NormShield ChangeLog



  • New Filters in Vulnerability Listing Page
  • New Filters in Asset Listing Page
  • New Tab called "By Assignee" in Vulnerability Listing Page
  • You can now tag vulnerabilities as well as categories and assets
  • New Rows added to Extra Column in Asset Listing Page
    • Open Vulnerability Severity Distribution
    • Lastest Host Discovery Status
  • Alert when an asset is down for a specified day in host discovery
  • Scan configuration export
  • New dynamic scopes (All Web Assets and All IP Assets) in Scan Configuration
  • Switch Role function for users have multiple roles
  • Bugfixes
    • Asset import via Excel file
    • Several snapshot and performance fixes


  • Task (Automation)
    • New Task Action: You may assign filtered vulnerabilities to directly “Asset Owner”
    • Vulnerability plugin-name and plugin-family filter
    • Task Re-ordering
  • Pentester Role
    • After matching a pentester user and a scan, the pentester may add new vulnerabilities to this scan and re-control when they fixed.
  • Scanner
    • Zap Proxy Support with dynamic communication
    • Netsparker json file support
  • Scan
    • Able to create multiple scans with one request (for web scans mostly)
  • Asset
    • OS Filter Added with predefined OS Systems
    • Periodically capturing assets from Nessus SC and creating labels on NormShield system
  • Vulnerability
    • Ticket Status Filter is added
    • Vulnerability history and ticket activity tabs are combined
  • Active Directory
    • Secure SSL option
    • Manager Info Added to Search Page
    • Multiple AD Server Support
    • Creating User Groups According to Company Team Hierarchy
  • Ticketing
    • Defining SLA days by Asset Labels besides Common SLA days
    • Built-In Ticketing E-mail Reorganizations
    • Take ownership process is added
      • The goal of this process to find the right owner of the vulnerability. This is hard in big organizations. So, we have 2 due-date process. One of them aims to find the owner and the other one aims to resolve the vulnerability.
      • After assigning a ticket, user may take ownership (accept the vulnerability and start working on it)
      • This take ownership due date is different from SLA due dates. If user did not take ownership within defined days, every day system send e-mail with manager.
      • Please contact for more information and fit this process to your organization
  • Common
    • SingleSignOn (SSO) support
    • Customizable logo
    • Lean setting menu
    • Able to change scheduled-report e-mail targets
  •  Bugfixes
    • Big performance improvements
    • Some login problems
    • Asset discovery one-time scan bugfix
    • Task assigning bugfix
    • Scan result PDF export bugfix


  • New Task Filter: “Vulnerability Is Exploitable” is added.
  • New nessus severity mapping method is added. It is selectable in settings
  • Critical ports can be changeble in settings now
  • Asset Discovery: every 2 hour scan option is added, delete discovered assets before run option for temporary networks is added
  • Bugfix: Scanning same vulnerabilities for frequent reheck requests
  • Bugfix: Errors for users own more than 2100 assets as asset owners


  • Scans:
    • Comparing two different scans. Vulnerabilities will be listed in this comparison screen. This feature makes sense when you compare scans with similar scopes (assets, scan policies, etc.)
    • IBM Guardium scan result file parsing support is added under Compliancy Control
    • You may also delete vulnerabilities while deleting scan results. This option will be prompted during the related operation.  
    • Scan configuration: New dynamic and more flexible scan period options are added.
    • Notification when an error occurs while offline importing scan files via Import Folder.
    • RunHour/IdleHour options are added for flexible Nessus scans.
    • Bugfix: Sending duplicate scan started mails for the same scan.
  • Asset:
    • Asset listing search field supports Regex queries.  
    • Changing asset owner action is added to asset history as a event.
    • Asset importing now accepts asset owners’ name and lastname as additionaly inputs.
    • Asset import also supports multiple assets in a row in a comma seperated format.
    • Scans with credentials information are also visible in NormShield. You may filter assets that are successfully scanned with credentials or failed.
    • Hosts up-count is also added to the asset label listing.
    • Discovered assets are now listed in related asset discovery configuration
    • Ability to change SLA date of a single vulnerability manually
    • Dynamic asset management through an API for assets that are hosted in cloud, such as AWS. This option can be set in settings page.
    • Bugfix: Bulk Asset Score update fails irregularly.
  • Vulnerability:
    • Recent Check Date added to Vulnerability List page. This date is the most recent date that NormShield found this vulnerability in any scan.
    • Vulnerability listing search field supports Regex queries.
    • Asset owner and mitigation of vulnerability is added to the vulnerability export reports.
    • CVE and CWE filters are added to vulnerability charts and to table listings as additional information.
    • More owner detail of vulnerability (ticket) in vulnerability detail and listing page.
  • Custom Reports:
    • Asset Scan Lifecycle: Lists assets and their related scans in columns in order to show all scans that are related to the selected asset scope.
    • Vulnerability Scan Lifecycle: Lists vulnerabilities and their related scans in columns.
    • A new report “Asset Overview Report” is added. This includes a detailed asset summary with charts for a given time period.
    • New filters and new fields are added to Progress Report.
  • Analytics:
    • In the Scan Tab, “Monthly Scanned Assets” and “Monthly Detected Vulnerabilities” charts are added.
    • In the Vulnerability Tab, “Weekly New Vulnerability Trend” and “Weekly Mitigation Vulnerability Trend” charts are added.
    • New analytics charts about Ticket SLA Dates (Incoming SLA ve Passed SLA)
    • Grouping you favourite charts to “My Custom Charts” tab. You may access this tab directly from Dashboard.
  • Ticketing:
    • Duedate field is fed to the remote JIRA ticketing system along with the vulnerability information.
    • Sending ticket notification option is added to Remote Configuration setting. Some ticketing systems like JIRA already sends email to assignees. So, NormShield should not send the same information twice.
    • Due date of ticket is now changeable by company admin or root in vulnerability detail page.
    • Weekly reports for Ticket Owners about vulnerabilities assigned to them. This option is default FALSE. If you want to use it, please open in it in Company settings page.
    • Bugfix: Failed to transfer ticket, which already has an owner, to another group.
  • Auto Categorization:
    • Vulnerability categorization rule also extended with mitigation, description and reference regular expression search.
  • Task:
    • Tasks now support Vulnerability Category Tag and Vulnerability Category Root Cause.
    • A new API is created to create new tasks.
    • Tasks can be manually triggered with a reference start date.
  • Management:
    • Nessus scanner agent information such as UI and Plugin versions are added to agent page as additional messages.
    • NormShield now supports Remote MSSQL database instances. No need to install database to the local machine.
    • Auto agent activation control for previously selected default agent. If selected agent deactivates in somehow, related asset discovery, port, service or vulnerability scan agent will be deleted for continuous monitoring.
    • Bugfix: Inserting duplicate roles to a user.
    • Bugfix: HostnameFinder failed due to missing executables in the agent distribution.
  • Some performance bug fixes
  • Clickable Dashboard



