Announcements

  1. πŸŽ‰ Fresh updates from RiskProfiler.io πŸŽ‰ (July 16th to July 31st)

    New Feature
    Improvement
    Fix
    Announcement

    Greetings, everyone! We've worked hard to bring forth various new features and improvements. Let's explore them!

    πŸš€ New Features:

    • The user will receive an immediate Slack alert from the Brand & Dark Web Threats module whenever a new threat finding is created in the system.
    • Improved the search and filter functionality in the Typosquat module, allowing users to filter by similarity for an enhanced user experience.

    🐞 Bug Fixes & Improvements:

    • Fixed an issue where threat URLs were missing in exported CSV files under the Brand & Dark Web Threats module.
    • Resolved issues with export in security findings.
    • Updated filter logic to ensure all flagged questions are displayed accurately in the reviewed questionnaire view.
    • Updated the share link generation logic to include full context parameters (threat status, active tab, applied filters, and current view).Updated
    • Fixed the issue and added validation if it is my domain or subdomain in internet inventory.

    Your participation in our journey is irreplaceable. Each piece of feedback is highly valued.

    Warm Regards,

    Setu Parimi πŸ₯³πŸ™Œ

    Β 

    Β 

    Β 

    Β 

  2. πŸŽ‰ Fresh updates from RiskProfiler.io πŸŽ‰ (July 1st to July 15th)

    New Feature
    Improvement
    Fix
    Announcement

    Greetings, everyone! We've worked hard to bring forth various new features and improvements. Let's explore them!

    πŸš€ New Features:

    • RiskProfiler now supports Microsoft Active Directory Federation Services (ADFS) for Single Sign-On (SSO). This integration enables organizations to seamlessly authenticate users through their existing Microsoft AD infrastructure
    • Users can export questionnaires in XLS format as structured documents containing original questions, stakeholder responses, and internal or vendor-provided feedback.
    • The new Executive Monitoring module enhances digital protection for high-profile personnel. It continuously monitors executive names, emails, and titles across surface, deep, and dark web sources, detecting impersonation attempts, leaked credentials, and exposed contact data.
    • Β 
    • The Vulnerabilities module offers a comprehensive overview of all identified security vulnerabilities across the organization. It provides detailed insights into each vulnerability, including severity, status, and potential impact, and maps them directly to the specific assets they affect.
    • Introduced the Global Issues Inventoryβ€”a centralized, organization-wide dashboard offering real-time visibility into all known vulnerabilities and security issues across your enterprise and its portfolio entities.

    🐞 Bug Fixes & Improvements:

    • Users can now extend due dates into the future using the edit feature available in the Send Questionnaire interface.
    • Improved tag functionality across the Internet Inventory, Portfolio, and Onboarding modules.
    • Introduced the option to edit a user's name and profile information.
    • Enabled incident creation for all types of findings, improving incident management coverage.
    • Users can now cancel a takedown request that is already in progress, helping prevent accidental actions and allowing for strategic reassessment.
    • Resolved a visibility issue where vendor-related findings were not appearing on the Security Rating pageβ€”vendor-specific risks are now accurately displayed.
    • Fixed a bug that prevented the full risk assessment report from being generatedβ€”reports are now successfully produced.
    • Fixed an issue where validation or alert messages were displayed only once.
    • Addressed and resolved the issue where My domain counts were incorrect for newly added organizations on the vendor's analytics page.
    • Users will now automatically receive a re-invite if their activation link has expired. This ensures uninterrupted access and a smoother onboarding experience.

    Your participation in our journey is irreplaceable. Each piece of feedback is highly valued.

    Warm Regards,

    Setu Parimi πŸ₯³πŸ™Œ

  3. πŸŽ‰ Fresh updates from RiskProfiler.io πŸŽ‰ (June 16th to June 30th)

    New Feature
    Improvement
    Fix
    Announcement

    Greetings, everyone! We've worked hard to bring forth various new features and improvements. Let's explore them!

    πŸš€ New Features:

    • AI-Powered Questionnaire Module: Introduced an intelligent Questionnaire AI module to streamline and enhance the accuracy of responses. Completes the entire questionnaire based on the policy and penetration test-related artifacts uploaded to the Document Vault.

    🐞 Bug Fixes & Improvements:

    • Resolved multiple issues related to Portfolio and Questionnaire modules, ensuring better data consistency and user experience.
    • Enhanced the detection logic and reporting for credential leaks to provide more accurate and timely alerts.
    • Fixed problems with missing criticality and port details in findings, improving the completeness of security reports.

