Table of Content

1. Don’t have a website, but you want to run a security scan with Bright?

This blog post announces the October 2021 Update for Bright.
We added some new features and product enhancements that will make your experience even better.

Don’t have a website, but you want to run a security scan with Bright?

We launched an intentionally vulnerable website ‘Broken Crystals’!
If you always wanted to run a scan on Bright, but didn’t have your target, here it is:

Check out the new documentation that will make your experience even better!

You’ll find comprehensive concept topics and step-by-step guides to help you deploy, configure and use Bright, as well as get assistance if you get stuck. Let’s jump right in!

Table of Content

1. New Features:
2. Improvements:

This blog post announces the September 2021 Update for Bright.
We added some new features and product enhancements that will make your experience even better.

New Features:

Okta SSO provisioning

Now you can easily sync up the users and groups between your Okta application and Bright organization.

Check out the docs!

Global timeout for scans

 We are here to help you save your time! If for some reason the scan target does not respond anymore, you don’t need to wait for a long time while all the scan tests are being sent into the void! Simply use our new feature to stop the scan automatically when the target is not responsive.

See documentation

Integration with GitHub SARIF reports

Now you can manage all found issues from Code Scanning Alerts on GitHub.

See documentation

Export Entry points list as CSV

We added the possibility to download all discovered entry points as CSV to help security teams analyze the scan results better.

See documentation

Advanced internal/external proxy configuration for the Repeater

From now, when scanning with a Repeater, you can proxy the internal (to your local network) and external (to our cloud) traffic separately.

See documentation

Improvements:

Speed improvements for scans with a Repeater

Speed up when scanning with a Repeater!

Request/Response correlation IDs in Engine logs

You can now easily find the relevant response to a request by its ID!

UI stability improvements

Check out our new schema editor and other UX improvements to make your experience better!

Table of Content

1. New Features:
2. Improvements:

This blog post announces the August 2021 Update for Bright.
We added some new features and product enhancements that will make your experience even better.

New Features:

New engine logs download

From now on there is no need to worry about downloading large engine logs. When needed, the full engine logs will be generated offline and will be available for download via an email notification.

Check it out!

New project issues page

Check out the new ‘Project Issue’ page, where each finding can be tracked over time over multiple scans. 

See documentation

Added CWE ID to found issues

We added the CWE ID for found issues to further help security teams triage the scan results more effectively 

See documentation

New ‘Smart Copy-Paste’ for headers input

Tired of manually filling out the required ‘Headers’ one-by-one?
Check out our new ‘smart copy’ option with the new ‘Headers’ field!

See demo

New ‘Vulnerability Guide’ section on the Knowledge Base

We released a new section on our knowledge base with detailed information about the tests we do, and how to remediate them!

See documentation

Improvements:

Crawler improvements

Significant improvements to crawler speed and stability.

Authentication Object Improvements

Improvements to the ‘Browser Based Form Authentication’ object

UX/UI improvements

Check out our new ‘Scan Summary’ page, field inputs and other UX improvements to make your experience even better!

Table of Content

1. New Features:
2. Improvements:

This blog post announces the July 2021 Update for Bright.
We added some new features and product enhancements that will make your experience even better.

New Features:

A new ‘Entry Points’ section in the scan summary

You can now see a detailed breakdown of all the tests that were done on specific endpoints in your application, their parameters, and more!

Check it out!

Open tickets in integrations by Issue Severity

You can now select specific severity levels to trigger opening a ticket on your integrated ticketing platforms!

See documentation

Improvements:

Crawler & UI stability improvements

We deployed significant crawler improvements on the engine and significant upgrades to the UI to provide a smoother & quicker user experience.

Table of Content

1. New Features:
2. Improvements:

This blog post announces the June 2021 Update for Bright.
We added some new features and product enhancements that will make your experience even better.

New Features:

You can now upgrade to the Pro plan on your own

We have officially released our self-service billing system! You can now easily upgrade your free plan to a Pro plan! The Pro plan expands the number of scan hours and developers, and enables new features:

• 3 ticketing integrations (Jira, Github, Slack, Azure, GitLab, Monday)
• Export reports to PDF and JSON
• Role-based access control (RBAC)
• Single sign-on (SSO)
• User and organization APIs

Check it out!

