{"id":37302,"date":"2025-01-17T20:06:58","date_gmt":"2025-01-17T14:36:58","guid":{"rendered":"https:\/\/www.getastra.com\/blog\/?p=37302"},"modified":"2025-01-17T20:07:36","modified_gmt":"2025-01-17T14:37:36","slug":"winter-2024-product-release-notes-whats-new-at-astra-security","status":"publish","type":"post","link":"https:\/\/www.getastra.com\/blog\/astra-product\/winter-2024-product-release-notes-whats-new-at-astra-security\/","title":{"rendered":"Winter 2024 Product Release Notes: What\u2019s New at Astra Security"},"content":{"rendered":"\n<p class=\"wp-block-paragraph\">Every second, organizations face an evolving battlefield in cybersecurity. APIs and cloud environments\u2014the backbone of modern businesses\u2014are prime targets for attackers exploiting overlooked vulnerabilities. A single breach can now cost organizations an average of <a href=\"https:\/\/www.varonis.com\/blog\/cybersecurity-statistics\" target=\"_blank\" rel=\"noopener\"><strong>$4.88 million<\/strong><\/a>.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">For businesses, this means heightened risks across critical systems, compounded by the struggle to identify vulnerabilities quickly enough. It\u2019s not just about avoiding breaches; it\u2019s about staying resilient in the face of them. Yet, while companies are adopting cloud-first strategies at unprecedented rates, <a href=\"https:\/\/sprinto.com\/blog\/list-of-cybersecurity-statistics\/\" target=\"_blank\" rel=\"noopener\"><strong>95% of them are underprepared to secure their digital assets<\/strong><\/a>, exposing themselves to costly incidents and reputational damage.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">At Astra Security, we recognize the urgency of these challenges. However, we also see an opportunity to arm businesses with tools that turn this complexity into clarity. That\u2019s why our focus remains on proactive, automated security solutions that allow organizations to discover and address risks at their core\u2014before they escalate.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Our latest updates are more than features\u2014from analyzing industry trends to understanding our customers&#8217; pain points. This winter, we\u2019re introducing solutions that tackle today\u2019s most pressing problems in API and cloud security, empowering organizations to stay ahead. Here&#8217;s what we\u2019ve built and why it matters:<\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"1_API_security_platform_Beta_launch\"><\/span><strong>1. API security platform (Beta launch)<\/strong><span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<figure class=\"wp-block-gallery has-nested-images columns-default is-cropped wp-block-gallery-1 is-layout-flex wp-block-gallery-is-layout-flex\">\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"2876\" height=\"1346\" data-id=\"37294\" src=\"\/cdn-cgi\/image\/quality=80,format=auto,onerror=redirect,metadata=none\/https:\/\/cdn-blog.getastra.com\/2025\/01\/3777907a-api-beta.png\" alt=\"api-security-platform\" class=\"wp-image-37294\" srcset=\"\/cdn-cgi\/image\/quality=80,format=auto,onerror=redirect,metadata=none\/https:\/\/cdn-blog.getastra.com\/2025\/01\/3777907a-api-beta.png 2876w, \/cdn-cgi\/image\/width=1536,height=719,fit=crop,quality=80,format=auto,onerror=redirect,metadata=none\/https:\/\/cdn-blog.getastra.com\/2025\/01\/3777907a-api-beta.png 1536w, \/cdn-cgi\/image\/width=2048,height=958,fit=crop,quality=80,format=auto,onerror=redirect,metadata=none\/https:\/\/cdn-blog.getastra.com\/2025\/01\/3777907a-api-beta.png 2048w\" sizes=\"auto, (max-width: 2876px) 100vw, 2876px\" \/><\/figure>\n<\/figure>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>The Problem:<\/strong> APIs are the backbone of modern applications, but they\u2019re also becoming a favorite target for attackers.<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Last year<strong>,<\/strong> an exposed <a href=\"https:\/\/salt.security\/blog\/its-2024-and-the-api-breaches-keep-coming#:~:text=Trello%20Breach%20(January%202024)%3A,of%20compromised%20data%20profiles%E2%80%8B.\" target=\"_blank\" rel=\"noopener\">Trello API compromised data of over 15 million users<\/a> by linking private email addresses to Trello accounts.