PlexTrac New Feature Roundup: Summer 2021 Asset Analytics, Powerful New Integrations, Attack Path Visualization, and MORE! August 31, 2021 As the kids are heading back to school and the dog days of summer wind down, we couldn’t wait to share all of the cool new features, functionality, and integrations our development team has been working on all summer long. Needless to say, we hope your summer was as productive as ours (and of course, we hope you took some time off to have fun, just like our team did!). Sit back and grab a beverage, because we’ve made a LOT of improvements that we can’t wait to tell you about! The features we’re highlighting are already available, or will be coming very soon. As always, for more detailed information, check out the Release Notes page on our documentation site. Asset Analytics Coming soon, the new Asset Analytics functionality provides you with an at-a-glance overview of every asset in your (or your clients’) company, by level of criticality, to help you better understand where you’re most vulnerable. Asset Analytics makes it easy to filter assets by up to 12 different data points, including client, tags, reports, location, and more. Additionally, you can see detailed findings associated with your assets, determine how many of your assets have vulnerabilities, and triage vulnerabilities from the asset perspective. *NOTE* Asset Analytics functionality is only available with a paid Analytics subscription. Powerful New Integrations with Tools like Tenable Tenable Integration With PlexTrac’s integration with Tenable, you can import findings and assets tied to a Tenable tag directly into the Purple Teaming Platform. We integrate with both Tenable.IO and Tenable.SC, allowing you to import your scan data with a click of a button. Just point PlexTrac at your Tenable and we’ll do the rest. *NOTE* To make use of the PlexTrac’s integration with Tenable, you must have an active Tenable license. New Scanner Parsers We are constantly adding security scanner tool parsers and imports so you can pull in the findings from wherever you get them. We have added the following app security scanners to our list of available imports: Horizon3 NodeZero (coming soon!) OWASP Zap OWASP Zap (coming soon!) HCL AppScan Checkmarx IDP Initiated Single Sign-on with Just-in-time Provisioning PlexTrac will support IDP (Identity Provider) initiated SAML SSO soon. Admins will no longer be required to manually create users or import them from a .csv! This functionality allows your users to easily login to PlexTrac via your company’s IDP. To configure Just-in-Time User Provisioning for your instance, simply select the “Create New SAML Provider” button from the Account Admin/Security section to allow new users to automatically be provisioned in PlexTrac. This allows you to add new users to your PlexTrac instance simply by assigning them to the PlexTrac application in your IDP. Attack Path Visualization PlexTrac’s new Attack Path Visualization feature will make it as easy as drag-and-drop to create a visual representation of the tactics, techniques, and procedures (TTPs) used in a simulated attack (coming soon!). Great for sharing within your organization or with your clients (if you’re a consultant or security provider), Attack Path Visualizations empower you to quickly collaborate with others to more efficiently resolve vulnerabilities. Follow these steps to get started: Click on Reports in the left-hand menu, then select the Attack Path tab to get started Select a specific report that you’d like to visualize Drag and drop Findings to the canvas to start building a visual representation of the attack path (Findings are searchable) Drop a Finding into a column or “Phase” Connect Findings in various Phases to create the relationship or path Easily click into the details of any Finding by clicking the “eye” icon Picked the wrong Finding? Simply delete it using the trashcan icon, or drag it back to the left-hand pane Easily zoom in/out or go into full-screen mode on the attack path once it’s built Set Short Codes for Replacement of Defined Strings Short codes are a powerful new time-saver in PlexTrac that provides a simpler way for users to search and replace text at the report or client level. These short codes can be created and managed in the Account Administration Panel under Tenant Settings. Once you select the “Create Short Code” button, define a new short code using the format of %%<string>%% (e.g. %%APPLICATIONNAME%%). This string must be continuous, with no special characters except for underscores. These short codes work by defining a source for which the short code will fetch the replacement data. Short codes can be implemented on two levels: Client Custom Fields and Report Custom Fields. Once the data is fetched, provide a label that exists for the field you’re fetching. Save your short code when complete. To put these codes to use in a report, navigate to Import Narratives from Report Templates or Writeups from the WriteupsDB in which you have pre-populated your short codes. If your short code is referencing data from a Report or Client Custom Field, you must ensure that a value has been provided for that custom field — and the label must match the label provided when you defined the short code: When ready to replace, select “Search and Replace” from the Report Findings or Report Overview page. Click “Replace Short Codes” to force evaluation of all short codes in your report. The Addition of a Report Assets View Some assets are more important than others — and with our new Report Assets view, PlexTrac allows you to instantly see all the findings associated with those assets most important to you. Tag-based filtering allows you to instantly drill down to guide the prioritization of your remediation efforts. Identify your crown jewels and then see a unified list of all known vulnerabilities. Each asset expands to provide a fully interactive experience with the associated Findings — review and edit them all within the context of your chosen asset. Follow these steps to get started: Navigate to the specific Report that you’d like to view. Across the top of the Report view you will see the standard options like “Report Narrative” or “Report Findings” but you will also see “Report Assets” Select “Report Assets” You will now see all of the Client Assets that are associated with any findings within this report. From here you can use the drop down to view all of the Findings related to the selected asset. If you’d like to view the Asset’s details or edit the Asset you can simply select the “Go to Asset” button on the far right of the screen. This will take you to a view of all the Assets information and allow for you to edit the Asset if desired. Additional Enhancements The following are some additional updates we made recently that you won’t want to miss: Import adversary emulation plans from MITRE and SCYTHE Give your adversary emulation efforts a boost by using the MITRE and SCYTHE plans in the Runbooks Module to replicate the very same methods that threat actors are using today. Click here to get a deep dive on the feature Parser Actions Allow default actions, linking writeups, and changing severity of scanner findings when imported into a report. Improved Charts and Filtering A new Total Open Findings graph allows users to see total security debt. The ability to filter and view closed findings enables teams to show progress on their security posture. Granular filtering capabilities help slice and dice current charts, make it easy to add a sub-status, and include new filtering logic. Updating Your Instance If you are self-hosting your PlexTrac instance, gain access to all these enhancements by updating to the latest release using the procedures in our documentation. If we host your PlexTrac instance, you’ll receive the latest features according to your release schedule. Have a question or need help? You can always drop us a line at support@plextrac.com. Feel like your issue would be better addressed with a screen share? Self-schedule a Zoom support slot for some additional help. If you schedule time with us, please use the notes section of the meeting or shoot us an email and let us know what we can help you with during the session! We hope you enjoy all of these new features. And, if you have an idea for how PlexTrac can better support your needs, we’d love to hear from you! Cheers! The PlexTrac Team
Vulnerability Assessment vs Penetration Testing: Understanding the Key Differences Vulnerability Assessment vs Penetration Testing READ ARTICLE
Unlocking Continuous Threat Exposure Management: New Features for Prioritizing Remediation Based on Business Impact The evolution of product security READ ARTICLE