This blog summarizes how the Detectify tool has evolved over 2023, alongside other significant highlights, such as analyst mentions and major developments to Detectify.com, Detectify Blog, and Detectify Labs properties.
For starters, it’s no surprise that the findings revealed that organizations’ most prominent threats during 2023 are vulnerabilities not covered by common disclosure processes, like CVEs. Detectify CEO Rickard Carlsson has been talking about this for some time – his article on the trouble with CVEs and vulnerability management in modern tech stacks demonstrates the risks associated with an overly reliant approach to established methods.
We’ve made several improvements to the attack surface data visible from the overview, such as new IPs and both covered and uncovered assets. We’ve also improved your interaction with fingerprinted technologies across your attack surface.
In order for AppSec and ProdSec teams to stay on top of their growing attack surface, they must understand what parts of their attack surface are being continuously monitored and scanned, such as where, when, what, and how. This can include, but is not limited to.