<\/li>\n\n\n\n<li><a href=\"https:\/\/thehackernews.com\/2024\/05\/hackers-increasingly-abusing-microsoft.html\" target=\"_blank\" rel=\"noopener\">Hackers used the Microsoft Graph API<\/a> to establish covert malware communication channels, leveraging a trusted cloud service to evade detection.<\/li>\n<\/ul>\n\n\n\n<p class=\"wp-block-paragraph\">What\u2019s common in these attacks? <strong>Lack of visibility and security for APIs.<\/strong><\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>The Solution:<\/strong> Introducing the Astra API Security Platform, which is now live in beta! This tool is built to help you manage, scan, and secure your entire API inventory seamlessly.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>Key Features:<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Automated Mapping: <\/strong>It automatically discovers and visualizes the connections between your APIs and their associated systems, ensuring you have a clear, up-to-date map of your entire API network. Without manual intervention, this feature helps you track all endpoints, including their dependencies, permissions, and potential attack vectors.<\/li>\n\n\n\n<li><strong>API Inventory Visualization:<\/strong> View all your APIs in one centralized place, keeping track of endpoints effortlessly.<\/li>\n\n\n\n<li><strong>Security Vulnerability Detection:<\/strong> Advanced risk-scoring algorithm to identify vulnerabilities, including common flaws and advanced risks like data leakage.<\/li>\n\n\n\n<li><strong>OpenAPI Risk Classification:<\/strong> Classifies APIs into Shadow, Zombie, and Orphan categories, highlighting hidden or outdated APIs.<\/li>\n\n\n\n<li><strong>PII Detection:<\/strong> Flags endpoints that handle Personally Identifiable Information (PII), ensuring sensitive data protection.<\/li>\n<\/ul>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>The Impact:<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Catch vulnerabilities early:<\/strong> Identify and address security issues before they escalate into bigger problems.<\/li>\n\n\n\n<li><strong>Faster development:<\/strong> Shift your security testing earlier in the development lifecycle, making your development process more secure and efficient.<\/li>\n\n\n\n<li><strong>Comprehensive API security:<\/strong> Stay on top of your entire API ecosystem with an easy-to-manage inventory and automated risk detection.<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"2_Pentester_dashboard\"><\/span><strong>2. Pentester dashboard\u00a0<\/strong><span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<figure class=\"wp-block-gallery has-nested-images columns-default is-cropped wp-block-gallery-2 is-layout-flex wp-block-gallery-is-layout-flex\">\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1332\" height=\"748\" data-id=\"37296\" src=\"\/cdn-cgi\/image\/quality=80,format=auto,onerror=redirect,metadata=none\/https:\/\/cdn-blog.getastra.com\/2025\/01\/021a6a7f-pentester-dashboard.png\" alt=\"pentester-dashboard\" class=\"wp-image-37296\"\/><\/figure>\n<\/figure>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>The Problem:<\/strong><strong><br><\/strong>Pentesters face a fragmented security landscape today, with disjointed tools, manual processes, and siloed data, making it difficult to deliver accurate, comprehensive results efficiently. The growing volume of vulnerabilities and the demand for faster turnarounds leave teams overwhelmed and prone to errors. A major challenge is the lack of a centralized system that fails to provide the insights, automation, and prioritization needed to address high-risk vulnerabilities quickly and effectively. This inefficiency disrupts workflows, hinders proactive security, and prevents real-time collaboration.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>The Solution:<\/strong><strong><br><\/strong>The <strong>Pentester Dashboard<\/strong> is a centralized hub to manage your entire pentesting workflow. It simplifies tasks like credential verification, vulnerability tracking, and team collaboration.