  • Changing asset owner event was added to asset history
  • New fields added to progress report
  • Asset up counts added to labels and some charts
  • Assets that scanned with invalid credential added to scan information
  • Cve and Cwe filter added to vulnerability list filter and table
  • Bugfix: Netsparker scandate was parsed wrong in some files
  • Several bugfixes


  • Tasks now supports Vulnerability RootCause and Tag filter
  • Asset and vulnerability listing pages now supports regular expression search
  • Discovered assets are listing in dicovery configuration page
  • Task api created for external calls. Please contact for api documentation
  • "Asset Overview Report" added to Custom Reports
  • Severeal bugfixes implemented


  • NormShield now supports ServiceNow Incident Management. 
  • Vulnerability category RootCause and Tag filter added to vulnerability listing page and exports
  • Asset Score added to ByAsset tab in vulnerability listing page
  • Bugfix: History Trend Report in Custom Report: Ticket Owner Group filtering bug fixed
  • Bugfix: Scan Configuration, scan edit policy bug fixed
  • Bugfix: Asset import, turkish character bug fixed


  • Asset Score can be calculated with different methods that are parametric
  • 2 New ticket apis are added to integrate your local ticketing system. See details in Ticket Integration API Page
  • A user can now have multiple roles in NormShield. This is a great feature for On-premise customers. For example; company users can be user of multiple companies. Users that have multiple roles, have to select login role in login page.
  • Bugfix: Summernote image upload bug is fixed


  • NormShield now supports RSA Archer Ticketing
  • Task: Asset Importing now overrides some fields such as Priority, OS, NetBios
  • Task: Vulnerability Tasks are now supports ticking configuration for companies using multiple ticketing configuration
  • Task: Algorithm of Netsparker IntanceID is changed and supported for back compatibility
  • Task: Highlighted some response parameters in vulnerability detail page
  • Task: Scan historic information is added to scan configuration detail modal
  • Task: Scan policy labelling is on air. You may group scan policies imported from scanners and pair them with companies
  • Task: Scan policy profile is removed from menu.
  • Task: Vulnerability Category Reference Deletion


  • Task: Bades and Nvrf files are excluded vulnerability severity threshold parameter
  • Task: Fixed OTP can be used without SMS configuration
  • Bugfix: Cpes are not assigned to assets inserted before


  • Task: Ability to import assets with excel or csv files from web portal or directory
  • Task: Scan result modal asset sorting visual fixes
  • Task: Vulnerability category aggregation filter added
  • Task: Auto categorization now supports vulnerability category aggregation with regular expression
  • Bugfix: if unexpected agent process quits while a scan continues, agent cannot feed portal
  • Bugfix: Deleting a company leaves some user data particals in some tables
  • Bugfix: A scan that pending in blackout period, starts immediately whenever blackout ends
  • and some performance improvements


  • Task: "When Detected in a scan" Task/Rule now ignores closed vulnerabilities and passed controls
  • Task: Ability to view Asset information in Vulnerability and Control Alert emails
  • Task: Ability to Sending SIEM an unique ID for every alarm type (Taxonomy ID)
  • Task: Ability to periodically pull scan results from Nessus Security Center through Hotpoint configuration
  • Bugfix: Failed to show correct Asset Reachability 


  • Task: Ability to search Assets Labels with AND operator in Asset List
  • Task: Ability to create new scan configurations filtered with asset labels using AND operator
  • Task: Ability to create new scans with the new Scan Now button in Vuln List for selected vulnerabilities' assets
  • Task: Ability to get report by selected filters in Vulnerability List of Scan Result page
  • Task: Ability to show User Name and Surname in User selection boxes
  • Task: Ability to set Default Asset Discovery parameters in Company Settings page
  • Bugfix: Failed to start manual recheck scans when Auto Recheck Scan setting is disabled
  • Bugfix: Failed to get vulnerability list reports in pdf format


  • Task: Ability to disable/enable Auto Creation of User Groups by Active Directory
  • Task: Ability to export vulnerabilities in csv format with references information
  • Task: Ability to view Top 10 Open Ports graph in Vulnerability Summary Report
  • Bugfix: Failed to update status of multiple vulnerabilities in Category and Asset tabs in Vulnerability List by Company Users
  • Bugfix: Failed to show correct information on Weekly Security Digest
  • Bugfix: Failed to open/close vulnerabilities correctly on Scan Import 


  • Task: Ability to create Scans via Scan Creation API
  • Task: Ability to see Vulnerability Trend and Portmap Scan Summary graphs in Vulnerability Summary Report
  • Task: Ability to export vulnerabilities in csv format with CVE, CWE, and CVSS information
  • Task: Ability to send Weekly Security Digest Mail
  • Bugfix: Failed to delete domain bug fix
  • Bugfix: Failed to update status by Company Users in Vulnerability Detail page bug fix
  • Bugfix: Failed to restrict access to Asset Labels and Assets in filters and Asset List page for Company Users
  • Bugfix: Failed to export vulnerabilities with source filter selected
  • Bugfix: Failed to show vulnerabilities grouped by Category and by Asset in Vulnerability List page with user filter selected

1.7.0421 - Bugfix release

  • Bugfix: Failed to update vulnerability status in vulnerability list by Company Users
  • Bugfix: Failed to cancel skipped scans in blackout periods
  • Bugfix: Failed to actually stop scan when absolute timeout passes for certain scanners
  • Task: Ability to import new vulnerabilities and close all vulnerabilities with Recheck scans
  • Task: Ability to see Assets with Same Vulns in Vulnerability Detail page for Company Users
  • Task: Ability to display SLA information on Vulnerability Detail page
  • Task: Ability to fetch vulnerability references via SIEM API

