Again, more software detection rules

The current update fixes some bugs and adds more software detection rules. Some are additions to existing rules, but most are detection rules for software appearing as HTTP(S) on odd ports. Since the odd HTTP(S) ports were added we found quite some new stuff to detect.

A significant update is that phishy urls that redirect to one of your assets are now also scored as no risk (0). Previously this was only the case for redirects to the original domain.

Support for website scans on odd ports

If you have a host with a website running on a non-standard port (so not 80 or 443) our scanner nodes will now automatically add it to the websites index and run website scans on it. The big advantage here is that all the security checks and software detection rules for normal websites will now also be run on the non-standard port.

The open ports overview on the host page will show a link to the website scan results. Please note that the new code has just gone live and the new software detections will not yet show up in this week's weekly report. They will appear next week.

If you want, you can add a website on a non standard port to assets yourself. Just put the port number behind it in the add assets window like this 176.58.122.230:8008

New and updates software detections

Several software detections where expanded and updated, and some new ones added. The biggest improvement is in detection software running on odd ports.

There's also quite a performance update in the scanners, but you'll only notice that if you use the API to do near real-time scans.