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>The Impact:<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Streamlined Workflow:<\/strong> A single dashboard consolidates your tasks and tools for greater efficiency.<\/li>\n\n\n\n<li><strong>Enhanced Productivity:<\/strong> Save time and effort by having everything you need in one place.<\/li>\n\n\n\n<li><strong>Improved Collaboration:<\/strong> Assign and easily manage tasks, ensuring better team alignment.<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"3_Sticky_notes_feature\"><\/span>3. <strong>Sticky notes feature<\/strong><span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<figure class=\"wp-block-gallery has-nested-images columns-default is-cropped wp-block-gallery-3 is-layout-flex wp-block-gallery-is-layout-flex\">\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1600\" height=\"1446\" data-id=\"37300\" src=\"\/cdn-cgi\/image\/quality=80,format=auto,onerror=redirect,metadata=none\/https:\/\/cdn-blog.getastra.com\/2025\/01\/9bce1b5f-screenshot-2025-01-17-at-5.55.55\u202fpm.png\" alt=\"sticky-notes\" class=\"wp-image-37300\" srcset=\"\/cdn-cgi\/image\/quality=80,format=auto,onerror=redirect,metadata=none\/https:\/\/cdn-blog.getastra.com\/2025\/01\/9bce1b5f-screenshot-2025-01-17-at-5.55.55\u202fpm.png 1600w, \/cdn-cgi\/image\/width=1536,height=1388,fit=crop,quality=80,format=auto,onerror=redirect,metadata=none\/https:\/\/cdn-blog.getastra.com\/2025\/01\/9bce1b5f-screenshot-2025-01-17-at-5.55.55\u202fpm.png 1536w\" sizes=\"auto, (max-width: 1600px) 100vw, 1600px\" \/><\/figure>\n<\/figure>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>The Problem:<\/strong><strong><br><\/strong>Pentesting is fast-paced and detail-oriented, requiring constant note-taking for to-dos, observations, and key findings. Yet, capturing these insights is often chaotic. Many pentesters resort to scattered tools\u2014spreadsheets, third-party apps, or even sticky notes on their desks\u2014leading to disorganized workflows and missed details.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">This fragmentation doesn\u2019t just waste time; it risks critical observations slipping through the cracks, potentially impacting test quality. When working across multiple environments or collaborating with teammates, the lack of a centralized and searchable solution only compounds the challenge.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>The Solution:<\/strong><strong><br><\/strong>The <strong>Sticky Notes Feature<\/strong> provides a straightforward way to jot down and organize notes directly within your workspace, ensuring seamless access and synchronization across all platforms.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>The Impact:<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Better Organization:<\/strong> Keep reminders and to-dos in one place, reducing clutter.<\/li>\n\n\n\n<li><strong>Increased Efficiency:<\/strong> Quickly find and manage notes with built-in search and infinite scrolling.<\/li>\n\n\n\n<li><strong>Cross-Platform Convenience:<\/strong> Access your notes anywhere, ensuring consistency across workspaces.<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"4_Dark_theme_for_user_interface\"><\/span><strong>4. Dark theme for user interface<\/strong><span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<figure class=\"wp-block-gallery has-nested-images columns-default is-cropped wp-block-gallery-4 is-layout-flex wp-block-gallery-is-layout-flex\">\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1518\" height=\"856\" data-id=\"37295\" src=\"\/cdn-cgi\/image\/quality=80,format=auto,onerror=redirect,metadata=none\/https:\/\/cdn-blog.getastra.com\/2025\/01\/fe32ec29-dark-mode.png\" alt=\"dashboard-dark-mode\" class=\"wp-image-37295\"\/><\/figure>\n<\/figure>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>The Problem:<\/strong> Long hours in bright, white interfaces or working in dimly lit environments can lead to eye strain, fatigue, and reduced focus\u2014hindering productivity. For cybersecurity professionals who spend hours combing through complex data, an uncomfortable interface isn\u2019t just a nuisance; it\u2019s a drain on physical well-being and efficiency.