Announcements

  1. πŸŽ‰ Fresh updates from RiskProfiler.io πŸŽ‰ (May 1st to May 15th)

    New Feature
    Improvement
    Fix
    Announcement

    Greetings, everyone! We've worked hard to bring forth various new features and improvements. Let's explore them!

    πŸš€ New Features:

    • OKTA Single Sign-On (SSO): Integrated support for OKTA SSO. Users can now log in to RiskProfiler using their enterprise OKTA credentials for enhanced identity management and secure access.
    • Slack Integration: Slack integration module added under the Integrations section. Users can configure Slack with a bot token and channel name to receive real-time alerts for various security events. Supports test connection, enable/disable, and event-based notification configuration.
    • Tags Implementation in Organization Settings: Tags can now be created, edited, and managed from the Organization Settings. Tags are attachable to assets via the Internet Inventory edit interface. Dependency and associated findings now reflect tag relationships.
    • Jira Integration 2.0: Enhanced Jira integration with. Multiple integration points now support issue tracking directly from RiskProfiler. Users can auto-create Jira tickets from findings and view integration under the β€œManage Integrations” section.

    🐞 Bug Fixes & Improvements:

    • Send and Receive Questionnaires: Fixed delivery and reception errors in the Questionnaire module. Ensures correct association of questionnaires with vendors and internal teams.
    • Knowledge Hub – Add Document Field: Added a new Document Field in the upload form of the Knowledge Hub. Users can now label and categorize documents more effectively at the time of upload.
    • HSTS – New Low Severity Rule: Introduced a new low-severity rule for HSTS headers valid for less than 6 months. Enhances compliance scoring accuracy in attack surface findings.
    • Brand Configurations: Fixed label mismatch and visibility inconsistencies in brand settings.
    • Portfolio – Industry Field Dropdown: Fixed an issue where the Industry dropdown was not functioning in the Add Portfolio form.
    • Portfolio Email Notifications: Resolved failures where email notifications were not triggering after adding or removing a portfolio company.
    • Jira Removed from Alert Module: Jira ticket creation functionality has been deprecated and removed from the Alert module to avoid redundancy with the new integration flow.
    • Onboarding Integration – Redirection Bug: Fixed the issue where users were not redirected correctly after completing onboarding integrations.
    • Integration Forms – Loading Issues: Addressed slow loading and unresponsive behavior in integration configuration forms.
    • Magic Link Login: Fixed a reliability issue with Magic Link login functionality. Users will now receive and access the platform via secure login links without failure.
    • Credential Leaks – UI Update: Enhanced the Credential Leaks module by adding filtering functionality for the newly introduced columns: Status, Login Status, Verification Method, and Resolution Status.

    Your participation in our journey is irreplaceable. Each piece of feedback is highly valued.

    Warm Regards,

    Setu Parimi πŸ₯³πŸ™Œ

  2. πŸŽ‰ Fresh updates from RiskProfiler.io πŸŽ‰ (April 16th to April 30th)

    New Feature
    Improvement
    Fix
    Announcement

    Greetings, everyone! We've worked hard to bring forth various new features and improvements. Let's explore them!

    πŸš€ New Features:

    • Evidence Locker : Introducing Evidence Locker β€” a centralized location for managing documentation during audits and assessments. This tool allows organizations to request specific documents from stakeholders or vendors, track received files, and monitor pending requests and compliance status.
    • Remediation Plan Report: Introduced a comprehensive Remediation Plan report within the Remediation Plan module to enhance visibility into remediation efforts and track progress effectively to increase a given organizations security posture
    • Onboarding-The new Onboarding Hub offers a guided checklist to help teams quickly set up key modules and start using RiskProfiler efficiently. It includes tasks such as adding company information, seeding data, configuring alerts, and integrating cloud services etc. Helpful resources like documentation, expert support, and feedback options are also readily accessible.

    Β 

    🐞 Bug Fixes & Improvements:

    • Fixed an issue where users were unable to filter credentials leak data or top breach counts accurately. Filtering is now smooth and fully functional.
    • Addressed and resolved the problem where Executive Brand Intel Reports were failing to generate.
    • Resolved an issue where users had to refresh the page for the newly added third-party company to appear in the "Add Organization" list.
    • Implemented a β€œView Details” option on the Security Ratings page to display all security rating factor findings in a single, centralized view.
    • Added TikTok and other social platforms under the Social Media Handles, Executive Members, and Hashtags tabs under the Brand Configuration module. The same has been updated in the Executive Members and Company Profiles tabs within Internet Inventory.
    • Credential leak filter and breach top count issue: Addressed and resolved the issue where credential leak data could not be filtered properly.
    • A new Search Config tab has been added to the Brand Configuration Module to provide greater control over brand visibility. This feature enables the monitoring and management of key brand-related terms and keywordsβ€”supporting proactive reputation protection and early detection of potential brand risks.

