Penetration Testing Services Cloud Pentesting Penetration Network Pentesting Application Pentesting Web Application Pentesting Social Engineering September 8, 2025 On this page BreachLock NGPTaaS v4.1.0: Expanded Asset Coverage, More Clarity, and Less Complexity Following the July 2025 release of NGPTaaS v4.0, which delivered major upgrades in vulnerability context, AI pentesting workflows, platform scalability, and UX, BreachLock is now introducing NGPTaaS v4.1.0. This latest release, pushed out on August 27, 2025, introduces new features and enhancements that strengthen PTaaS authentication workflows, expand ASM scan capabilities, improve reporting capabilities, and streamline access and role management. Most notably, BreachLock introduced automated pentesting capabilities for Mobile, Cloud, and AI assets, significantly increasing coverage, flexibility, and consolidation potential for users. Users will also benefit from significant UI/navigation improvements, scanner upgrades that cover extensive use cases and scenarios that other tools fail to detect, and the integration of BreachLock AEV into the BreachLock Unified Platform in NGPTaaS v4.1.0. Read on to explore how these new features, improvements, and integrations boost visibility, scalability, and usability across both penetration testing and attack surface management for BreachLock users. ASM Asset Coverage Expansion NGPTaaS v4.1.0 offers broader asset coverage for scanning and reporting capabilities, including mobile, cloud, and AI assets. This expansion of ASM’s coverage across modern digital assets enables teams to discover risks and generate comprehensive, actionable reports across more complex IT environments. 1. New Tabs on Asset Discovery Page With the asset discovery page, organizations gain a single pane view of their entire attack surface, now including Mobile, Cloud, and AI assets. As shown above, users will notice three new tabs at the top of the Asset Discovery page: Mobile Apps: Shows the mobile assets, including Package ID, Store Link, Domain, Risk Score, and Status Indicators. Cloud Assets: Displayed by account type (AWS, Azure, GCP), risk indicators, and deep-dive configuration views. AI Assets: Metadata with Model information and Details for checks executed during the scan. Users can easily navigate between diverse asset categories. 2. New Scan Types Mobile Scan Users now have the ability to run or trigger/schedule scans on mobile assets from the Run Scan module. NGPTaaS v4.1.0 supports this feature for both Android and iOS applications, and like other asset types, report generation is now available for mobile apps that have been scanned. Cloud Security Assessments Users can now run or schedule/trigger cloud security assessments on major Cloud Service Providers, staying compliant with permitted services for testing, including AWS, Azure, or GCP. As displayed above, NGPTaaS v4.1.0 allows users to configure scans based on the type of cloud environment. The BreachLock platform also now generates dedicated cloud security assessment reports. AI Scans BreachLock has introduced AI Scans in NGPTaaS v4.1.0 for AI Model testing. This new feature offers support for OpenAI models (via model name + API input for interacting with the AI Model), as well as dedicated reports for scanned AI models with detailed findings and insights. With these additions, BreachLock attack surface management capabilities are more comprehensive than ever, covering the modern enterprise technology stack from end to end. PTaaS Enhancements: Smarter Testing and Smoother Workflows 1. Authentication Flexibility Across Multiple Assets As shown above, BreachLock users can now add and manage multiple authentication profiles, whether using basic authentication or a login sequence, for any individual asset during pentest creation or editing. Users can assign different authentication profiles to different assets in the same penetration test and select which profile to use for each scan. This improvement enables realistic testing of multi-app environments, reducing setup complexity and ensuring that each application is tested with the correct authentication flow through multiple profiles, assessing security around access controls, privilege escalations, and other OWASP categories. 2. Transparent Scope Visibility A small, yet impactful improvement that users will notice in NGPTaaS v4.1.0 is that assets in the scope of existing tests are now clearly displayed under pentest details. Users can easily add or remove assets from here for better scope management. This not only improves scope transparency but also simplifies the process of making adjustments for users. 