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>The Solution:<\/strong> We\u2019ve rolled out the <strong>Dark Theme<\/strong> for Astra Security, offering you a customizable and more comfortable experience.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>Key Features:<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Reduced Eye Strain:<\/strong> Ideal for long hours or dimly lit environments.<\/li>\n\n\n\n<li><strong>Customizable Experience:<\/strong> Easily switch between dark and light modes according to your preference.<\/li>\n\n\n\n<li><strong>Improved Focus:<\/strong> A distraction-free interface to help you focus on what matters most.<\/li>\n<\/ul>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>The Impact:<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Better user experience:<\/strong> Customize your interface to suit your comfort.<\/li>\n\n\n\n<li><strong>Enhanced productivity:<\/strong> A sleek, dark interface helps you focus better without the distractions of a bright screen.<\/li>\n\n\n\n<li><strong>Less eye strain:<\/strong> Work longer without feeling fatigued.<\/li>\n<\/ul>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Whats_new_in_Astras_OrbitX_platform\"><\/span><strong>What\u2019s new in Astra\u2019s OrbitX platform?<\/strong><span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<h3 class=\"wp-block-heading\">Improvements<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Optimized Scheduling &amp; Compliance Workflow<\/strong>: We&#8217;ve enhanced the scheduling algorithm to improve resource allocation, ensuring timely and reliable scans. Plus, the compliance page loads faster, with added filters for a more efficient analysis of timeframes.<\/li>\n\n\n\n<li><strong>Consistent User Experience Across Platforms<\/strong>: To streamline navigation, we&#8217;ve unified time formats across the dashboard for better consistency. Additionally, we\u2019ve improved role flexibility in the Android apps, enabling user roles to support usernames, emails, or phone numbers.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Key bug fixes<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Enhanced Scan Accuracy &amp; Efficiency<\/strong>: Fixed issues with API target configuration, ensuring comments and notes were saved correctly. We&#8217;ve also improved scan reliability, guaranteeing that scheduled scans run precisely on time.<\/li>\n\n\n\n<li><strong>Simplified Setup &amp; Access<\/strong>: IPA file uploads have been fixed for smoother iOS target setup, and we\u2019ve resolved issues with programmatic access for targets that don&#8217;t have cloud providers. Additionally, errors related to renaming scans in the dashboard have been addressed, ensuring better consistency in your workflow.<\/li>\n\n\n\n<li><strong>Improved Data Integrity<\/strong>: We\u2019ve resolved issues related to risk score sorting and fixed duplicate headers during web target setup to ensure smoother, more accurate scanning results.<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Summing_up\"><\/span><strong>Summing up<\/strong><span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">As we continue our journey towards strengthening your cybersecurity defenses, the Winter updates mark just the beginning of a series of innovations to simplify and enhance your security workflows. We&#8217;re focused on delivering proactive, automated solutions that give you the power to stay one step ahead of evolving threats.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">But this is just the start. As we look towards our Spring update, we\u2019re excited to unveil features that will further elevate your security operations. Among these are advanced tools like a Trust Center for deeper visibility, automated rescanning of individual vulnerabilities to ensure nothing slips through the cracks, and enhanced API security capabilities with new integrations.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Stay tuned\u2014the best is yet to come.