1.7.0415 - Bugfix release

  • Bugfix: Failed to show correct open ports count on CPM dashboard
  • Bugfix: Failed to start recheck scans on correct time
  • Bugfix: Failed to show vulnerability status comments correctly in Vulnerability Detail History

1.7.0401 - Consult support @ normshield for the reference book

  • Task: Ability to filter Ticket Overview custom reports by Ticket Owners
  • Task: Ability to see recent Reachability status in Asset Panorama page
  • Task: Ability to filter Reachability status in Asset List
  • Task: Ability to select existing Asset Labels in Auto Categorization Rule List
  • Task: Ability to change "Vulnerability SLA" graph title to "Vulnerability Life" in Vulnerability Panorama page
  • Task: Ability to configure service scans from portal under Scan -> Portmap Monitoring -> Service Scan Configurations tab
  • Task: Ability to send priority of an asset and NormShield risk score of a vulnerability to SIEM
  • Task: Ability to trigger flows when status of a vulnerability or control
  • Task: Ability to filter assets in Asset List by excluding labels
  • Task: Ability to export Asset List with Asset Owner column
  • Task: Ability to bring Dashboard and Analytics graphs quicker (performance tuning)
  • Task: Ability to see Insert Dates in asset CVS export
  • Task: Ability to filter assets by Insert Dates in Asset List interface
  • Bugfix: Failed to see vulnerability details when no ticket is available by an asset owner
  • Bugfix: Failed to limit access to see asset's vulnerabilities', alarms' and controls' names for a company user 
  • Bugfix: Failed to update CVE and CPE json feeds
  • Bugfix: Failed to show correct Open Vulns Charts in "Vulnerability State Changes By Date" custom report
  • Bugfix: Failed to correctly calculate Recheck Scans with 1-2 minutes off
  • Bugfix: Failed to limit access to other asset values in Filter criteria in Asset List interface for a company user role
  • Bugfix: Failed to export PNG of charts with an appropriate width problem
  • Bugfix: Failed to parse Fortify XML report
  • Bugfix: Failed to show correct vulnerability numbers in "Vulnerability Summary Report" custom report
  • Bugfix: Failed to order Scan Configurations according to ID field
  • Bugfix: Failed to delete a company in a consistent manner

1.7.0309 - Bugfix release

  • Failed to hide vulnerabilities with already deleted tickets when listed with "Just Users" or "Just Groups" filter criteria in Vulnerability List interface
  • Failed to show meaningful scan notification email information on minimum vulnerability threshold explanation and it's effects
  • Failed to show stable values and labels on "Vulnerability State Changes by Date" custom report

1.7.0301 - Bugfix release

  • Bugfix: Failed to open a single ticket on the remote ticketing system for a single vulnerability


  • Task: Ability to trigger bulk operations in Scan Configuration interface, updating status of selected scans to active or deactive
  • Task: Ability to trigger bulk operations in Asset Label(s) interface, deleting selected labels
  • Task: Ability to select asset owner(s) for all Custom Reports
  • Task: Ability to see asset description in both CSV export of Asset List and Asset Details interface (Asset Panomara) for each Assets
  • Task: Ability to produce a new Custom Report under Summary & Infographic section; Vulnerability Summary Report
  • Task: Ability to export vulnerability list in Vulnerability List interface by taking search criteria textbox filter value
  • Task: Ability to support Arachni external scan policies - Specific how-to documentation available upon request
  • Task: Ability to import BADES reports without changing vulnerability status automatically
  • Task: Ability to apply AND/OR operators for asset label filter criteria in Vulnerability List interface
  • Task: Ability to select asset owner(s) for Analytics report
  • Bugfix: Failed to calculate scan percentage of scope correctly for a scan result
  • Bugfix: Failed to match correct assets when importing BADES reports
  • Bugfix: Failed to conform to international keyboard when searching vulnerabilities
  • Bugfix: Failed to include asset value in Action Matrix custom report
  • Bugfix: Failed to display correct number of vulnerabilities that are deleted in Vulnerability List interface as notification
  • Bugfix: Failed to provide correct date format when testing SIEM connection
  • Bugfix: Failed to stop scans when absolute timeout passes for web API provided vulnerability scanners
  • Bugfix: Failed to display vulnerability details when the vulnerability is assigned to groups as tickets

1.7.0202 - Bugfix release

  • Bugfix: Failed to see vulnerability details for a company user
  • Bugfix: Failed to give appropriate colors in Analytics graphs (ports/assets/alarms tab)
  • Bugfix: Failed to hide Scan Results operations menu for Company Admin role
  • Bugfix: Failed to sort asset list by Owner column


  • Task: Ability to assign tickets for alarms
  • Task: Ability to refresh all abstract information of vulnerability categories upon next vulnerability import
  • Task: Ability to add email column to custom pentester performance report
  • Task: Ability to import new Netsparker custom XML template report
  • Bugfix: Failed to create JIRA ticket 
  • Bugfix: Failed to produce Infograph report when asset size is bigger than 2000
  • Bugfix: Failed to calculate blackout period
  • Bugfix: Failed to send Excel scheduled reports as PDF attachments instead of Excel file type
  • Bugfix: Failed to start vulnerability scan when new ports are configured configure via portmap configuration


  • Task: Ability to bulk update status of scan configurations and scan results
  • Task: Ability to define granular scan policy profiles by using specific agents and companies
  • Bugfix: Failed to import BADES excel files with long vulnerability or category content, such as descriptions
  • Bugfix: Failed to import BADES excel files because of inconsistent database table state


  • Task: Ability to set Due Dates for JIRA tickets calculating due dates by using Admin->Settings->SLA interface values
  • Task: Ability to fetch User logs programmatically via Log Integration API
  • Task: Ability to enable/disable Live Notifications of vulnerabilities/alarms/software bugs/compliance control findings when using the portal in User Settings
  • Task: Ability to further filter Category Based and Asset Summary custom reports with vulnerability severities
  • Task: Ability to view vulnerabilities which are assigned to the same group members of the viewing user. New scope added: My Members' Vulnerabilities
  • Task: Ability to view detailed Analytics->Vulnerability->Root Cause Distribution graphic with inserted hardcoded rules that will be run upon update and periodically.
  • Bugfix: Failed to UTF-8 encode JIRA HTML attachments
  • Bugfix: Failed to calculate random assets when configured in a new Scan Configuration
  • Bugfix: Failed to hide User Logs menu for company users (not an authorization issue)

