Integrate your Azure Environment with BreachRisk™. Find, measure and test the cyber risks in your Azure cloud environment in each BreachRisk™ Assessment. With your Azure integration, you now have visibility into the threat vectors you are presenting to attackers as your Azure environment changes. Check out our knowledge base article to get started.

See the cloud assets visible to BreachBits with your cloud integrations. If you have enabled any cloud integrations with your BreachRisk™ for Business subscription, now you can see the compute (e.g. EC2, VMs, etc.), storage (e.g. Azure Blobs, AWS S3), apps (e.g. Elastic Beanstalk, Azure App Service) and databases that are visible to BreachBits and included with each BreachRisk™ Assessment. To see these assets, visit Cloud Integrations in your BreachRisk™ for Business menu.

Organize the companies you monitor into groups. BreachRisk™ Portfolio customers can now organize the companies they monitor into sub-portfolios, to make measuring cyber risk across teams, business units and use cases easy. Learn how here: How to Build a Sub-Portfolio.

Select the level of visibility and control you can share with other organizations. BreachRisk™ for Business subscribers can now choose exactly the level of visibility can share with others. Options include BreachRisk™ Report (high-level list of threat vectors discovered and statuses), BreachRisk™ Technical (detailed list of threat vectors, hosts, services, etc. with IP addresses and URLs) and BreachRisk™ Administrator (authorization to enable testing, adding hosts, integrating cloud environments, etc.). Learn more here: share my results.

New: Context-based impact scoring for threat vectors. Threat vectors on hosts assessed to be third-party managed, isolated or possible honeypots will now be scored with a reduced impact score.

New: Fortinet vulnerability CVE-2022-40684, which allows attackers to bypass VPN authentication.

New: Fortinet vulnerability CVE-2022-39952, which allows unauthenticated remote code execution in some versions of FortiNAC and FortiWeb devices.

Improved: Log4j vulnerability discovery using additional methods of exploitation and verification.

Improved: Recognition of network level authentication (NLA) control in exposed Remote Desktop Protocol (RDP) services.

Improved: Stricter validation of IKE credential compromise threat vectors.

New: Users enabling multi-factor authentication can now choose their country code from a drop-down menu.

New: Users can now click on and share links that bring them to a specific page in their BreachBits Dashboard.

Improved: Customers with large attack surfaces faced excessive load times for BreachRisk™ Technical results.

Fixed: Customers can mistakenly add a user to their account multiple times.

Fixed: Customers do not get an indication of successful addition of a new user in the User Management feature in Account Settings.