Agile development cycles demand quicker remediation of the discovered security flaws, but the outdated and generic remediation guidance provided by DAST tools isn’t helping.

Development teams are under pressure to prioritize flaw remediation and push fixes to production as soon as possible. But without context and actionable guidance to do so, developers are often left hanging trying to figure out how to remediate reported vulnerabilities.

Introducing Contextual Reports from Beagle Security – a breakthrough generative AI model that gives you detailed, actionable, and step-by-step breakdown of how to remediate each vulnerability.

Powered by advanced language models and our own data sets, the latest addition will help you to remediate vulnerabilities efficiently and faster than ever before, saving you precious hours and improving your developer productivity.

Beagle Security’s test engine makes use of the user input and reconnaissance of its own to identify the database, framework, language, and server to generate the reports that are highly contextual for each application.

Try contextual reports out for yourself and experience the difference in productivity.

We're excited to announce the release of our latest feature - Acknowledgment note 🎉

With this new feature, you can now accept certain risks by adding notes to vulnerabilities or particular occurrences in the result dashboard of Beagle Security.

For instance, if there's a necessary accepted risk for the proper functioning of your application, acknowledging the same will help us know that you're aware of it, and we would disregard it as a vulnerability in the next test.

With out-of-band vulnerability detection, Beagle Security will keep a vigilant eye on your web applications and APIs, constantly searching for any signs of blind or second-order vulnerabilities.

These types of vulnerabilities can be particularly tricky, as they can be exploited through alternative channels, making it difficult to detect and stop an attack.

But not anymore! With this new feature, you'll be able to stay ahead of the game and proactively address any potential threats before they can cause harm.

Beagle Security now integrates with Bugasura  - the simple, fast and agile bug tracker built for modern SaaS teams.

Setting up the integration will allow you to get the vulnerability details automatically synced to your Bugasura project every time a test is completed.

Assigning the fixing of vulnerabilities to relevant team members and tracking them to closure just got easier. You can find the the documentation for the integration here.

The asset discovery feature detects all the subdomains associated with a root domain so that you can add or remove the relevant subdomains and easily define the scope of a penetration test.

The feature is available in the setup wizard and accessible from the application dashboard too.

There can be cases where assets that you want to run a test on are subdomains of your root domain. Earlier you had to verify each and every subdomain you wanted to test.

But now once you've verified yourself as the owner of the root domain, every subsequent sub domain under it will be automatically counted as verified when you add it as a new application. Just choose the DNS verification option under domain verification in the setup wizard and see the magic happen ✨

Data privacy violations and non-compliance with GDPR and HIPAA standards can result in legal actions and hefty fines.

Ensuring compliance should not be a huge headache or expense for your organization.

Introducing GDPR & HIPAA compliance reports on Beagle Security.

With Beagle Security, you can integrate a continuous security testing approach in your SDLC to find vulnerabilities at the right time. You can then mitigate the vulnerabilities using the recommendations provided by Beagle Security and ensure compliance with standards like GDPR and HIPAA.

This new feature allows you to export PDF reports against GDPR and HIPAA compliance standards and gain a better understanding of the security controls you have passed and failed.

The report lists all the vulnerabilities that come under the failed controls so that your team can fix them. By establishing a continuous security testing process in accordance with compliance standards, you can show auditors that you handle data in a safe and responsible way.

Beagle Security now lets you set up notifications for SSL and domain expiry for websites.

This is a very subtle but important feature. Keeping track of SSL certificate or domain renewals should be the last thing on your mind, allow us to keep you reminded about them.

You can use your registered email address to receive notifications or use a different email address altogether.

To get started, head over to an application's dashboard and check for the two dropdowns next to the URL.

And if you want to learn more, check out this video:

Swagger is a tool widely used by organizations for implementing the OpenAPI specification. It allows you to describe the structure of your APIs, build API documentation and automatically generate client libraries for your APIs.

With this latest feature on Beagle Security, you can now import your APIs as a Swagger collection for security testing. During the API import procedure, go ahead by selecting Swagger and import the JSON as a file or by providing the URL.

Email address change

We've made it easier for you to change your account email without having to get in touch with our support team. Just head over to Settings --> General for changing the email address associated with your account at any time.

All vulnerabilities are now tagged against the industry standards. These include: CWE, CVSS, WASC, ISO, HIPAA, PCI, CAPEC, WSTG and a few more.

They are available in the results dashboard and downloadable reports.