1.6.1202 Bugfix Release

  • Task: Ability to configure a new Scan Configuration with additional "Every Day" period
  • Bugfix: Failed to insert vulnerabilities with same asset and vulnerability name as two different vulnerabilities for BADES report import
  • Bugfix: Failed to use automatically pulled scan policies in new Scan Configurations
  • Bugfix: Failed to calculate unreachable hosts for an automated scan


  • Task: Ability to view and compare pentester performances via a new custom report
  • Task: Ability to further view prioritized vulnerabilities in dashboard with a distinct badge including urgent and exploitable vulnerabilities count
  • Task: Ability to view detailed user and system logs through portal log files
  • Task: Ability to view content containing HTML characters in a JIRA ticket through attachments
  • Task: Ability to further granularize the blackout periods, such as between the 1st and 3rd days of a month or between 27th and 29th days of a month
  • Task: Ability to automatically insert integrated scanner policies on the portal for immediate use without the need of manually defining them
  • Task: Ability to integrate and configure OTRS ticketing system through the portal along with JIRA now
  • Task: Ability to dynamically limit and C-block randomize scan targets when defining and editing a scan configuration
  • Task: Ability to point a scan absolute timeout and queue expiration when defining and editing a scan configuration. Queue expiration parameter executes a scan to postpone/cancel when it waits for a long time (queue expiration) in the queue for scanning
  • Task: Ability to automatically manage Acunetix 11 through its web API
  • Task: Ability to view license details interface under Admin -> License submenu
  • Task: Ability to view newly inserted alarms, software bug, vulnerability and controls real-time notifications through out the portal interfaces
  • Task: Ability to match JIRA assets with vulnerability assets for tickets when asset components match in JIRA database
  • Task: Ability to view vulnerability numbers by severities under Asset grouping (namely By Asset) tab of Scan Result pages
  • Task: Ability to view duration of a scan for an asset under asset panomara's History tab
  • Task: Ability to view ages of open vulnerabilities in Vulnerability Dashboard for analyzing lingering vulnerabilities through out the system
  • Task: Ability to assign tickets to vulnerabilities for users with "Company User" role through the vulnerability list interface
  • Task: Ability to view high granular user logs under Profile -> User Logs submenu
  • Bugfix: Failed to create a remote JIRA ticket due to missing null checking
  • Bugfix: Failed to add delete icon for deleting added domains in Domain Registration Lists under Scan -> SSL & Domain Monitoring submenu
  • Bugfix: Failed to assign/transfer tickets to another AD group for users with Company User role
  • Bugfix: Failed to enter HTML characters into the comment section when closing an alarm
  • Bugfix: Failed to show correct assets for labels as a tooltip for users with Root role
  • Bugfix: Failed to trigger a task rule including a patch publish date when a matched vulnerability is being inserted
  • Bugfix: Failed to calculate correct 2nd scan date for periodic scan configurations
  • Bugfix: Failed to display long row fields for Analytics -> Top Lists due to long hostnames or URLs
  • Bugfix: Failed to import netbios name using asset import API
  • Bugfix: Failed to restrict permissions for users with "Company Admin Read Only" role (asset discovery, scan configuration, fast adapt, scheduling custom reports)
  • Bugfix: Failed to list all vulnerabilities for users with "Company Admin Read Only" role
  • Bugfix: Failed to show CVE Exposure on the Vulnerability Dashboard
  • Bugfix: Failed to change the company of a user with company user role
  • Bugfix: Failed to sort products by product title column in asset panorama
  • Bugfix: Failed to produce correct performance matrix custom report when filter date is selected
  • Bugfix: Failed to show correct total repetition limit in Scan Configuration list interface
  • Bugfix: Failed to show correct width when Vulnerability Details tab is clicked for exceedingly width long Request/Responses in a vulnerability panorama
  • Bugfix: Failed to redirect correct asset detail pages when scope column content is clicked on a Scan Configuration list interface
  • Bugfix: Failed to create a single Scan Result when "Creating Scan Results Starting Now" button is clicked on a Scan Configuration list interface


  • Task: Ability to import custom formatted asset XML files periodically from a local directory (C:\NS\Import\{CompanyID} - {CompanyName}\). The directories will be formed automatically. The file should also have .asset extension, not .xml extension.
  • Task: Ability to import assets through asset import API
  • Task: Ability to select specific dates of months when configuring blackout periods
  • Bugfix: Failed to accept meta characters when leaving comment for alarm status changes
  • Bugfix: Failed to show right assets when hovering a label on scan configuration listing user interface as a tooltip
  • Bugfix: Failed to send HTML as JIRA ticket content
  • Bugfix: Failed to show license interface under Admin->License submenu
  • Bugfix: Failed to send asset as a component in a JIRA ticket


  • Bugfix: Failed to run certain auto categorization rules due to an extra control
  • Bugfix: Failed to rediscover deleted assets by asset discovery
  • Bugfix: Failed to get company specific alarms/software bugs/vulnerabilities for SIEM API using company specific token from Admin->Settings interface
  • Bugfix: Failed to grab real IP address behind forward proxy when logging
  • Bugfix: Failed to add NormShield portal URL for software bugs SIEM API JSON result
  • Bugfix: Failed to denote meaningful error message when SIEM API authentication fails
  • Bugfix: Failed to produce two different names for reports produced at the same time


