As a part of our ongoing platform migration, you will no doubt be experiencing less scan results, but fear not, this is by design and not a glitch (a feature, not a bug). This is a normal part of our platform lifecycle as we constantly vet scan sources by adding new ones and getting rid of redundancies, it is important though that partners understand why there are changes in results.
We are reducing the number of scan sources since some of them are becoming increasingly redundant while others have become more accurate and are providing far better results which cover the same issues.
This has resulted not only in duplication of issues, but also scans running with irrelevant issues being found by them.
Phasing out these scan sources would remove a lot of complexity in the background. While we are implementing various other solutions to simplify things, removing this functionality completely would really improve reliability on many, many layers.
A few scan sources generate a lot of issues for probes which has been a pain point for a long time for our partners and end users. These results don’t make sense for internal environment. We have thought about filtering this out for internal networks for a long time and clients will be pleased to know that this is now resolved. Another great user experience pro!
This would also free up quite some extra resources on both appliances and our Kubernetes platform.
Here are a few examples of the types of changes you can expect:
Duplication or redundancy makes sense for the following in local networks:
NETBIOS amplification possible
DNS amplification possible
PORTMAP - DUMP v2 amplification possible
This one is redundant in any scenario:
X-XSS-Protection header not found
To conclude, these much-needed changes will provide:
- Improved scanning performance and duration – because we are getting rid of some outdated scan sources daily scans will be performed faster
- more accurate results – more scans do not necessarily mean better security if the scanners are producing duplicate results. Duplication also introduces additional risk as it costs time investment from both us and our partners to resolve issues. By eliminating duplication and reducing redundancies, we also reduce clutter, which means the information we communicate is more to the point and easy to process
- freeing up resources – by eliminating unnecessary scanning it frees up our internal human resources in trying to get these scanners to integrate. It will also save us on bandwidth and processing requirements and our scans will be completed in less time which in turn will result in less tickets from overrun scans.
- improved reliability – having less data sources will mean we can do more with the results instead of having to cater for nuances from each scan source.
This part of our migration could very well be the cause when your number of issues are reduced.