3. Streamlined Pentest Creation Flow Asset Inventory-related actions (Activate/Deactivate, Add/Edit) have been removed from the pentest creation flow to keep the pentest workflow dedicated to scope and configuration. Inventory management is now exclusively in its own module, reducing distractions, avoiding accidental asset edits, and providing a smoother pentest setup experience. 4. CSV Export for PTaaS Vulnerabilities BreachLock now enables CSV exporting for PTaaS vulnerabilities, including unpatched, patched, and archived vulnerabilities. This improvement gives users the flexibility to analyze, share, and track remediation progress offline, ensuring smoother collaboration with stakeholders outside the platform. API Assessment Reporting Enhancements With NGPTaaS v4.1.0, BreachLock enhances reporting to make it faster and easier for security teams to extract, share, and act on insights and findings. Here’s what’s new: 1. Unified Testing Methodology for API Scans and Pentests Testing methodology is now aligned across both API Scans and API Penetration Testing, ensuring consistency in assessment techniques, coverage, and reporting. 2. Option to Download Reports While Previewing This simple UI improvement in NGPTaaS v4.1.0, as shown above, enables users to download reports when previewing them in the BreachLock platform. This allows users to review reports offline before sharing, reducing duplicates and preventing confusion over which version to use. Reports can also be downloaded in both CSV and PDF formats for quick access to vulnerabilities identified in pentests. Productivity Upgrades Across Inventory & Collaboration 1. Bulk Tagging NGPTaaS v4.1.0 enables users to add or remove tags across multiple assets at a time in the asset inventory module. Users can simply select multiple assets in their inventory and apply or remove a new tag on all of them simultaneously. Existing tags will remain unaffected by both of these functions. With flexible tagging—by type, geography, business unit and many more — users can organize assets into logical groups to streamline scans, reports, and vulnerability tracking within the platform. 2. Comments Module Improvements With NGPTaaS v4.1.0, users can now filter comments by created date within a selected range, refresh comments while retaining active filters, filter comments by read or unread status, and select multiple filters (e.g., status, module, and category). The new and improved comments module also reopens closed threads automatically if any new activity occurs. These improvements help security teams operate with greater speed and efficiency. UI & Navigation Enhancements To improve usability further, BreachLock has introduced thoughtful UI refinements, which include: Northeast arrow icons (↗) now indicate external actions that will open a new tab for better clarity. A clickable breadcrumb trail offers clearer context and easier movement across navigation levels. Web & API Scanner Improvements NGPTaaS v4.1.0 offers better redirection handling, testing, and use case coverage, and API reachability checks for web and API scans. The platform now supports testing web applications that have third-party redirections. It also offers expanded scan coverage by enhancing existing testing scenarios and adding new scenarios. The API scanner has also been improved, with upgraded logic for verifying API reachability and ensuring more accurate scan results. AEV Integration NGPTaaS v4.1.0 now offers direct access to BreachLock Adversarial Exposure Validation (AEV) via SSO for subscribed customers. This direct access strengthens exposure validation workflows and enables users to consolidate their solutions within a single platform for easier management. What These Improvements Mean for Security Teams With NGPTaaS v4.1.0, BreachLock continues to push the boundaries of what Penetration Testing as a Service (PTaaS) and Attack Surface Management (ASM) can deliver in a single unified platform. From authentication flexibility and expanded asset coverage to streamlined reporting, collaboration, and AEV integration, this release is designed to help security teams move faster, stay organized, and focus more of their energy and resources on reducing risk/ As enterprise environments continue to evolve and grow more complex with mobile, cloud, and AI assets, BreachLock is committed to keeping clients ahead of attackers with flexible, scalable, and continuously improving offensive security solutions. NGPTaaS v4.1.0 is another step forward in making security testing more scalable, efficient, and impactful. Ready to explore the new features? Log in to your BreachLock portal or reach out to our team for a personalized walkthrough of NGPTaaS v4.1.0. Author BreachLock Labs Industry recognitions we have earned Tell us about your requirements and we will respond within 24 hours. Fill out the form below to let us know your requirements. We will contact you to determine if BreachLock is right for your business or organization.