We have recently released Out-of-band , a new feature that will improve test , the quality of scan , and allow us to implement new types of tests. Our backend developer Christoffer Fjellström explains why the feature is one of the highlights of last week’s release.

How does it work?

“Out-of-band Exploitation Support adds support for our modules to receive side-channel or out-of-band proof of exploitation in a reliable way. This is currently done by triggering a DNS lookup in the target system but other channels may be added in the future,” Christoffer says.

The new feature will not only improve existing security tests (such as Blind SQL tests), but will also broaden the scope of the findings security researchers submit to Detectify Crowdsource. “We can now implement submissions that rely on out-of-band communication in a reliable way,” Christoffer explains.

Christoffer Fjellström, Detectify  - DSC 4036 1024x680 - Improved coverage and results with Out-of-band Exploitation Support

Christoffer Fjellström, Backend Developer

How will it affect my scan results?

Users will not see any major changes in their scan results following the release. Out-of-band Exploitation Support is a supporting feature that will improve the quality of scan results over time and reduce the number of false positives. Christoffer explains: “Some of our security tests will now generate fewer false positives. As more tests are implemented using Out-of-band Exploitation Support we expect you to get greater coverage and more reliable results.”

Eager to see what’s new in the latest release? Run a scan to try out recently added security tests!



Source link

LEAVE A REPLY

Please enter your comment!
Please enter your name here