    Your participation in our journey is irreplaceable. Each piece of feedback is highly valued.

    Warm Regards,

    Setu Parimi πŸ₯³πŸ™Œ

    Β 

  4. πŸŽ‰ Fresh updates from RiskProfiler.io πŸŽ‰ (June 1st to June 15th)

    New Feature
    Improvement
    Fix
    Announcement

    Greetings, everyone! We've worked hard to bring forth various new features and improvements. Let's explore them!

    πŸš€ New Features:

    • Remediation Action Plan: Introduced the Remediation Action Plan feature, enabling users to track, manage, and implement corrective measures for identified security issues more efficiently.

    🐞 Bug Fixes & Improvements:

    • Resolved an issue preventing users from sending questionnaires to recipients within the same domain.
    • Updated the Organization Settings > Login tab to enforce authentication exclusively via Magic Links, enhancing security and simplifying access control.
    • Vendor Portfolio Improvements: Made the β€˜Issue’ entries clickable to allow quicker navigation and context access. Enabled β€˜Security Factor’ entries to be clickable for improved usability and vendor analysis.

    Your participation in our journey is irreplaceable. Each piece of feedback is highly valued.

    Warm Regards,

    Setu Parimi πŸ₯³πŸ™Œ

    Β 

  5. πŸŽ‰ Fresh updates from RiskProfiler.io πŸŽ‰ (May 16th to May 31st)

    New Feature
    Improvement
    Fix
    Announcement

    Greetings, everyone! We've worked hard to bring forth various new features and improvements. Let's explore them!

    πŸš€ New Features:

    • Google Workspace Integration: Seamlessly connect and manage your Google Workspace environment for enhanced productivity and centralized control.
    • Force Login Using Magic Links: Introduced support for enforcing user authentication via secure magic links, eliminating the need for passwords and improving user experience.

    🐞 Bug Fixes & Improvements:

    • Empty Field Handling in Assessment Updates: Fixed a bug where leaving fields such as continuous assessment empty caused the "Get Quota Details" API to fail.
    • Missing Data in Findings: Criticality and port details were not being populated in certain findings. This has now been addressed.
    • Rescan API in Typosquats: Corrected unexpected behavior in the Rescan API for Typosquat findings, ensuring accurate and consistent rescans

    Your participation in our journey is irreplaceable. Each piece of feedback is highly valued.

    Warm Regards,

    Setu Parimi πŸ₯³πŸ™Œ

    Β 

    Β 

    Β 

  6. πŸŽ‰ Fresh updates from RiskProfiler.io πŸŽ‰ (May 1st to May 15th)

    New Feature
    Improvement
    Fix
    Announcement

    Greetings, everyone! We've worked hard to bring forth various new features and improvements. Let's explore them!

    πŸš€ New Features:

    • OKTA Single Sign-On (SSO): Integrated support for OKTA SSO. Users can now log in to RiskProfiler using their enterprise OKTA credentials for enhanced identity management and secure access.
    • Slack Integration: Slack integration module added under the Integrations section. Users can configure Slack with a bot token and channel name to receive real-time alerts for various security events. Supports test connection, enable/disable, and event-based notification configuration.
    • Tags Implementation in Organization Settings: Tags can now be created, edited, and managed from the Organization Settings. Tags are attachable to assets via the Internet Inventory edit interface. Dependency and associated findings now reflect tag relationships.
    • Jira Integration 2.0: Enhanced Jira integration with. Multiple integration points now support issue tracking directly from RiskProfiler. Users can auto-create Jira tickets from findings and view integration under the β€œManage Integrations” section.