    Your participation in our journey is irreplaceable. Each piece of feedback is highly valued.

    Warm Regards,

    Setu Parimi πŸ₯³πŸ™Œ

  3. πŸŽ‰ Fresh updates from RiskProfiler.io πŸŽ‰ (April 1st to April 15th)

    New Feature
    Improvement
    Fix
    Announcement

    Greetings, everyone! We've worked hard to bring forth various new features and improvements. Let's explore them!

    πŸš€ New Features:

    • We’ve launched a fully revamped Organization Settings module, empowering admins to configure integrations, security policies, and AI capabilities with greater control. Highlights include customizable scan configurations, AI-powered automation (RiskProfiler AI), fine-grained login security, centralized policy management through the Knowledge Hub, and enhanced tagging for asset-risk correlation. Checkout: https://platform.riskprofiler.io/organization-settingsΒ 
    • We’ve introduced the ability to generate Remediation Action Plan Reports directly from your organization’s/vendor's portfolio. These reports offer a clear, actionable summary of outstanding security issues and prioritized recommendations. Whether you’re managing third-party vendors or internal security posture, this feature helps guide remediation efforts to improve security ratings and fast-track risk resolution.
    • Stream key events like asset discovery, scans, and vulnerabilities directly to Splunk in real time. Customize what gets sent, control batch size and retries, and boost your SIEM workflows with enhanced visibility and faster response times.

    Β 

    🐞 Bug Fixes & Improvements:

    • Updated the UI of the following asset types: Third-Party Vendors, Subsidiary, and Service Provider tabs in the Internet Inventory. To better align them with our latest "Add Organization" module on the Portfolio section under the TPRM Module.
    • Addressed and resolved the issue where LinkedIn social handles were not updating correctly in the Executive Members tab within the Internet Inventory.
    • Refined the UI of the View Status slider for Brand Threats and Phishing Sites in the Brand and Dark Web Intelligence modules.
    • Fixed an issue in which Scan History charts displayed incorrectly when there were no findings.

    Your participation in our journey is irreplaceable. Each piece of feedback is highly valued.

    Warm Regards,

    Setu Parimi πŸ₯³πŸ™Œ

  4. πŸŽ‰ Fresh updates from RiskProfiler.io πŸŽ‰ (March 16th to March 31st)

    New Feature
    Improvement
    Fix
    Announcement

    Greetings, everyone! We've worked hard to bring forth various new features and improvements. Let's explore them!

    πŸš€ New Features:

    • We’ve added new Type and Status Code filters to the Fake & Malicious Apps feature. This makes it easier to analyze threats, increases your visibility into potential issues, and improves overall investigation accuracy. Users can now categorize domains as Parked, Suspicious, Non-Functional, or Functional, and filter them based on HTTP response codes such as 2xx, 3xx, 4xx, and 5xx.
    • We’ve launched a new Brand Configuration feature under the Brand & Darkweb Intelligence module that centralizes management of keywords, social media handles, executive names, domain names, trademarks, and more.
    • Introduced a refreshed Sidebar UI for improved navigation and user experience across the RiskProfiler platform. The new design features a modern look, better spacing, and clear categorization under sections like Attack Surface Intelligence, Identity Intelligence, and Third Party Risk Management, etc. Users can now quickly locate modules such as Case Management, Credential Leaks, and Vendor Portfolio with enhanced visual clarity.

    Β 

    🐞 Bug Fixes & Improvements:

    • Fixed an issue where users were unable to export issues for specific domains in the Third Party Risk Management module.
    • Resolved an issue that was preventing graphs from rendering correctly in the Attack Path section.
    • Corrected an issue that prevented logos from appearing properly in the generated reports.
    • Introduced "In Progress" and "Resolved" tabs for better status tracking. Renamed the "Whitelisted" tab to "Ignored" for improved clarity in the Fake & Malicious Apps feature
    • Fixed an issue causing delays in the Security Ratings chart loading on the dashboard.

    Your participation in our journey is irreplaceable. Each piece of feedback is highly valued.

    Β 

    Warm Regards,

    Setu Parimi πŸ₯³πŸ™Œ

  5. πŸŽ‰ Fresh updates from RiskProfiler.io πŸŽ‰ (March 1st to March 15th)

    New Feature
    Improvement
    Fix
    Announcement

    Greetings, everyone! We've worked hard to bring forth various new features and improvements. Let's explore them!

    πŸš€ New Features:

    • Introduced a new feature, Incident Tracker β€” a centralized module enabling users to log, manage, and resolve different alerts within the platform efficiently. It supports incident creation with defined severity levels, assignees, and real-time updates. Users can track timelines, comments, file attachments, and alerts associated with each incident.