GitLab Ticketing Integration

You can now open tickets for found issues directly in your GitLab repositories! To enable, in your account, go to Organization and scroll down to Ticket Management Integration.

See documentation

Skip Slow Entry-Points Automatically

Speed up your scans by skipping the few slow endpoints that may cause a delay! (Don’t worry, you can always scan them separately later)

See documentation

Improvements:

Easier private cloud deployments with the ‘Cluster’ parameter in the CLI

Configure a Repeater for private cloud deployments more easily with the new ‘cluster’ parameter for the CLI

See documentation

New Scan Templates

We added a few new scan templates, including OWASP Top 10, and MITRE Top 25.

To run a scan from a template, go to Scans (click the button below), click on New Scan.  In the New Scan window, click on the Advanced tab (top-right), and click on Templates. Select your desired template from the list. That’s it!

Table of Contents

1. New Features:
2. Improvements:.

This blog post announces the May 2021 Update for Bright.
We added some new features and product enhancements that will make your experience even better.

New Features:

Browser-Based Authentication

A new, significantly improved Authentication type that uses our browser automation to easily configure authentication forms for web applications!
Learn more.

Automatic Version Detection for the Repeater

When running the Repeater now it will automatically check for a new version and notify you if an update is required, both in the CLI & directly from the UI

Logging level controls for the Repeater

You can now easily control the logging level when running the Repeater. Learn more.

Improvements:

A new ‘Scan History’ Button

Navigate from scans directly to history!

Speed & Stability Optimizations for the UI

Significant upgrades to the UI to provide a smoother & quicker user experience.

Speed Optimizations for the Repeater

Optimizations for the Repeater to increase speed & stability

Table of Contents

1. New Features:
2. Improvements:.

This blog post announces the April 2021 Update for Bright.
We added some new features and product enhancements that will make your experience even better.

New Features:

Custom Roles

You can now fully configure user roles, create the ideal roles for your teams! 
Learn more.

Support for mTLS Authentication

 It is now possible to load a certificate to a Repeater, allowing for easy scanning of APIs using mTLS authentication! Read more about it on our knowledge base. 

Support for NTLM Authentication

We can now set up NTLM authentication using an Authentication Object. Learn more.

Monday Integration

We can now integrate with Monday Boards to open issues automatically when a scan finds a vulnerability! 
Learn more.

Improvements:

Speed Improvements

Additional engine improvement for many tests including: SQL injection, OS command injection, LDAP injection, Server-Side Request Forgery (SSRF) and more!
Provide a significant speed boost to your scans!

Repeater Speed & Stability Improvements

Make sure you are using the latest Repeater version (7.13.1), to enjoy a significant increase in speed and stability. Learn more.

Table of Contents

1. New Features:
2. Improvements:

This blog post announces the March 2021 Update for Bright.
We added some new features and product enhancements that will make your experience even better.

New Features:

Standard & Advanced Scan Modes

No more complicated scan configurations. We simplified the Start Scan window so you only need to enter your destination URL and repeater. You can now start an application security scan in 30 seconds!
Still want to have full control of your scan config? No problem. Simply click on the Advanced tab.  
Learn more.

Custom Multi-Stage Authentication Flows

With this powerful new feature, you can easily create fully customized authentication flows, combining multiple stages. In addition, the multi-step flows support our new string interpolation syntax for easy access to the data between authentication steps. 
Read more about it on our knowledge base. 

Repeater Diagnostics From the UI

You can now initiate a quick network diagnostic of your running Repeaters directly from the UI and quickly discover connection issues to your internal target applications. 
Learn more.

Improved Authentication Tester

You now have full control of how to execute the authentication test when configuring your Authentication Objects. 
Learn more.

ADFS SSO Provisioning

You can now set up provisioning for your ADFS SSO, to automatically create and control users & groups from ADFS to Bright. 
Learn more.

Improvements:

Speed Improvements

We released a few improvements to our browser automation, making the scans faster and smoother than ever before!

Improved Default Scan Templates

Check out our improved scan templates, you can use them to quickly start the scan the fits your needs. 
Learn more.