    🐞 Bug Fixes & Improvements:

    • Send and Receive Questionnaires: Fixed delivery and reception errors in the Questionnaire module. Ensures correct association of questionnaires with vendors and internal teams.
    • Knowledge Hub – Add Document Field: Added a new Document Field in the upload form of the Knowledge Hub. Users can now label and categorize documents more effectively at the time of upload.
    • HSTS – New Low Severity Rule: Introduced a new low-severity rule for HSTS headers valid for less than 6 months. Enhances compliance scoring accuracy in attack surface findings.
    • Brand Configurations: Fixed label mismatch and visibility inconsistencies in brand settings.
    • Portfolio – Industry Field Dropdown: Fixed an issue where the Industry dropdown was not functioning in the Add Portfolio form.
    • Portfolio Email Notifications: Resolved failures where email notifications were not triggering after adding or removing a portfolio company.
    • Jira Removed from Alert Module: Jira ticket creation functionality has been deprecated and removed from the Alert module to avoid redundancy with the new integration flow.
    • Onboarding Integration – Redirection Bug: Fixed the issue where users were not redirected correctly after completing onboarding integrations.
    • Integration Forms – Loading Issues: Addressed slow loading and unresponsive behavior in integration configuration forms.
    • Magic Link Login: Fixed a reliability issue with Magic Link login functionality. Users will now receive and access the platform via secure login links without failure.
    • Credential Leaks – UI Update: Enhanced the Credential Leaks module by adding filtering functionality for the newly introduced columns: Status, Login Status, Verification Method, and Resolution Status.

    Your participation in our journey is irreplaceable. Each piece of feedback is highly valued.

    Warm Regards,

    Setu Parimi πŸ₯³πŸ™Œ

  7. πŸŽ‰ Fresh updates from RiskProfiler.io πŸŽ‰ (April 16th to April 30th)

    New Feature
    Improvement
    Fix
    Announcement

    Greetings, everyone! We've worked hard to bring forth various new features and improvements. Let's explore them!

    πŸš€ New Features:

    • Evidence Locker : Introducing Evidence Locker β€” a centralized location for managing documentation during audits and assessments. This tool allows organizations to request specific documents from stakeholders or vendors, track received files, and monitor pending requests and compliance status.
    • Remediation Plan Report: Introduced a comprehensive Remediation Plan report within the Remediation Plan module to enhance visibility into remediation efforts and track progress effectively to increase a given organizations security posture
    • Onboarding-The new Onboarding Hub offers a guided checklist to help teams quickly set up key modules and start using RiskProfiler efficiently. It includes tasks such as adding company information, seeding data, configuring alerts, and integrating cloud services etc. Helpful resources like documentation, expert support, and feedback options are also readily accessible.

    Β 

    🐞 Bug Fixes & Improvements:

    • Fixed an issue where users were unable to filter credentials leak data or top breach counts accurately. Filtering is now smooth and fully functional.
    • Addressed and resolved the problem where Executive Brand Intel Reports were failing to generate.
    • Resolved an issue where users had to refresh the page for the newly added third-party company to appear in the "Add Organization" list.
    • Implemented a β€œView Details” option on the Security Ratings page to display all security rating factor findings in a single, centralized view.
    • Added TikTok and other social platforms under the Social Media Handles, Executive Members, and Hashtags tabs under the Brand Configuration module. The same has been updated in the Executive Members and Company Profiles tabs within Internet Inventory.
    • Credential leak filter and breach top count issue: Addressed and resolved the issue where credential leak data could not be filtered properly.
    • A new Search Config tab has been added to the Brand Configuration Module to provide greater control over brand visibility. This feature enables the monitoring and management of key brand-related terms and keywordsβ€”supporting proactive reputation protection and early detection of potential brand risks.

    Your participation in our journey is irreplaceable. Each piece of feedback is highly valued.

    Warm Regards,

    Setu Parimi πŸ₯³πŸ™Œ

  8. πŸŽ‰ Fresh updates from RiskProfiler.io πŸŽ‰ (April 1st to April 15th)

    New Feature
    Improvement
    Fix
    Announcement

    Greetings, everyone! We've worked hard to bring forth various new features and improvements. Let's explore them!

    πŸš€ New Features:

    • We’ve launched a fully revamped Organization Settings module, empowering admins to configure integrations, security policies, and AI capabilities with greater control. Highlights include customizable scan configurations, AI-powered automation (RiskProfiler AI), fine-grained login security, centralized policy management through the Knowledge Hub, and enhanced tagging for asset-risk correlation. Checkout: https://platform.riskprofiler.io/organization-settingsΒ 
    • We’ve introduced the ability to generate Remediation Action Plan Reports directly from your organization’s/vendor's portfolio. These reports offer a clear, actionable summary of outstanding security issues and prioritized recommendations. Whether you’re managing third-party vendors or internal security posture, this feature helps guide remediation efforts to improve security ratings and fast-track risk resolution.
    • Stream key events like asset discovery, scans, and vulnerabilities directly to Splunk in real time. Customize what gets sent, control batch size and retries, and boost your SIEM workflows with enhanced visibility and faster response times.