    Β 

    🐞 Bug Fixes & Improvements:

    • A UI issue in the Alert Module affecting the users' ability to select asset types is now fixed.
    • Login functionality has been improved to deliver faster performance.
    • All column names titled "Criticality" across the application have been renamed to "Asset Criticality" for easier understanding.
    • Duplicate rules identifying the same misconfigurations under the Web App Security factor have been removed.
    • Fixed search functionality for β€œService Provider” in both Internet Inventory and Portfolio (TPRM), now working as expected.
    • Resolved an issue that prevented users from generating Data Breaches reports; report generation now works as expected.
    • Resolved an issue where some users encountered a blank page in the Data Breaches section of the Cyber RiskProfiler module due to large volumes of breach data.

    Your participation in our journey is irreplaceable. Each piece of feedback is highly valued.

    Β 

    Warm Regards,

    Setu Parimi πŸ₯³πŸ™Œ

    Β 

    Β 

    Β 

    Β 

  6. πŸŽ‰ Fresh updates from RiskProfiler.io πŸŽ‰ (Feb 16th to Feb 28th)

    New Feature
    Improvement
    Fix
    Announcement

    Greetings, everyone! We've worked hard to bring forth various new features and improvements. Let's explore them!

    πŸš€ New Features:

    • Launched a new Data Breaches Report that provides a detailed and structured breach timeline, highlighting critical events, affected organizations, and exposed information types over a period of time.
    • Introduced a new feature in the Trust Center that allows users to add a custom logo for their domain, replacing the default logo. This enhances brand identity and personalization.
    • Introduced the Remediation Plan feature, enabling organizations and their portfolio companies to improve their overall security score by identifying issues that impact it. This feature addresses all contributing factors and provides a structured, factor-wise improvement plan for effective risk remediation.
    • Implemented an automated cleanup process for stale DNS records to improve system efficiency and accuracy. Cloudflare is currently supported, other DNS Providers are on our roadmap.

    🐞 Bug Fixes & Improvements:

    • Addressed and resolved multiple styling issues across all reports, ensuring a more polished and visually consistent user experience.
    • Resolved the issue where multiple pages in Typosquats Screenshots were missing closing icons.
    • Fixed the problem where users were not receiving email notifications for events like Takedown submission and Adding or deleting a portfolio company.
    • Corrected the UI alignment and functionality of the Dependent Asset Slider within Trackers in Internet Inventory.
    • Fixed a problem where the domain logo was not re-rendering correctly on the CRP Security Ratings page.
    • Addressed the issue where users were unable to add a Service Provider in the Service Provider tab within Internet Inventory.
    • Ensured that license quotas used for deleted assets remain accounted for in both Internet Inventory and Portfolio pages, preventing discrepancies in quota calculations.

    Your participation in our journey is irreplaceable. Each piece of feedback is highly valued.

    Β 

    Warm Regards,

    Setu Parimi πŸ₯³πŸ™Œ

  7. πŸŽ‰ Fresh updates from RiskProfiler.io πŸŽ‰ (Feb 1st to Feb 15th)

    Greetings, everyone! We've worked hard to bring forth various new features and improvements. Let's explore them!

    πŸš€ New Features:

    • Released v2 of the β€œAdd Organization” feature in the Vendor Portfolio section with an updated design and enhanced functionality to send onboarding risk assessment questionnaires to vendors.
    • Enhanced vendor risk questionnaires to support conditional follow-up questions based on multiple response options. Users can now configure distinct follow-up questions for each answer choice, enabling a more dynamic and tailored risk assessment process.

    Β 

    🐞 Bug Fixes & Improvements:

    • Released a new license type that enables users to perform monthly risk assessments via the Service Provider Scan on the License Usage page.
    • Resolved an issue where blank rows would appear in the Expanded Security Rating page when vulnerability data was incomplete, ensuring a cleaner display and improved user experience.
    • Fixed an issue in a Vulnerability Rule’s score calculation where informational findings were erroneously assigned negative score points, now correctly displaying an impacted score of 0.

    Your participation in our journey is irreplaceable. Each piece of feedback is highly valued.

    Β 

    Warm Regards,

    Setu Parimi πŸ₯³πŸ™Œ

    Β 

  8. πŸŽ‰ Fresh updates from RiskProfiler.io πŸŽ‰ (Jan 16th to Jan 31st)

    New Feature
    Improvement
    Fix
    Announcement

    Greetings, everyone! We've worked hard to bring forth various new features and improvements. Let's explore them!