  • Feature: Software Bug Dashboard presenting details of your software security life cycle from NormShield perspective
  • Task: Ability to list historical action entries for a scheduled report; when and to whom the report is sent with the description
  • Task: Ability to drag and drop scanner result files for import as well as other enhancements
  • Task: Ability to logging disable/enable company actions
  • Task: Ability to set a new "ticket owner" filter for all "History Trend" type reports in Reports->Custom Reports
  • Task: Ability to see software bug related scheduled reports in Reports->Scheduled Reports
  • Task: Ability to filter companies with new filters in Admin->Company menu; license type, status (active/deactive) and license state (not meaningful for intra version)
  • Task: Ability to integrate with NormShield software bug items through SIEM Integration API
  • Task: Ability auto categorize with new criteria; NetBIOS, MAC and FQDN
  • Task: Ability to exclude a label from a scan configuration scope
  • Task: Ability to whitelist nmap parameters used for portmap and asset discovery features (-sL,-sn,-Pn,-PS,-PA,-PU,-PY,-PE,-PP,-PM,-PO,-n,-R,-sS,-v,-sT,-sA,-sW,-sW,-sU,-sN,-sF,-sX,-sI,-sY,-sZ,-sO,-b,-r,-TO,-T1,-T2,-T3,-T4,-T5,--max-rtt-timeout,--max-retries)
  • Task: Ability to see last update dates shown in left bottom of and for all dashboards
  • Task: Ability to switch between dashboards; vulnerability, software bug and compliance
  • Task: Ability to see agent responsible for a scan result in Scan->Scan Configurations listing
  • Task: Ability to exclude assets from a task configuration (Exclude Asset Labels, ve Exclude Assets)
  • Task: Ability to take agent sent supported scan policies into account before giving a due scan to an agent. If an agent doesn't support a scan policy for a scanner, the due scan will be not be fetched to that agent.
  • Bugfix: 3rd party bugbounty hackathon against the software result fixed; a company admin user can delete a report template where in fact he/she shouldn't be able to.
  • Bugfix: Bad performance when deleting assets
  • Bugfix: Missing pre-defined asset matching when CIDR input format is entered creating a new scan configuration through Scan configuration->New Scan.
  • Bugfix: Multiple same label creation due to internationalization I -> i
  • Bugfix: Failed to properly select custom ranges in calendar component
  • Bugfix: Failed to draw web and non-web portmap graphs in Analytics
  • Bugfix: Failed to calculate scope size properly giving error when creating a new scan
  • Bugfix: Failed to match assets for a domainname Nessus scan, failed to import scan results


  • Feature: Software Security Bugs Support. Security (and quality) related static analysis code scan results can now be integrated into NormShield using manual import along side with ticketing flows.
  • Task: Ability to notify if a automatic scan doesn't start in X hours
  • Task: Ability to notify when a periodic scan's repetition count is exceeded
  • Task: Ability to delete vulnerabilities for company admin and company user roles configurable from the Settings page (default false)
  • Task: Ability to categorize assets using the products found on them
  • Task: Ability to see domain details as a panorama page
  • Task: Password policy strengthened with additional rules
  • Task: Ability to provide more classification on custom reports, including; vulnerability, compliance, software bug, summary & infographic, company comparison
  • Task: Ability to import computers as hostname assets from Active Directory
  • Task: Ability to fetch compliance control related findings using SIEM API
  • Task: Ability to audit login history of a user, including the source IP, time
  • Task: Ability to save charts without the Internet activity (HighCharts)
  • Task: Ability to see vulnerabilities, compliance controls and software bugs under one Vulnerability menu
  • Task: Ability to see finding history trends for vulnerabilities, compliance controls and software bugs under related Custom Reports for generic security auditors
  • Task: Ability to see progress, asset summary and compliance control category summary reports under Custom Reports
  • Task: Ability to remove scheduled cancelling/resuming commands when the related scan is completely deleted
  • Task: Ability to see software bugs risk maps along with asset and vulnerability risk maps
  • Task: Ability to see detailed supported scanner files for vulnerability, software bugs and compliance control parties on the "select file to import" dialog under Scan Import
  • Bugfix: Failed to leave vulnerabilities OPEN when an auto scan has failed
  • Bugfix: Failed to create a user with auditor role having no company
  • Bugfix: Failed to set future scan start dates as utc+0
  • Bugfix: Minor JS bugs in portmap charts
  • Bugfix: Failed to show all references in vulnerability detail page
  • Bugfix: Failed to show average numbers on company vulnerability comparison Custom Report
  • Bugfix: Failed to properly show international abbreviated country codes with countries having longer than two short codes
  • Bugfix: Failed to fetch alarms in short amount of time
  • Bugfix: A security related reporting bug has been fixed


  • Task: Ability to use vulnerability IDs and alarm IDs, as well as dates, to request recent vulnerabilities and alarms via SIEM API
  • Bugfix: Failed to send certain vulnerabilities and alarms to SIEM systems


  • Feature: Enhanced automated tasking capabilities, including rich filtering and action criterias for vulnerabilities, compliance controls and alarms
  • Task: Ability to provide more granule TCP/UDP/Discovery parameters for portmap and asset discovery configurations
  • Task: Force root users to change default password at first login
  • Task: Ability to set limits for URL and IP address asset numbers for each company
  • Task: Ability to calculate the scan scope and show notification when creating a new scan configuration
  • Task: Ability to show previous vulnerability status information in the vulnerability history tab when the status has changed
  • Task: Ability to search assets by using new domain and service search filters
  • Task: Ability to add screenshots on editing vulnerability and compliance control interfaces
  • Task: Ability to determine vulnerability source when creating new automatic categorization rules
  • Task: Ability to use FQDN as a trigger criteria for creating new automated tasks
  • Task: Ability to integrate WhiteHat scanner
  • Task: Ability to look at vulnerabilities by assets and by vulnerability category views using TABs
  • Task: Ability to notify user when someone accesses the account from a different IP address
  • Task: Ability to show most recent vulnerabilities on the main Vulnerability Dashboard
  • Task: Ability to list assets by using ports criteria
  • Bugfix: Failed to import valid Nessus scans using Fast Adapt for recurring scans
  • Bugfix: Failed to create valid asset discovery configurations when a given block is not valid
  • Bugfix: A logical bug when presenting the scan calendar
  • Bugfix: Failed to show policies when listing scans
  • Bugfix: Failed to delete a user group without parent group
  • Bugfix: Failed to create port map configurations without using UDP scans
  • Bugfix: Failed to show severity chart in category based vulnerability report
  • Bugfix: Failed to update valid next scan date when scan configuration is set to "every month with same offset"
  • Bugfix: Failed to access any interfaces when an auditor has no company
  • Bugfix: Failed to show all supported agents when creating a new scan configuration
  • Bugfix: Failed to execute column sorting in asset listing interface


