Passive Vulnerability Scanner - The Passive Scanner module continuously monitors the activity of endpoints, ports, applications, databases, servers and networking devices connected across network to determine its vulnerabilities in a non-intrusive manner.
Report comparison - Users can compare two reports for a task and determine the scan result changes.
Auto Refresh toggle - With the toggle, users can control real-time update of the Dashboard.
Clickable Scan Configs - Clicking a Scan Config displays its Scanner Preferences, Plugin Families and Plugin Preferences. With this feature, users can compare a parameter's current value and default value.
Email Alert Report - The email alert report will be sent in txt format.
Admin - Admin will have full privileges to monitor all users' activities.
Reload Services - This option is added in console. It allows users to reload Nemasis services for troubleshooting.
Change Password - This option is added in console. It allows users to change password for Nemasis.
1. Root Password
2. Web Admin Password
Test Proxy - This option is added in console. It allows users to test a proxy connection.
Check Connection - This option is added in console. It allows users to check any network connection via Nemasis installed system.
Fixed issue with Date and Timings in Schedules. The Schedules will now be displayed in local timings.
Release notes Version-14.0.1000.105
Activity monitor added in Passive scanning.
Enabling of interfaces without IP for Passive scanning.
Release notes Version-14.0.1000.106
Session timout issue while registering, has been corrected.
Certain IP / ranges were ignored in Passive scanning, has been corrected.
Release notes Version-14.0.1000.107
Updated Vulnerability Database Added
Minor Bugs Corrected.
Release notes Version-14.0.1000.108
Latest Vulnerability Database Added
Option to Add Custom Header Image in reports have been Added
Release notes Version-14.0.1000.117
Dynamic Application Security Testing (DAST) - DAST lets you scan websites, web applications, web services and servers for vulnerabilities and suggests accurate solutions to fix them. It lets you run following services.
1. WHOIS Audit - This service lets you scan and generate the audit report of a specific domain for Extensible Provisioning Protocol (EPP) domain status codes. This audit helps you recognize EPP status codes so that you can clarify is it safe from domain name hijacking, unauthorized modification from both client and server, and phishing attacks.
2. Domain Audit - This service lets you scan and generate the audit report of a domain's web pages along with its grade. The audit consists summary of HTTP Response, Web Application Firewall (WAF), Server Signature, Content Encoding, and more.
3. SSL Audit - This service lets you scan and generate the audit report of SSL for web servers. It carries out deep analysis of SSL certificate's configuration for the domain along with the detailed information about the security parameters.
4. Blacklist Audit - This service lets you scan and generate the audit report of DNS Real-time Blackhole List (RBL). Nemasis sends DNS queries, gathers data and then tests the server's IP address over multiple DNS based email blacklists.
5. Malware Check - This service lets you find out "is the site safe". You can check whether your domains are unsafe and host malicious content, which may steal and use sensitive information for phishing.
6. SEO Analytics - This service lets you test your website based on performance such as request, speed, SEO metrics, and more. It also checks if your website is mobile-friendly in terms of responsiveness and viewport settings.
7. Copycat Domains - This service lets you scan the domain and look for all the similar domain names. It helps you find out the phishing domains that maybe similar to your domain.
8. MongoDB Audit - This service lets you scan and generate an audit report of Mongo Server. It scans all the security issues, misconfigurations, and standard protocols of the Mongo servers.
Two-Factor Authentication - Added extra protection for your account to ensure that you are the sole person to access your system. After signing in, scan the QR code with your device and enter the six-digit OTP displayed on your device for logging in.
Import & Export Settings - You can create an individual or combined backup of both VAPT and DAST databases and restore it according to your needs.
Offline Activation - If your system is offline for short period (internet connectivity issues or travel), instead of entering a license key for activation, you can upload the activation file and activate the product offline.
Offline Updates - If your system is offline for short period (internet connectivity issues or travel), you can use this feature to update the database via a USB or disc.
Excel Report - With Excel Report, the report data is arranged in orderly manner and lets you add your own comments or suggestive actions for further remediation.
Add Local DNS - Option to add Local DNS, to scan intranet websites has been added to Physical console.
Fixed issue with Dashboard not getting added.
Release notes Version-14.0.1000.118
Added option to check VA Scan progress of individual asset.