BreachLock NGPTaaS v4.2.0: Enhanced Reliability, Greater Transparency, and Seamless Integration

Every BreachLock Unified Platform release is designed with one goal in mind, which is to make security testing simpler, smarter, and more transparent for clients. Earlier this month, we introduced a handful of major advancements with the release of NGPTaaS v4.1.0, which most notably added automated pentesting capabilities for Mobile, Cloud, and AI assets, significantly increasing coverage, flexibility, and consolidation potential for users.

With NGPTaaS v4.2.0, released October 7th, we introduced upgrades that enhance reliability, visibility, and integration management, providing even more control over your attack surface management and penetration testing operations. Read on to learn about what’s new with NGPTaaS v4.2.0.

Live Feed for Domain Change Detection

BreachLock just made continuous discovery more dynamic for platform users, enabling real-time discovery of subdomains on users’ existing domain(s).  
Users can now view and manage detected domain changes through an interactive Live Feed panel. The new live feed panel can be found under “Alerts and Notifications” by clicking the bell icon at the top right corner of the platform, followed by “Live Feed”.

Each discovery appears as a card with domain details, change type, and discovery timestamp, with the option to accept or reject, carrying over the newly discovered changes into your asset inventory.

• Accept: Adds newly discovered subdomain to your asset inventory as an Active Asset tagged as ‘New Discovered’.
• Reject: Stores subdomain as an Inactive Asset.

This new feature ensures your external attack surface remains up to date as new subdomains appear without losing control of which assets enter your active asset scope.

More Transparent Subscription & Credit Usage Tracking

NGPTaaS v4.2.0 makes it easier for users to track credit consumption and manage their subscriptions with greater transparency.

BreachLock clients can now easily view remaining penetration test credits and scan credits in real time, displayed as a fraction of the total amount of credits they purchased. Credits are broken down by asset type for both penetration tests and scans to quickly give users a complete overview of what’s in scope. Users can also see the dates their subscription is valid for and the total credits purchased with their subscription(s).

Clients can navigate to this tracker by clicking on ‘Settings’ on the navigation menu on the left-hand side of the platform, followed by ‘Organization’.

Enhanced Scan Profile Selection

BreachLock NGPTaaS v4.2.0 introduces enhanced scanning profile selection capabilities that help users easily tailor the breadth and intensity of assessments depending on use case and target assets.

Currently, available scanning profiles include:

• Default Scan: This pre-selected profile is optimized for production systems, delivering non-invasive scans using safe, read-only methods to detect common and critical vulnerabilities accurately. This is ideal for routine security checks to ensure no changes have negatively impacted the security of users’ systems.
• Extensive Scan: This high-coverage scan profile uses heuristic and experimental checks to detect edge-case vulnerabilities and misconfigurations. Broder, yet still non-invasive by default, the extensive scan profile is ideal for deeper testing or staging environments. 
  These options empower security teams to balance safety and depth without compromising accuracy.

Easily Generate Letter of Attestation

Clients can now generate Letters of Attestation (LoA) directly from the BreachLock Unified Platform following each penetration test under the ‘Reports’ module, accessible from the left-hand navigation menu. This simple, yet impactful new capability streamlines compliance and reporting, saving users the time and hassle of manually requesting documentation from a project manager.

With a few clicks, customers can produce audit-ready proof of testing to share with stakeholders, vendors, or regulators without exposing sensitive details from the full penetration testing report.

Integration Enhancements

Integrations continue to grow and evolve as a core strength of the BreachLock Unified Platform. BreachLock introduced two new integration updates with NGPTaaS v4.2.0:

• Vanta: Users can now seamlessly push pentest reports to Vanta to streamline compliance workflows and maintain continuous audit trails.
• Jira Priority Mapping: Vulnerabilities now automatically align with users’ existing Jira board priorities for consistent and accurate issue tracking.

These enhancements improve users’ ability to align BreachLock tools and findings with broader security and compliance ecosystems.

Detailed Scan History Logs

With NGPTaaS v4.2.0, BreachLock has enhanced scan history across the platform to include detailed logs for better visibility and troubleshooting. Log history includes details such as:

• Log Execution ID
• Execution Statuses (Pending, Queued, Running, Completed, Failed) along with timestamps
• Failure transparency, including reachability checks, authentication results, and clear failure reasoning

Logs are available across all supported scan types, ensuring a unified way to review scan activity. They can be accessed in the scan console under the ASM module by selecting a scan name, followed by clicking ‘View Logs’. This level of transparency helps teams verify scan reliability and diagnose issues faster than ever.

In addition to the major changes highlighted in this blog, there were also minor enhancements made to simplify navigation and improve visibility of integrations on the main menu, as well as minor API scan handling and usability refinements.

Looking Ahead

NGPTaaS v4.2.0 reinforces BreachLock’s commitment to making penetration testing more continuous, actionable, and aligned to real-world security operations. NGPTaaS v4.2.0 gives teams sharper visibility, streamlines compliance, and enables more connected workflows, all while reducing the operational burden of traditional pentesting even further.

As adversaries evolve their techniques and organizations accelerate cloud, API, and AI adoption, BreachLock continues to deliver smarter automation, broader integrations, and greater transparency, so teams can move faster from discovery to prioritization and remediation.

See how BreachLock makes penetration testing faster, more scalable, and easier to act on. Book a demo today!

Author

BreachLock Labs