There came some little but nice to have changes within the last release deployment. Roundup:

  • Change domain settings (landingpage, scheme) quickly
  • Improved notification settings
  • Combined similar results into one

And some smaller ones:

  • Display mobile screenshot in PDF report
  • Sync information in mails and in portal
  • Sort digest mails by domain
  • Some bugs
  • Overall performance improvements

In this article I want to show you the 2 main improvements of the last release, according the settings, which are really great.

Change domain settings

This is one of the biggest small improvements of this release. You are now able to change the landing page of a domain by yourself.

How:

Go to “Settings -> Domain” and click on the pencil near the domain you want to modify.

Just change the landing page to your liking. But you need to stay within the domain (FQDN). If you want to change the domain itself, you need to add an extra one.

But you can also change the scheme to “https” or “http”. If TLS checks are available within your bundle we will check TLS capabilities of your domain when you set the scheme to “https”. If you want to disable TLS checks, simply change the scheme to “http” and you should be good.

Improved Notification Settings

One main component of nimbusec are the notifications. Once registered you get a default set of notifications for every domain. You will be notified on red alerts and by mail only. In some cases you also want to be notified by SMS or on yellow alerts as well for more important websites. There you go with the improvements:

  • Show domains which are inactive and where no notification will be sent
  • Show warning if domains are in a wrong bundle where SMS notificaiton is not available

Domains which are not available due to inactivity or beacause they were linked to a bundle without the correct capabilities are greyed out. But you can set the notification anyway. So in case the domain becomes active again, you don’t need to care about the notification setting.

Combined Results

As we introduced global scanning this year, the number of results we got increased dramatically. Of course a lot of them were simply put duplicates because some websites look and behave in the same way from all regions of the world. So we aggregated them to one single result, which shows where the issue popped up.