Back to blog
Release
4 minutes read

Purplemet Cloud 1.21.0 New Features

Purplemet Product

March 12, 2024

Updates and new features

Purplemet Cloud 1.21.0 is now available! This new version features several updates and enhancements compared to the previous version, as described hereafter.

Certificates management

You can now access all your X.509 certificates in one place. Purplemet provides you detailed information about your certificates (settings, certificate chain, alternate names), which web applications currently use them, and the related issues to quickly remediate them.

Purplemet Cloud certificates management

API token profile

Our RBAC is now available for API tokens with administrator, operator and reader roles which can be used in conjunction with tags.

Purplemet Cloud API Token Scope

User impersonation

An administrator profile can now impersonate another user profile for debug or training purpose.

Purplemet Cloud User Impersonation

Issues view for technologies

The technology tab now provides a new Issues view to easily spot what vulnerabilities could be fixed for a specific technology.

Purplemet Cloud technology issues view

Error status in dashboard widget

The error status is now included in the WEB APPLICATIONS OVERVIEW widget of your dashboard, allowing you to quickly review which applications cannot be accessed. Such error may correspond to a potential disponibility issue of your asset, or may indicate that the decommission of your asset has not been fully completed.

Purplemet Cloud error status widget

Support for multiple subscription authentication methods

You can now enable Single Sign-On and Login/Password authentication methods simultaneously to let your colleagues authentication using your organization SSO identity provider, while allowing approved users outside your organization to access their account using a login/password pair.

Purplemet Cloud Multi Authentication Support

New "Role" option for Account Auto Provisioning feature

When the "Account Auto Provisioning" Single Sign-On option is enabled, you can now specify which role the platform shall use for creating new accounts provided by the SSO Identify Provider. Note that if the SSO IdP provides the role to apply for the account using the "role" attribute, this role is ignored.

Purplemet Cloud Account Auto Provisioning Role

Improved "Security" tab on user details page

The Security view of the user details page has been updated to list the authentication methods available to the user and provide associated actions for each method.

Purplemet Cloud User Security Tab

EPSS Score Last Check Date

The EPSS information tooltip has been improved to let you know when the EPSS score has been last checked along with when it has been effectively last changed.

Purplemet Cloud EPSS dates

Additional updates

  • New Tags column in the Users list.
  • New reason for backporting added when ignoring an issue.
  • Display of the number of web applications detected during a discovery.
  • Improved display of analysis status linked to a web application.
  • Improved status display for discoveries and domains in error.
  • Improved dialog boxes transition.

Up Next