fbpx

Cyver Core: Feature Wrap-up 2023

by | Jan 2, 2024 | Blog

2023 was a big year for Cyver Core and we’re proud to share that we released over 75 new features, platform updates, and improvements over the year! Those range from big to small, and include everything from new roles inside the system to improvements to our report generation and automation.

Most importantly, those features were guided by, tested by, and used by our customers. 90% percent of Cyver’s new releases and feature updates were based on customer requests and input. We’re proud to have a platform that’s built around the needs of our pentesters – and we aim to continue that approach in the future. 

Fast Facts

Cyver is proud of how hard we worked in 2023, so here are some quick highlights. We released a lot of stuff and you can keep reading to learn more, but here are the highlights: 

  • 78 New Features 
  • 90% Requested by Customers
  • Increased our Dev team by 30% 
  • 85% of features released within our projected release schedule 

Feature Highlights 

  • Continuous Assessments
  • Integrated Vulnerability Scanner
  • Quote Module 
  • Pentest Reporting Improvements 
  • 8 New Importers

And, of course, there’s much more! 

Continuous Assessments

Continuous Assessments allow you to run ongoing scans and pentest assessments with findings imported directly into the Cyver portal to be pushed to clients as reports or as findings tickets. This feature means you can automate PTaaS, DAST, and attack Surface Management with scanning and reporting handled automatically. 

  • Continuous Assessments Project Type 
  • Vulnerability Scanner 

User Management

Good user management enables compliance, security, and reduced overhead. We’ve introduced new fields, new roles, and display and control settings to help with that. 

  • User account new field Function
  • Client / Account manager role
  • Display last login for users
  • Client portal setting (de)activate users and teams

File Importer

Cyver Core helps you manage and deliver your pentests. It’s critical that we support the tools you use every day. That’s why we introduced 8 new file importers for smoother imports from your tooling. Plus, we are always taking recommendations for more. 

  • Importer BlindSPOT
  • Acunetix File Importer
  • Import Cyver CSV
  • File Importer Zap
  • File Importer OpenVAS
  • Nexpose importer
  • Netsparker importer (now Invicti)
  • Importer Qualys

Filtering

Filtering enables project and finding management, tokens, and sorting to reduce overhead and streamline your automation. 

  • User account active filter
  • Planning filter – users with/without projects
  • Add Project Filter per Template

Data Exchange

Even if Cyver Core is the central hub for your pentest activities, you’ll need data elsewhere. We’ve worked to make it as easy as possible to export your Cyver Core platform data outside of the platform. 

  • Import / Export Clients
  • Export Cyver CSV
  • Export client level findings to Excel
  • Export report to HTML 

Findings Management

From customizing your vulnerability library to improving auto-fill and improving automation for imports, we’ve put a lot of work into further streamlining findings import and management. Highlights include matching re-occurrences on finding import, CVS 4.0, and Exploit DB. 

  • Customize Time to Fix SLA
  • Support CVSS 4.0
  • Reoccurrence auto-match on import
  • Add labels to import process
  • Finding Fields templates
  • Import auto-match without creating new assets
  • Labels in finding details
  • Connection to Exploit DB

Quote Module 

You can now create quotes and invoice your clients directly inside of Cyver Core, keeping everything neatly in one, secure place.

  • Quote functionality in the platform 

Report Tokens

Tokens allow you to dynamically add data to your reports, so you can automatically generate beautiful and highly detailed pentest reports from your pentests, scans, and other cybersecurity assessments. This year, we added 11 new tokens to help you customize your reports even further. 

  • New report tokens recommendation by label
  • New report token Findings_Vuln_Severity_Status_Table
  • New report tokens finding counters
  • New report token background info summary
  • Report token counters per label
  • Report token settings to hide fields
  • Report token findings status counters
  • Compliance norm summary report token
  • Finding details token settings
  • Findings grid token
  • New report token finding grid title + severity

Identification

Your login methods keep your organization safe. It’s important that you use the options you want. This year, we added two new SSO options. 

  • SAML SSO
  • Microsoft SSO

Reporting

Added pentest report customization was our most requested feature for 2023, which is why we added multiple customizations including a whole new markdown editor, must-have features like auto-save, and custom language options. 

  • Optional report sections
  • New markdown editor
  • Links in PDF Table of Contents
  • Dynamic Tokens Custom Text Language
  • New report template setting – Hide finding codes
  • Autosave report editor
  • PDF TOC H1-H3 and clickable
  • Password Protected PDF
  • Report header in PDF  

Client Portal

The client portal is your direct point of contact with your client. This year we focused on enabling client interaction, creating features to keep your full client process in the Cyver Core portal, and added new features for project requests, ongoing projects, and offering insights and data. 

  • Customize Request forms
  • Hide Pentester usernames and names from clients
  • Extra fields in client request form
  • Client Request select multiple forms
  • Customize Project Request Form
  • Multi-language support 
  • Labels visible to Client portal
  • Compliance Norm Insights – Control Visibility
  • Client Insights Filters

Workflow

Your workflow is your process. You can now change visibility and share as much of that to the client as you want. 

  • Workflow tasks visible to client
  • Workflow tasks Full View and Client Visibility
  • Request retest flow

Assets Management

We’ve introduced better asset management, labeling, and batch operations. That means you can more easily handle your client’s assets, whether they have one top level IP or hundreds. 

  • New assets types: Source code / Smart contracts
  • Improved Asset Management
  • Asset batch operations
  • Labels for Assets

Project Settings

Customizing your project settings and project template settings means you can more easily re-use the same templates and projects across clients to reduce your workload. 

  • Pentester portal tabs setting in Project Settings and Template
  • Labels for Projects
  • Create a project from another one for easier retesting 
  • Evidence visibility setting in project template

Customization

Cyver Core is fully white-label, and we’re pleased to offer even further customizations to help you get the look and feel you need. 

  • Change finding severity colors
  • Customize color email template

Integrations

ChatGPT is everywhere – so whether or not you’re using it, you can play around and see how well generative AI works with creating report and section summaries in your pentest reports. 

  • ChatGPT integration

Compliance Norms 

We worked to further enable red teaming in the Cyver Core platform by introducing the PTES and MITRE attack framework. 

  • PTES
  • MITRE Attack Framework 

Planning

Share planning dates with clients (or vice versa) with more customization than ever before. 

  • View pentesters with and without projects
  • Better user experience

Cyver Core is proud of what we’ve accomplished in 2023. We’re already hard at work on our objectives for 2024. If you’re a customer, feel invited to contribute with suggestions, requests, and feedback, which we will incorporate into the platform whenever we can. 

Thank you for being part of our 2023.