    Β 

    🐞 Bug Fixes & Improvements:

    • Updated the UI of the following asset types: Third-Party Vendors, Subsidiary, and Service Provider tabs in the Internet Inventory. To better align them with our latest "Add Organization" module on the Portfolio section under the TPRM Module.
    • Addressed and resolved the issue where LinkedIn social handles were not updating correctly in the Executive Members tab within the Internet Inventory.
    • Refined the UI of the View Status slider for Brand Threats and Phishing Sites in the Brand and Dark Web Intelligence modules.
    • Fixed an issue in which Scan History charts displayed incorrectly when there were no findings.

    Your participation in our journey is irreplaceable. Each piece of feedback is highly valued.

    Warm Regards,

    Setu Parimi πŸ₯³πŸ™Œ

  9. πŸŽ‰ Fresh updates from RiskProfiler.io πŸŽ‰ (March 16th to March 31st)

    New Feature
    Improvement
    Fix
    Announcement

    Greetings, everyone! We've worked hard to bring forth various new features and improvements. Let's explore them!

    πŸš€ New Features:

    • We’ve added new Type and Status Code filters to the Fake & Malicious Apps feature. This makes it easier to analyze threats, increases your visibility into potential issues, and improves overall investigation accuracy. Users can now categorize domains as Parked, Suspicious, Non-Functional, or Functional, and filter them based on HTTP response codes such as 2xx, 3xx, 4xx, and 5xx.
    • We’ve launched a new Brand Configuration feature under the Brand & Darkweb Intelligence module that centralizes management of keywords, social media handles, executive names, domain names, trademarks, and more.
    • Introduced a refreshed Sidebar UI for improved navigation and user experience across the RiskProfiler platform. The new design features a modern look, better spacing, and clear categorization under sections like Attack Surface Intelligence, Identity Intelligence, and Third Party Risk Management, etc. Users can now quickly locate modules such as Case Management, Credential Leaks, and Vendor Portfolio with enhanced visual clarity.

    Β 

    🐞 Bug Fixes & Improvements:

    • Fixed an issue where users were unable to export issues for specific domains in the Third Party Risk Management module.
    • Resolved an issue that was preventing graphs from rendering correctly in the Attack Path section.
    • Corrected an issue that prevented logos from appearing properly in the generated reports.
    • Introduced "In Progress" and "Resolved" tabs for better status tracking. Renamed the "Whitelisted" tab to "Ignored" for improved clarity in the Fake & Malicious Apps feature
    • Fixed an issue causing delays in the Security Ratings chart loading on the dashboard.

    Your participation in our journey is irreplaceable. Each piece of feedback is highly valued.

    Β 

    Warm Regards,

    Setu Parimi πŸ₯³πŸ™Œ

  10. πŸŽ‰ Fresh updates from RiskProfiler.io πŸŽ‰ (March 1st to March 15th)

    New Feature
    Improvement
    Fix
    Announcement

    Greetings, everyone! We've worked hard to bring forth various new features and improvements. Let's explore them!

    πŸš€ New Features:

    • Introduced a new feature, Incident Tracker β€” a centralized module enabling users to log, manage, and resolve different alerts within the platform efficiently. It supports incident creation with defined severity levels, assignees, and real-time updates. Users can track timelines, comments, file attachments, and alerts associated with each incident.

    Β 

    🐞 Bug Fixes & Improvements:

    • A UI issue in the Alert Module affecting the users' ability to select asset types is now fixed.
    • Login functionality has been improved to deliver faster performance.
    • All column names titled "Criticality" across the application have been renamed to "Asset Criticality" for easier understanding.
    • Duplicate rules identifying the same misconfigurations under the Web App Security factor have been removed.
    • Fixed search functionality for β€œService Provider” in both Internet Inventory and Portfolio (TPRM), now working as expected.
    • Resolved an issue that prevented users from generating Data Breaches reports; report generation now works as expected.
    • Resolved an issue where some users encountered a blank page in the Data Breaches section of the Cyber RiskProfiler module due to large volumes of breach data.

    Your participation in our journey is irreplaceable. Each piece of feedback is highly valued.

    Β 

    Warm Regards,

    Setu Parimi πŸ₯³πŸ™Œ

    Β 

    Β 

    Β 

    Β