    πŸš€ New Features:

    • Asset History Graph: We introduced a new graph in the IP Address tab of Internet Inventory that shows how often an IP address was active and which ports were open each day over the past year.
    • β€œAssets with Findings” Filter: Based on customer feedback, we added a toggle button in the Security Rating page of Cyber RiskProfiler. This allows users to filter and view only those rules with actual findings quickly.
    • Findings Count: We updated the Security Rating page of Cyber RiskProfiler to display the number of findings (instead of rules) for each severity levelβ€”ALL, HIGH, MEDIUM, LOW, and INFO.
    • Export Tab for Issues: We added a new Export tab in the Issues section of the Vendor Intelligence Dashboard, enabling users to export all third-party risk management issues in one go.

    Β 

    🐞 Bug Fixes & Improvements:

    • Enhanced active/inactive status for exposed assets in subdomains.
    • Updated Takedown Status sidebar in the Brand RiskProfiler module.
    • Fixed dropdown issue for β€œSelect Asset Type” in the Alert module.
    • Refined Activity Logs UI for an improved user experience.
    • Synchronized WAF data in reports with the dashboard.
    • Added CPE and CVE filter in the IP Address tab of Internet Inventory.
    • Introduced a Public URLs tab in Internet Inventory.
    • Separated Company profiles and Executive profiles in the Social Profiles section.
    • Resolved Score Impact value display issue before and after reload.

    Β 

    Your participation in our journey is irreplaceable. Each piece of feedback is highly valued.

    Warm Regards,

    Setu Parimi πŸ₯³πŸ™Œ

  9. πŸŽ‰ Fresh updates from RiskProfiler.io πŸŽ‰ (Jan 1st to Jan 15th)

    New Feature
    Improvement
    Fix
    Announcement

    Greetings, everyone! We've worked hard to bring forth various new features and improvements. Let's explore them!

    πŸš€ New Features:

    • Implemented a new Favicons tab in Internet Inventory, enabling global favicon scanning and indexing to identify associated domains.
    • Introduced a β€œVerify All Domains” feature in My Domains, allowing bulk domain verification in a single action for Multi-Tenancy/Partner Tenants.

    Β 

    🐞 Bug Fixes & Improvements:

    • Resolved issues with the sign-in page's loading time.
    • Corrected the export problem when Internet Inventory assets contain no data.
    • Fixed the absence of data in the Threat Factor History Graph within the CRP module.
    • Addressed the zoom-in and zoom-out issues affecting the sizing of the company logo in reports.
    • Enhanced sorting of issue severity, ensuring high-severity issues appear at the top and informational issues at the bottom.
    • Updated the case sensitivity settings for mobile APKs in Internet Inventory mobile applications.
    • Fixed truncation issues within Internet Inventory assets.
    • Resolved problems with report generation for Internet inventory and email breaches in the Reports Module.
    • Included an "Add Email" tab for adding email breach data in the Brand Risk Profiler.
    • Updated the API documentation with new APIs.
    • Addressed and corrected the issue of missing "Who Is" data in the Typosquats slider.
    • Resolved issues in the "related issue" column on the Compliance page.
    • Added a screenshot icon in the Actions column for registered typosquats in the Brand RiskProfiler Module.

    Your participation in our journey is irreplaceable. Each piece of feedback is highly treasured.

    Together, we fortify the digital landscapes!

    Warm Regards,

    Setu Parimi πŸ₯³πŸ™Œ

  10. πŸŽ‰ Fresh updates from RiskProfiler.io πŸŽ‰ (Dec 16th to Dec 31st)

    New Feature
    Improvement
    Fix
    Announcement

    Greetings, everyone! We've worked hard to bring forth various new features and improvements. Let's explore them!

    πŸš€ New Features:

    • Introduced Active/Inactive status tabs for quickly filtering assets such as My Domains, API, Certificates, Login URLs, IP Blocks, CDN, and ASN within the Internet Inventory.

    Β 

    🐞 Bug Fixes & Improvements:

    • Resolved aggregation and count-related issues across the entire application.
    • Implemented edit and delete options in the Brand Abuse Admin panel.
    • Fixed edit and delete functionality issues in the Alert Module.
    • Fixed issues with IP address exports and count updates on the Trust Centre page.
    • Enhanced the Web Application Firewall (WAF) detection feature in the subdomain slider page of the Internet Inventory.
    • Resolved export issues in the Email Breaches module.
    • Fixed bulk import functionality issues.
    • Made the Top 5 factors on the Dashboard interactive by making them clickable.
    • Resolved issues with the Generate Report slider on the Portfolio page.

    Your participation in our journey is irreplaceable. Each piece of feedback is highly treasured.

    Together, we fortify the digital landscapes!

    Warm Regards,

    Setu Parimi πŸ₯³πŸ™Œ