Updates and new features
Purplemet Cloud 1.33.0 is now available! This new version features several updates and enhancements compared to the previous version, as described hereafter.
Web Applications – Identification of Third-Party Providers
Purplemet introduces a first version of third-party provider identification for web applications.
This feature now makes it possible to:
- Identify and inventory third-party resources (JavaScript, CSS, images, media) and API endpoints used by an application.
- Distinguish internal providers (Domain) from external providers.
- Classify detected elements by category (Resource / API) and by type (REST, GraphQL, SOAP, JavaScript, CSS, Image).
- Automatically normalize the provider root URL for each detected provider.
- View this information through a new dedicated tab in the details of a web application.
The dedicated interface displays a tabular view of third-party providers, with sorting on the main columns, consistent with the other detail tabs for web applications. This first iteration focuses on visibility and inventory of third-party dependencies, without risk scoring or advanced analysis.
Licensing – Global License Usage Indicator
Purplemet now centralizes license consumption visibility into a single global indicator displayed in the left sidebar.
This enhancement provides:
- A global progress bar representing consolidated average usage.
- Display of the usage percentage with an AVG badge.
- Visibility restricted to administrator users.
- A detailed tooltip showing consumption by license type:
- Domain On-Demand Discovery
- Web Application On-Demand Analysis
- Web Application Continuous Monitoring
This redesign unifies the way license consumption is viewed across the platform, without changing the existing calculation logic.
Web Applications Dashboard – New WAF Coverage Widget
The Web Applications dashboard now includes a new widget dedicated to WAF coverage.
This widget now makes it possible to:
- Distinguish applications protected by a WAF.
- Visualize the overall distribution through a donut chart.
- Show the most widely used WAF technologies.
- Group the remaining technologies into an Others category.
- Redirect to the appropriate inventories depending on the interaction performed.
- Export the displayed data in CSV format.
This enhancement improves the readability of the protection posture of web applications and comes with a reorganization of the Web Applications dashboard to integrate this new widget consistently.
Additional Updates
- Domain Inventory – New Undiscovered Tab - A new Undiscovered tab helps users quickly identify READY domains that have never been analyzed.
- IP Addresses & Certificates – Filtering by Tags - Tag-based filtering is now available in the IP Addresses and Certificates dashboards for more consistent scoped analysis.
- Notifications – Onboarding Email on First Login - Admin and Operator users now receive an additional onboarding email after their first successful login.
- Web Applications – Restoration of a Disabled Application - Disabled web applications can now be restored instead of duplicated when the same URL is added again.
- Web Applications Dashboard – CVE Adjustments and Unsafe Labels - The Web Applications dashboard has been refined with corrected CVE navigation, reordered widgets, and updated labeling for better clarity.
