We have added additional risks for domains at risk of hijacking. In addition to existing checks for websites that can be taken over, we have now added detection for expired domains in MX record, which could be registered to compromise email security.
To learn more see How does UpGuard detect sites at risk of subdomain takeover?
Add sorting to competitor analysis in BreachSight
In the BreachSight Executive Summary, you can now sort the Competitor Analysis panel by name or score to more easily understand how your organization compares to peers.
Improved risk detection for primary domains
When the example.com and www.example.com versions of a site are different, the risks associated with each version of the site are more accurately reported.
Other improvements
- Risk detection for Microsoft Exchange now uses the full build version for more accurate detection and resolution of vulnerabilities.
- Risks are now raised for domains that serve publicly listable cloud storage buckets. Buckets should be configured not to allow public file listing to prevent potential data leaks.
- We have exempted more risks specific to Microsoft domains. Generally these risks pertain to SSL/TLS issues that do not appear exploitable and that the domain owners are not able to resolve.
- Account administrators can now enforce MFA logins for all users in the account, without having to contact UpGuard support. This feature is available through the User Settings page, and only applies to users that are not using SSO authentication.
- We’ve streamlined the process for when you stop monitoring a vendor – now your open questionnaires and remediation requests will be automatically archived.
- This release includes a number of bug fixes.
UpGuard Release Notes
Learn about new features, changes, and improvements to UpGuard.
See UpGuard In Action
Book a free, personalized onboarding call with one of our cybersecurity experts.
Free instant security score
How secure is your organization?
