2023 was a big year for Cyver Core and we’re proud to share that we released over 75 new features, platform updates, and improvements over the year! Those range from big to small, and include everything from new roles inside the system to improvements to our report generation and automation.
Most importantly, those features were guided by, tested by, and used by our customers. 90% percent of Cyver’s new releases and feature updates were based on customer requests and input. We’re proud to have a platform that’s built around the needs of our pentesters – and we aim to continue that approach in the future.
Fast Facts
Cyver is proud of how hard we worked in 2023, so here are some quick highlights. We released a lot of stuff and you can keep reading to learn more, but here are the highlights:
- 78 New Features
- 90% Requested by Customers
- Increased our Dev team by 30%
- 85% of features released within our projected release schedule
Feature Highlights
- Continuous Assessments
- Integrated Vulnerability Scanner
- Quote Module
- Pentest Reporting Improvements
- 8 New Importers
And, of course, there’s much more!
Continuous Assessments
Continuous Assessments allow you to run ongoing scans and pentest assessments with findings imported directly into the Cyver portal to be pushed to clients as reports or as findings tickets. This feature means you can automate PTaaS, DAST, and attack Surface Management with scanning and reporting handled automatically.
- Continuous Assessments Project Type
- Vulnerability Scanner
User Management
Good user management enables compliance, security, and reduced overhead. We’ve introduced new fields, new roles, and display and control settings to help with that.
- User account new field Function
- Client / Account manager role
- Display last login for users
- Client portal setting (de)activate users and teams
File Importer
Cyver Core helps you manage and deliver your pentests. It’s critical that we support the tools you use every day. That’s why we introduced 8 new file importers for smoother imports from your tooling. Plus, we are always taking recommendations for more.
- Importer BlindSPOT
- Acunetix File Importer
- Import Cyver CSV
- File Importer Zap
- File Importer OpenVAS
- Nexpose importer
- Netsparker importer (now Invicti)
- Importer Qualys
Filtering
Filtering enables project and finding management, tokens, and sorting to reduce overhead and streamline your automation.
- User account active filter
- Planning filter – users with/without projects
- Add Project Filter per Template
Data Exchange
Even if Cyver Core is the central hub for your pentest activities, you’ll need data elsewhere. We’ve worked to make it as easy as possible to export your Cyver Core platform data outside of the platform.
- Import / Export Clients
- Export Cyver CSV
- Export client level findings to Excel
- Export report to HTML
Findings Management
From customizing your vulnerability library to improving auto-fill and improving automation for imports, we’ve put a lot of work into further streamlining findings import and management. Highlights include matching re-occurrences on finding import, CVS 4.0, and Exploit DB.
- Customize Time to Fix SLA
- Support CVSS 4.0
- Reoccurrence auto-match on import
- Add labels to import process
- Finding Fields templates
- Import auto-match without creating new assets
- Labels in finding details
- Connection to Exploit DB
Quote Module
You can now create quotes and invoice your clients directly inside of Cyver Core, keeping everything neatly in one, secure place.
- Quote functionality in the platform
Report Tokens
Tokens allow you to dynamically add data to your reports, so you can automatically generate beautiful and highly detailed pentest reports from your pentests, scans, and other cybersecurity assessments. This year, we added 11 new tokens to help you customize your reports even further.
- New report tokens recommendation by label
- New report token Findings_Vuln_Severity_Status_Table
- New report tokens finding counters
- New report token background info summary
- Report token counters per label
- Report token settings to hide fields
- Report token findings status counters
- Compliance norm summary report token
- Finding details token settings
- Findings grid token
- New report token finding grid title + severity
Identification
Your login methods keep your organization safe. It’s important that you use the options you want. This year, we added two new SSO options.
- SAML SSO
- Microsoft SSO
Reporting
Added pentest report customization was our most requested feature for 2023, which is why we added multiple customizations including a whole new markdown editor, must-have features like auto-save, and custom language options.
- Optional report sections
- New markdown editor
- Links in PDF Table of Contents
- Dynamic Tokens Custom Text Language
- New report template setting – Hide finding codes
- Autosave report editor
- PDF TOC H1-H3 and clickable
- Password Protected PDF
- Report header in PDF
Client Portal
The client portal is your direct point of contact with your client. This year we focused on enabling client interaction, creating features to keep your full client process in the Cyver Core portal, and added new features for project requests, ongoing projects, and offering insights and data.
- Customize Request forms
- Hide Pentester usernames and names from clients
- Extra fields in client request form
- Client Request select multiple forms
- Customize Project Request Form
- Multi-language support
- Labels visible to Client portal
- Compliance Norm Insights – Control Visibility
- Client Insights Filters
Workflow
Your workflow is your process. You can now change visibility and share as much of that to the client as you want.
- Workflow tasks visible to client
- Workflow tasks Full View and Client Visibility
- Request retest flow
Assets Management
We’ve introduced better asset management, labeling, and batch operations. That means you can more easily handle your client’s assets, whether they have one top level IP or hundreds.
- New assets types: Source code / Smart contracts
- Improved Asset Management
- Asset batch operations
- Labels for Assets
Project Settings
Customizing your project settings and project template settings means you can more easily re-use the same templates and projects across clients to reduce your workload.
- Pentester portal tabs setting in Project Settings and Template
- Labels for Projects
- Create a project from another one for easier retesting
- Evidence visibility setting in project template
Customization
Cyver Core is fully white-label, and we’re pleased to offer even further customizations to help you get the look and feel you need.
- Change finding severity colors
- Customize color email template
Integrations
ChatGPT is everywhere – so whether or not you’re using it, you can play around and see how well generative AI works with creating report and section summaries in your pentest reports.
- ChatGPT integration
Compliance Norms
We worked to further enable red teaming in the Cyver Core platform by introducing the PTES and MITRE attack framework.
- PTES
- MITRE Attack Framework
Planning
Share planning dates with clients (or vice versa) with more customization than ever before.
- View pentesters with and without projects
- Better user experience
Cyver Core is proud of what we’ve accomplished in 2023. We’re already hard at work on our objectives for 2024. If you’re a customer, feel invited to contribute with suggestions, requests, and feedback, which we will incorporate into the platform whenever we can.
Thank you for being part of our 2023.