Sneak preview: supplier index

To better prepare and handle supply chain attacks, you first need to have a list of your suppliers. For any reasonably sized company, this can be quite a challenge. ShadowTrackr already has quite a lot of data on your hosting providers, software (including SaaS) providers, certificate issuers, domain registrars and more. All this information will now be gathered in a separate index named "suppliers". Not everything is in there yet, so it's not production ready. But, if you are interested, you can have a sneak peak with this query:

index=suppliers

Patched software overview

The new vulnerabilities progress chart from last week is extended with a table showing which vulnerabilities from the previous week are no longer seen. If a vulnerability is no longer seen, it can be because it is patched, or because the website could not be scanned.

If a vulnerability is patched, you will see the new version number detected, or just the name of the software in cases where the version could not be determined. If the website could not be scanned because it was not up, or returned an error, the table shows "not seen". You can investigate the details yourself by clicking on the url.

The urls you see are specific for an ip address, since a website can be hosted on multiple servers. There are cases where your website runs in the cloud and appears on always changing ip addresses. In that case, the new cloud websites are compared against the old, and the comparison based on a specific ip address is not done.

There are probably some more edge cases that can result in weird results. If you find one, please report it :-)

Vulnerabilities progress chart

The main thing of the current update is the stacked bar chart showing the number of vulnerabilities over time. They are stacked by severity (CRITICAL, HIGH, etc.) and you can see the last 4 weeks and two months ago. You'll want to see the height of the bar going down of course, that would indicate a shrinking attack surface.

If you want to see which specific vulnerabilities you need to patch first to reduce you attack surface the most, have a look at the My vulnerabilities overview. The ones at the top are causing the biggest risks.