Release Date: 23 December
Version 6.2
Introducing ThingsRecon Version 6.2
This release focuses on improving visibility into supplier risks, enhancing cyber hygiene intelligence, strengthening discovery capabilities, and delivering UI improvements that streamline workflow efficiency. Several new indicators, sorting enhancements, export options, and usability upgrades aim to provide clearer prioritization and faster access to actionable insights.
Cyber Hygiene Indicators
Cyber Hygiene Insights for Suppliers:
Cyber hygiene indicators, along with supporting evidence, are now available directly within supplier profiles.
Dashboard Display:
The dashboard now also shows the latest cyber hygiene test indicators, offering immediate visibility into the most recent assessment.
Expanded Pop-In View:
A new cyber hygiene pop-in provides:
- Detailed hygiene information
- Associated evidence
- A list of hygiene-related issues for deeper investigation
New Cyber Hygiene Tab:
Supplier profiles now include a dedicated Cyber Hygiene tab, consolidating all hygiene-related intelligence in one place.
Issues Enhancements
Severity Highlighting
The top ten highest-severity issues are now visually highlighted with a « Fix Now » flag, allowing users to immediately recognize the most urgent problems across each thing type.
New Discovery Indicators
Wildcard Certificate Detection
A new discovery indicator identifies the presence of wildcard certificates, helping assess potential security exposure or misconfiguration.
A wildcard certificate is an SSL/TLS certificate with a wildcard in its Common Name (e.g., *.example.com) that secures multiple subdomains. While it simplifies deployment, it also increases cybersecurity risk: compromising the certificate’s private key can expose all subdomains it protects.
Internal and External Script Detection
New indicators reference internal vs. external scripts, contributing to security posture and supply chain trust assessments.
An internal script is a JavaScript file hosted on an organization’s own domains and treated as part of its internal environment, even if originally third-party. It may appear across multiple applications due to shared hosting within the organization’s infrastructure.
An external script is a JavaScript file used by an organization’s applications but hosted on third-party infrastructure, placing it outside the organization’s control.
New Hygiene Indicators:
- unsecureCookie
- missingHttpOnlyCookie
- noneSameSiteCookie
- overlyBroadDomainAttributeCookie
- pathTooBroadCookie
- storingSensitiveDataCookie
- outdatedSoftwareComponent
- sslServiceAlpnMisconfiguration
- sslServiceDeprecatedTlsProtocolEnabled
- sslServiceMissingModernStrongCiphers
- sslServiceMissingTls1.3
- sslServiceTls1.2WithCbcCipher
- sslServiceTooManyAcceptedCiphers
- sslServiceWeakCiphersEnabled
- dnsRecordDanglingDns
UI Usability Improvements:
New Export Options:
Export functionality has been added to the issues view for both Discovery and Supply Chain, enabling easier reporting, actioning and offline analysis. Users can now export data from:
- Issues table view
- Supplier profile view - Cyber Hygiene tab
Bug Fixes & Minor Improvements:
This release also includes:
- General UI refinements
- Performance improvements across several modules
- QA automation enhancements
- Improvements to supplier business data accuracy and reliability
Read more from our team in the ThingsRecon blog
Was this article helpful?
That’s Great!
Thank you for your feedback
Sorry! We couldn't be helpful
Thank you for your feedback
Feedback sent
We appreciate your effort and will try to fix the article