  • Feature: Compliance Dashboard for monitoring compliance controls results in one screen
  • Task: Ability to import scanner scan result files periodically from a local directory (C:\NS\Import\{CompanyID} - {CompanyName}\). The directories will be formed automatically
  • Task: Ability to export compliance control lists as PDF, CSV and HTML formats
  • Task: New analytics graphs for compliance
  • Task: New Scan Configuration, Scan Results and Details user interfaces for better, simpler and quicker analysis
  • Task: Ability to prioritize scans with three priority levels; Low, Medium and High
  • Task: Ability to control scan scope size for licensing limitation checks before creating a scan
  • Task: Ability to log old vulnerability status information in vulnerability history tab when the status changes
  • Task: Certain operational processes are added to /api/siem/log for SIEM integration
  • Bugfix: Failed to uniformly present alarm and vulnerability status: FalsePositive->False Positive, Suppress->False Positive
  • Bugfix: Failed to synchronize Re-Opened vulnerability tickets to OTRS
  • Bugfix: Failed to limit asset value length when creating, editing and presenting asset values
  • Bugfix: Failed to present meaningful values for Scan End Time and Scan Scope on Scan Calendar scan details interface
  • Bugfix: Failed to show a newly created scan policy in Quick Scan dialog
  • Bugfix: Failed to sort vulnerability list properly for NS Risk Score
  • Bugfix: Unrecognized expression error when editing a Scan Configuration
  • Bugfix: Failed to change vulnerability status in Scan Result vulnerability list interface
  • Bugfix: Failed to filter assets properly when company is used as filter criteria
  • Bugfix: Failed to activate a deactivated PortMap Configuration
  • Bugfix: Failed to save a PortMap configuration without using any UDP ports
  • Bugfix: Failed to use Fast Adapt when company ID is not used
  • Bugfix: Failed to get assets and vulnerabilities when "all companies" is used as filter criteria
  • Bugfix: Failed to sort label list properly for label names
  • Bugfix: Failed to sort compliance control list properly for asset, insert and update dates
  • Bugfix: Failed to sort alarm type list properly for priority
  • Bugfix: Unnecessary encoding Scan Result description when editing
  • Bugfix: Failed to remove owners from assets
  • Bugfix: Failed to show policies in Scan Configuration List in Policy filter


  • Feature: Company users can be selected as the owner of assets through Asset List & Operations
  • Feature: Users with the auditor role will behave a local root for the company that have been matched.
  • Task: Agents automatically sending supported scan policies to portal
  • Task: Company & License enhancements
  • Task: Determining multiple no scan, aka blackout, periods during, for example, maintenance periods
  • Task: Showing the blackout periods on the Dashboard when active
  • Task: Patch publish date search criteria on Vulnerability List interface
  • Task: Ability to disable to OTP option when creating user if the SMS connection settings is disabled
  • Task: Readonly mode after the license expires
  • Task: Converting multi-select fields to Select2 component
  • Task: Vulnerability and compliance ticket overview summary as Custom Reports
  • Task: The ability compare companies as Custom Reports
  • Bugfix: Failed to check null on Asset Panorama
  • Bugfix: Failed to form a scan-vulnerability relation
  • Bugfix: Failed to check asset label case sensitivity in custom reports
  • Bugfix: Applying overly strict role permissions for Company Admin when editing vulnerabilities and creating users
  • Bugfix: Failed to order top lists in Analytics, report charts
  • Bugfix: Faield to increase HTTP timeout values when sending huge scan results to portal
  • Bugfix: Failed to produce clean PDF reports for huge scans and complex graphics


  • Feature: Compliance Support. Compliance control scan results can now be integrated into NormShield both using manual and automated scanning along side with ticketing flows.
  • Feature: Four new custom reports are added; Management Summary, Asset Summary, Infograph, Category Based Vulnerability Report. Custom reports will be especially useful for information security professionals to impress their upper management.
  • Task: Slight modification in menu structure.
    • Asset & Vulnerability Risk Maps are moved to Report menu under Risk Maps submenu.
    • Compliance Control List and Compliance Control Categories are added under Vulnerability menu.
  • Task: Design change in vulnerability Edit page, now more flexible
  • Task: Filtering scan configurations with Deactivated criteria
  • Task: CSV export of portmap results, including service versions
  • Task: More filtering options in List of Alarms interface (product, service, type)
  • Task: Huge performance improvement when importing enourmous scan reports (> 300MB)
  • Task: Huge performance improvement displaying the UVM Dashboard
  • Bugfix: Periodical bug bounty results are mitigated. Side-note: no rce, no injection, no business logic vulnerabilities found.
  • Bugfix: Failure to export some details of SSL certificates
  • Bugfix: Failure to export SSL grades by issues
  • Bugfix: Failure to normalize duplicate emails when matched with multiple tasks
  • Bugfix: Failure to import Nessus reports with targets given as hostnames
  • Bugfix: Failure to execute and import custom Netsparker reports
  • Bugfix: Failure to include Hostname asset types in the UVM Dashboard All Asset Count



  • Feature: The ability of planning re scans for ticket-assigned users when they fix a security bug and want to test it.
  • Task: Ability to change the periodicity of Auto Recheck Scans from sub-menu Admin->Settings (Company)
  • Task: A new user role where a company admin can be created without any state changing permissions, aka Company Admin Read Only. This would be useful for monitoring needs such as managers.
  • Task: Optional custom XML report output selection for Netsparker from Hotpoint. Custom XML reports produce meaningful mitigation and vulnerability titles as opposed to default XML reports.
  • Task: A new scan report parser for bulk custom vulnerability import, namely NormShield Vulnerability Report Format (NVRF)
  • Task: Redesigned and now even more flexible and quick manual vulnerability insertion interface
  • Task: Adding country telephone area codes in Forgot Password interface
  • Task: Adding recipient email addresses where any state change in a scan will be sent as notifications
  • Task: Adding root cause and category tag search criteria in Vulnerability->Vulnerability Category Filters area
  • Bugfix: Failure to given meaningful error messages when Auto Recheck is disabled for a company but vulnerabilities with Recheck status are wanted to be rechecked by clicking "Start Rechecks" button in Scan->Scan configurations interface
  • Bugfix: Failure to import BADES format report due to host column problem
  • Bugfix: Failure to export vulnerability list as CSV by a Company User
  • Bugfix: Failure to sanitize HTML with older version of used HTML sanitization library


