Purplemet Cloud 1.27.0 New Features

Updates and new features

Purplemet Cloud 1.27.0 is now available! This new version features several updates and enhancements compared to the previous version, as described hereafter.

Disabling Web Applications

It is now possible to disable web applications in order to keep them within the subscription for historical purposes, without their results being included in dashboards.

When disabling a web application, the following actions are carried out:

• The analysis schedule, if configured for this web application, is disabled.
• Technologies and issues are no longer reported in the general Issues and Technologies sections or dashboards.
• Once disabled, a web application no longer receives updates on its technologies and issues, and it is no longer possible to launch or schedule new analyses. However, it remains possible to edit the web application and generate reports on it.
• Finally, if the web application was using a Daily Analysis or Weekly Analysis license, the license will be released at the end of the month in which the application was disabled, allowing users to reuse it for another web application.

A new section Web Applications > Disabled Web Applications is introduced to list all disabled web applications.

• The status of disabled web applications in the UI is set to Disabled, with a tooltip showing the author and date of the action.
• A quick action is available for each entry to re-enable the application.
• All actions available for active web applications remain accessible, except those related to launching or scheduling analyses.
• A new Enable action allows reactivating selected web applications.

For licensed web applications, the License column now displays an “Alert” icon with a tooltip showing when the license will be released.

The Web Applications section now displays only active (not deleted and not disabled) applications. To reflect this change, the All tab is renamed Active, with a tooltip explaining the applications included. A new Disable action is now available to disable selected web applications. A new Disable action is also available in details of an active web application.

For a disabled application, a banner clarifies its status. If the application uses a license, the banner also shows the date when the license will be released. The differences compared to an active web application are:

• Analysis scheduling is disabled.
• The Launch Analysis action is no longer available.
• A new Enable action is provided.

The list of domains now provides, within the Web Applications column, a tooltip showing the number of disabled and deleted web applications associated with the domain. Tag ratings are now based only on active web applications. Disabled applications are ignored in the tag rating calculation. The list of tags also provides, within the Web Applications column, a tooltip showing the number of disabled and deleted applications associated with the tag.

When a web application is reactivated:

• Its technologies and issues are once again displayed in the general Issues and Technologies sections and dashboards.
• It is again possible to launch on-demand analyses or restore scheduled analyses if the subscription license allows it.
• If a schedule was in place before deactivation, it is restored, and the license will be reapplied as soon as the analysis is relaunched.

DKIM Policy Verification

DKIM (DomainKeys Identified Mail) is an email authentication mechanism based on cryptography. It allows a sending domain to digitally sign its messages so that the receiving server can verify that the email has not been altered and that it comes from an authorized source. The main goal is to prevent spoofing and strengthen the deliverability of legitimate messages. Purplemet now allows users to monitor DKIM policy implementation across their domains by adding a new DKIM column, showing whether the policy is in place and whether errors or suggestions are available.

The domain details page also provides a new DKIM – DomainKeys Identified Mail section, explaining the mechanism, its governing RFCs, and the DNS records configured.

Note: This feature requires a new domain discovery to be launched.

Public Zone Transfer Detection

Purplemet now checks during domain discovery whether zone transfer functionality is publicly available (without authentication).

• A new AXFR column in the domains list shows whether zone transfer is publicly available.
• A new Public Domain Zone Transfer section on the domain details page shows the status of public zone transfers, listing the name servers if available.
• A new Discovery column in the DNS records list identifies records collected via public zone transfer (AXFR value).
• A new How this record has been found? section in DNS record details explains whether the record was collected via zone transfer (with the name servers used) or a simple DNS query (with the query type).

Note: This feature requires a new domain discovery.

Domain Expiration Alerts

The platform now notifies users of upcoming or actual domain expiration. Notifications are sent by email and instant messaging (if configured at the subscription level):

• Default timing: Notifications are sent 30 days before expiration.
• Custom timing: Admins can configure this in Preferences at the subscription level or fine-tune per domain in the Notifications section of the domain’s Details tab.

Notifications & DNS Security Policy Changes

Any detected change in domain security protocols (DNSSEC, DMARC, SPF, or CAA) triggers notifications to users with access to the domain. Notifications are sent for:

• New policy setup.
• Policy modification.
• Policy removal.

They include the DNS records identified, and in the case of setup or modification, may also include recommendations or identified errors. Additionally, records are created in the domain’s Changes tab to confirm detected modifications.

Improved Notification Presentation

All email notifications have been redesigned for better ergonomics and more relevant information, especially regarding detected changes from analyses and discoveries. Examples:

• Web application notifications.
• Domain notifications.
• User account activation notifications.

Customizable Reports

The reporting procedure now allows users to select which sections to include in generated reports. New sections have been introduced depending on the asset type for added flexibility and consistency:

The possible sections for web application reports correspond to the sections already offered in previous versions.

New sections are available for the following domains:

• DNS Records / List to list the DNS records detected for the domain
• Issues Summary to provide a summary of the list of vulnerabilities affecting web applications associated with the domain and their number
• Exploited Issues Summary to provide a summary of critical vulnerabilities impacting web applications associated with the domain

The possible sections for certificate reports correspond to the sections already offered in previous versions.

A new section is available for IP addresses: Autonomous System to obtain information about the AS to which the IP address belongs.

New sections are available for tags:

• Issues Summary to provide a summary of the list of vulnerabilities impacting web applications associated with the tag and their number
• Exploited Issues Summary to provide a summary of critical vulnerabilities impacting web applications associated with the tag

Additional Updates

• Main Navigation – Dashboards: A new Dashboards section is available in the navigation menu. The existing Dashboard has been renamed Web Applications Dashboard.
• Web Application Import Improvements: Users can now include optional descriptions and tags in the import file. Example format:
• New Column in Issues List: A new Ignored By column identifies the author of the Ignore action on an issue.