documentation Site! The new centralized location gives you a one-stop location for all Mandiant Advantage documentation.
Azure Integration! - June 23, 2022
Use the token-based integration to auto-discover public Virtual Machine instances, storage accounts (blobs), and public DNS zones within your Azure accounts. Learn how to set up the integration here.
More Discovery Task Visibility - June 20, 2022
Understand the context behind the discovery tasks run against Entities. Check out the new Task Definition tab within the Library.
Each definition is tagged with the associated Entities it runs against.
Expanded GitHub Integrations! - June 16, 2022
Adding GitHub accounts and repositories as Seeds within ASM just got easier. The new token-based integration creates Entity records for GitHub Accounts and Repositories, automatically populating them as Seeds into your Collection. Learn how to add GitHub to your Integrations page here. After adding the integration, you can pull the GitHub Seeds into a Collection.
Enhanced SSL Issues - June 14, 2022
ASM now generates Misconfiguration Issues when deprecated SSL/TLS protocols or weak SSL/TLS ciphers are identified. These misconfigurations are common but are often overlooked, so we've made it easier for you to identify and prioritize them.
New Active Check for Atlassian Confluence (CVE-2022-26134) - June 4, 2022
Atlassian Confluence (CVE-2022-26134)
On June 2, 2022, information was publicly disclosed that malicious actors are exploiting vulnerability CVE-2022-26134, affecting Atlassian Confluence Server, prior to a patch becoming available.
Active Check
We’re using a benign active check that will confirm if your Atlassian Confluence Server is vulnerable to CVE-2022-26134. The vulnerability check will send a payload that, when evaluated by a vulnerable target, will force the target to invoke a DNS Lookup, thus confirming successful (benign) exploitation. This active check will automatically run upon the next Collection Refresh. Mandiant recommends Confluence users put in place mitigations and detections as quickly as feasibly possible.
Recent UX Enhancements - June 3, 2022
Keep sharing feedback with the ASM product team; we're listening and continuously making improvements.
- Integrations are easier to add on the Collections page.
- The last refresh date is available on the Collections list, letting you know when each Collection was updated.
- Typosquats and CVEs can be copied with one click.
- Guiding tooltips are enhanced throughout the product.
- Minor visibility enhancements to the dashboard.