  • Feature: Scan calendar is implemented for auditor convenience of scheduling more reliable vulnerability scans. Scan->Scan Calendar is like a Google Calendar presenting schedules of periodic or non-periodic planned vulnerability scans historically.
  • Task: The interface of entering manual vulnerabilities is now easier and more user-friendly.
  • Task: Intelligence->Portmap Monitoring now includes a sub dashboard, configuration and port list sub interfaces for easier handling
  • Task: Intelligence->Portmap Monitoring->Configurations now supports setting up more than one port scan configuration
  • Task: Intelligence->Portmap Monitoring->Configurations now supports creating automatic vulnerability scan on assets on which new OPEN ports are discovered during port scans.
  • Task: Convenient search filter criteria format for date filters for users using mm/dd/yyyy datetime format
  • Task: Huge performance improvements (~30000 vulnerabilities over 800 assets under 2 minutes) when importing external vulnerability scan results through files. Scan Configurations->Scan Import
  • Task: Parsing ability for Common Vulnerability Report Format (CVRF) is added a few limitations for Scan Configurations->Scan Imports
  • Task: Auto task notification emails content were enriched including the usual notification format
  • Bugfix: Failure to list vulnerabilities using asset labels as search criteria
  • Bugfix: Failure to list assets using asset labels as search criteria
  • Bugfix: Welcome tour is removed for a quick fix preventing endless browser redirect for users with Company User role


  • Task: Notification emails are now sent to the user when his/her password has been changed
  • Task: Export buttons above the tables using jQuery DataTable were removed
  • Task: Asset labels are now filtered according to selected Company in Asset->Assets interface filter area
  • Task: Asset labels are now filtered according to selected Company in Vulnerability->Vulnerability List interface filter area
  • Task: File import interface was unified by adding an UPLOAD button in Scan->Scan Results->Vulnerability List-> File Import interface
  • Task: SSL performance issues (not security issues) were removed from SSL grading, weights were redistributed
  • Task: Portal performance issues after login when displaying the Dashboard
  • Task: CEF format has been changed to support port and status WITH different field names
  • Bugfix: NormShield Hotpoint Open File dialog has been changed to SaveAs File Dialog when CollectLog is clicked to save log files for analysis
  • Bugfix: Failure to start NormShield Hotpoint service after update due to configuration parse exception. Non-existence of POLL_PERIOD_FOR_NSHOSTNAMEFINDER key in Common.Config
  • Bugfix: Failure to handle various Nexpose XML report files
  • Bugfix: Failure to handle empty audit or empty vulnerabilities in Nipper XML report files
  • Bugfix: Failure to see scanner name in filter combobox under Vulnerability->Vulnerability List interface when an XML report for that scan is uploaded for the first time
  • Bugfix: Failure to calculate same offset date when creating a new scan with a period of "... with Same Offset"


  • Feature: A new agent is added to Hotpoint for periodically discovering hostnames from IP addresses
  • Task: Asset hostnames are added to Vulnerability Lists interface
  • Task: The management of Vulnerability Aggregation is changed to be easier to handle
  • Task: The ability to delete older scans for Nexpose, OpenVas and Arachni is added.
  • Bug fix: A bug in Task execution prevented the related task to execute fixed
  • Bug fix: An anomaly of taking some of the IP addresses as domain names fixed.


  • Task: Fine grained management of scans' status. The ability to stop.
  • Task: Added public/private scan policies.
  • Task: E-Mail template is moved to application itself, as opposed to Ns directory.
  • Task: Ability to select more than one scan profiles for a company.
  • Task: Original severity information is added to Vulnerability Knowledge Base
  • Task: OnHold status is added to individual vulnerabilities.
  • Bug fix: Failed to scan vulnerabilities with Recheck status.


  • Task: Ability to select scan policies as private or public.
  • Task: Patch Publish Date is added to Vulnerability Details interface.
  • Task: NULL SSL cipher algorithms are added to SSL Grading agent.
  • Bug fix: SSL certificate monitoring couldn't fetch certificates of SSL enabled sites with 40x, 50x errors.


  • Task: Support for Qualys VM scan xml output reports is added.
  • Task: OTRS ticketing service integration is added.
  • Task: Support for selecting specific day (such as first Sunday of every month) for scheduled scans.
  • Task: Top 10 labels shown in Asset Groups Risk Map chart on Dashboard.
  • Task: Severity is added on the vulnerabilities listed on Scan Results interface.
  • Task: Hostname is added on the Vulnerability Panoroma (vulnerability details) interface right under the IP address.
  • Task: Is Exploitable search filter is added on Vulnerability List interface.
  • Task: Automatic scan of vulnerabilities with Recheck status can now be disabled under company settings.
  • Task: The duration of the scan is added under Scan Results interface.
  • Task: Email notifications can now be completely disabled for a specific under Users edit dialogs.
  • Bug fix: Timezone prevented importing vulnerabilities through Fast Adapt.
  • Bug fix: PDF generation resulted in producing very small report.
  • Bug fix: Double HTML encoding in vulnerability titles imported from BADES format.


  • Task: Adding descriptions to Scan policies is now supported. These descriptions are shown when selecting a policy during scan configuration creation.
  • Bug fix: Tasks interface couldn't be reached.


  • Feature: Arachni web scan automation is implemented but not activated.
  • Task: Sending alarms code-base is refactored.
  • Task: Arachni v1.4 XML report support is added.
  • Bug fix: Localized regional settings created problems when parsing CVSS decimal point scores. Fixed by defaulting to English format.


  • Feature: Unreachable/Unresolved assets are delivered after every successful automated scan including Acunetix, Netsparker, Nexpose, Nessus and OpenVas.
  • Feature: DateFormat is added for all users as a setting option for localized DateTime viewing
  • Task: The scan report titles are changed to "NormShield Vulnerability Scan Report". It was "NormShield Penetration Test Report"
  • Task: Periodic scans can now additionally be scheduled for 3 and 6 months
  • Task: Alarm detail interface is structured and now in align with both Vulnerability and Asset detail interfaces
  • Task: Writing automatic categorization rules are enriched by using Port, Service for assets and Severity for Vulnerability Categories as rule criteria
  • Task: Source search criteria is added to Vulnerability List interface
  • Bug fix: CVS exports fail to be in well-formatted due to unexpected " and newline characters.
  • Bug fix: SSL expiration tables in Charts menu fail to show days as floating points.