<\/p>\n\n\n<style>\n\n.testCaseWrap{\n  padding:35px;\n  border: 6px;\n  background-image: url('https:\/\/cdn-blog.getastra.com\/2024\/08\/838dc804-smallimgicbg.png');\n  background-size: cover;\n  background-repeat: no-repeat;\n  position: relative;\n  background-position: right;\n  height: 100%;\n  border-radius: 10px;\n  margin: 20px 0px; \n}\n\n.pentestHeading{\n  color: #575757;\n  font-size: 24px;\n  font-weight: 600;\n  color: #575757;\n  max-width: 450px;\n}\n\n.testCaseHead {\n    display: flex;\n    align-items: center;\n    grid-gap: 1rem;\n}\n\n.ctaOne {\n    text-decoration: none;\n    background-color: #2F76F8;\n    color: #ffffff !important;\n    padding: 10px 25px;\n    border-radius: 6px;\n    font-weight: 600;\n}\n\n.ctaTwo {\n    text-decoration: none;\n    background-color: #24BC94;\n    color: #ffffff !important;\n    padding: 10px 25px;\n    border-radius: 6px;\n    font-weight: 600;\n}\n\n.spanBoldBlue {\n    color: #3078FE;\n    font-weight: 700;\n}\n\n.testCaseImg{\n  position: absolute;\n  bottom: 0px;\n  right: -20px;\n  height: 250px;\n  width: 240px;\n}\n\n@media(max-width: 768px){\n\n}\n\n@media(max-width: 576px){\n    .testCaseHead {\n      flex-direction: column;\n      align-items: start;\n    }\n\n   .pentestHeading{\n      font-size: 28px;\n    }\n\n   .testCaseImg{\n    display: none;\n  }\n}\n\n<\/style>\n\n<div class=\"testCaseWrap\">\n  <p class=\"pentestHeading\">Lock down your security with our <span class=\"spanBoldBlue\">10,000+ AI-powered test cases.<\/span><\/p>\n  <p >Discuss your security needs <br \/> &#038; get started today!<\/p>\n<br \/>\n  <div class=\"testCaseHead \">\n    <a href=\"https:\/\/www.getastra.com\/pentest\/pricing\" class=\"ctaOne\" target=\"_blank\" rel=\"noopener\">View Pricing<\/a>\n    <a href=\"https:\/\/www.getastra.com\/contact-us\" class=\"ctaTwo\" target=\"_blank\" rel=\"noopener\">Schedule a call<\/a>\n  <\/div>\n\n  <img decoding=\"async\" src=\"\/cdn-cgi\/image\/quality=80,format=auto,onerror=redirect,metadata=none\/https:\/\/cdn-blog.getastra.com\/2024\/09\/34b4861d-boy1.png\" alt=\"character\" class=\"testCaseImg\" \/>\n<\/div>","protected":false},"excerpt":{"rendered":"<p>Every second, organizations face an evolving battlefield in cybersecurity. APIs and cloud environments\u2014the backbone of modern businesses\u2014are prime targets for attackers exploiting overlooked vulnerabilities. A single breach can now cost organizations an average of $4.88 million. For businesses, this means heightened risks across critical systems, compounded by the struggle to identify vulnerabilities quickly enough. It\u2019s &#8230; <a title=\"Winter 2024 Product Release Notes: What\u2019s New at Astra Security\" class=\"read-more\" href=\"https:\/\/www.getastra.com\/blog\/astra-product\/winter-2024-product-release-notes-whats-new-at-astra-security\/\" aria-label=\"Read more about Winter 2024 Product Release Notes: What\u2019s New at Astra Security\">Read more<\/a><\/p>\n","protected":false},"author":124,"featured_media":37293,"comment_status":"open","ping_status":"0","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[58],"tags":[],"class_list":["post-37302","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-astra-product"],"_links":{"self":[{"href":"https:\/\/www.getastra.com\/blog\/wp-json\/wp\/v2\/posts\/37302","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.getastra.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.getastra.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.getastra.com\/blog\/wp-json\/wp\/v2\/users\/124"}],"replies":[{"embeddable":true,"href":"https:\/\/www.getastra.com\/blog\/wp-json\/wp\/v2\/comments?post=37302"}],"version-history":[{"count":1,"href":"https:\/\/www.getastra.com\/blog\/wp-json\/wp\/v2\/posts\/37302\/revisions"}],"predecessor-version":[{"id":37303,"href":"https:\/\/www.getastra.com\/blog\/wp-json\/wp\/v2\/posts\/37302\/revisions\/37303"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.getastra.com\/blog\/wp-json\/wp\/v2\/media\/37293"}],"wp:attachment":[{"href":"https:\/\/www.getastra.com\/blog\/wp-json\/wp\/v2\/media?parent=37302"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.getastra.com\/blog\/wp-json\/wp\/v2\/categories?post=37302"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.getastra.com\/blog\/wp-json\/wp\/v2\/tags?post=37302"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}