  • Feature: Automatic categorization of assets, vulnerability categories is implemented through the use of flexible rule writing
  • Feature: Recheck button on scan configuration interface for immediate execution of scans on assets having vulnerabilities in recheck status for root users
  • Task: Ability to manually lock users
  • Task: New Open & Closed port alarms are replaced with "New Ports Open" alarms
  • Task: HTML support when entering comments to vulnerabilities with applying HTML encoding when displaying
  • Task: Dashboard is automatically refreshed in 5 minutes to better support displaying on big screen monitors for SOC
  • Task: Ability to change status of multiple vulnerabilities on scan results user interface
  • Task: Ability to enter comment for multiple vulnerabilities on scan results user interface
  • Task: An alarm email is started to being sent when a user with root role is created
  • Bug fix: Netsparker custom report XML fails for certain URL scan. Custom report support is removed.


  • Task: Improved asset discovery with the ability to choose different agents for both discovery and scan actions. The process is also improved for big networks allowing authorities to limit the execution time of both discovery and scan actions.
  • Task: The ability to search vulnerabilities, vulnerability categories and vulnerabilities of a scan result with excluded keywords, such as "Microsoft !Windows" in order to find vulnerabilities including keyword Microsoft but not Windows
  • Task:The ability to fetch more information of an SSL certificate, including its whole chain and subject, country and state
  • Task:The ability to fetch and list accepted cipher suites for an SSL enabled asset on the Asset Panorama page.
  • Bug fix: Minor bug fix for the login process
  • Bug fix: Failure to show the right minimum severity threshold for a company admin user in the Company Settings page.
  • Bug fix: Minor bug fix on the list of Assets page not correctly ordering according to number of vulnerabilities column.
  • Bug fix: Minor bug fix on the output of Nexpose scans, removing new lines and tab characters.


  • Task: The ability to manage multiple OpenVas scanners from a single Hotpoint NormShield agent
  • Bug fix: Failure to choose specific agents in asset discovery process
  • Bug fix: Failure to update vulnerabilities' statuses of an unreachable/closed targets


  • Task: The ability of editing vulnerabilities even if they are inserted automatically or uploaded through scan imports
  • Bug fix: Minor bugfix in Netsparker automation


  • Feature: A basic NormShield welcome tour for the beginners
  • Feature: OpenVAS and Nexpose automation
  • Feature: Nipper and WPE scan xml and BADES report excel support
  • Feature: Managing scan policies via scan profile abstraction
  • Feature: Exporting alarms as CSV
  • Bug fix: Bugs in Nexpose and OpenVAS scanner XML parsers
  • Bug fix: Bug in inserting multiple ports for a single vulnerability


  • Feature: Support for JIRA and BitBucket
  • Task: Ticketing API improvements
  • Bug fix: Bug in vulnerability scan importing. Some of the automatically generated vulnerabilities weren't get inserted properly.


  • Bug fix: Bug in better scan load-balancing on Agents
  • Bug fix: Bug in AD user importing


  • Feature: New asset types are added; Hostname and Other in addition to IP and URL. By Hostname asset type dynamic IP changing clients will be able to scanned historically. By Other asset type design vulnerabilities will be able to inserted such as design issues.
  • Task: Abilities to query Active Directory users and transfer vulnerabilities in vulnerability detail screen.
  • Task: Ability to import huge (max 700MB) scan report XML files
  • Task: Removing the asset creation limitation (was 255 assets) in one run to
  • Task: Asset search criteria enrichment with MAC/OS/FQDN(hostname)/IP
  • Task: Better scan load-balancing on Agents by distributing assets to scan buckets
  • Task: E-mail sending options added for Alarm types
  • Task: Alarm SIEM integration; A new Alarm API served on the portal and Agent ability to send Alarms to syslog servers.
  • Task: A single stand Alarm detail screen.
  • Task: Enriching the scan result e-mails including the names of vulnerabilities found.
  • Bug fix: On navigating tables, when an Edit dialog box is closed the screen will not go back to the initial navigation.


  • Bug fix: Some of the "Company User"s can't see the tickets assigned to them because of case sensitivity in their usernames.


  • Ability to query Active Directory users and assign vulnerabilities without first defining them.
  • Granular and easy module and alarm management.
  • Ability to edit MAC addresses and showing MAC Vendor names when listing and CSV exporting assets.
  • Better SMS integration through general settings.
  • Bug fix: Ability to listing huge number of assets by increasing JSON serialization maximum size value




  • Ability to add "Root Cause" to vulnerability categories apart from classic the vulnerability category tags. This vulnerability category tagging feature (root cause or generic) opens the possibility to show off what has to be done to upper management via graphics
  • New, slick, state-of-the-art graphs... Lots of them...
  • A brand new Dashboard.
  • Multiple scanner output support. Manual historical import of XML outputs of Nessus, Acunetix, Netsparker, IBM AppScan, Arachni, Burp, Nexpose, Openvas and Owasp ZAP without creating any scan.
  • Bugfixes...


  • Fast adaptation for companies with historical support using other vulnerability scanners, in short and in other words, scanner synchronization.



  • IP address value is made editable now for an asset.
  • An additional colon is added to asset list with name Extra, including OS, FQDN & IP information if they exist.
  • The above fields are also added to CSV export.
  • Status filter is added into the Asset Panorama tabs.
  • Port field for a vulnerability is now editable with comma (,) to include several vulnerabilities on different ports to exists as a single vulnerability.
  • Vulnerabilities can now be copied into other IP addresses flexibly and easily.
  • Manual analysis phase for a scan is now optional and chosen to be effective when creating a scan.
  • Scan menu is now divided into two; Scan Results and Scan Configurations. The first one instantly shows the results of the scans and the latter one is solely for scan configuration.
  • Bug fixes...



  • Inbox page is implemented for logged-in users.
  • CSV Export is implemented for Vulnerability Lists.
  • SLA calculations, alerts and pre-alerts are implemented.
  • Auto refresh for Agent and Scan pages is implemented.
  • Bug fixes...
Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request


Please sign in to leave a comment.
Powered by Zendesk