Some Merits, yet not the best Execution
It's got its merits, yet it has a poorly designed UI/UX which makes it look very basic, plus the flow is not well though out, and report needs more detail especially in some instances on why a risk was classified as a risk and potential actions.
Do you have a list of all the checks, as does it check Security Headers (HTTP Headers), SQL Injections/XSS/CSRF etc... as it seems to have covered a lot, yet not all areas of CyberSecurity, do you have a Roadmap?
It also mentions ensure your software is upto date, yet does it or will it detect versions and report it in the future...?
ISSUES
đź’ Risks:
It reports on what it finds, yet it doesn't always verify if it is a risk for the current domain; it some instances, it's more like, this is a potential risk - really needs a way to mark off risks or atleast have comments.
đź’ SSL Certificate:
I got a "Not Detected" for one of my domains SSL Cert, yet it has one and SSLLabs can detect it.
đź’ Report PDF Export:
The report visuals are pixelated, with some misalignment and missing images.
đź’ Cyber Angels Logo:
From page 2, the Cyber Angels logo is shown next to the heading and my domain. Why? Move your logo up and use two different blues to show your branding and then the domain, as my domain is not associated with your company. It will also make it easier to read.
đź’ Chrome Browser:
Gives error below, tried cache, updating etc so Used Firefox instead...
app.cyberangels.io uses an unsupported protocol.
ERR_SSL_VERSION_OR_CIPHER_MISMATCH
Suggestions
đź’ Tasks List:
I would like an actionable checklist. âś…
đź’ False Positives:
I would like to be able to remove false positives from reports ❌ or add comments...
đź’ Not Covered:
Add to the report for things not caught as not everything is yet covered.
đź’ Table of Content:
So you can skip all the fluff. đź“‘
đź’ Section Overview:
I would prefer an overview (4 circles) for each section on the summary page, with links to each section of the report.
đź’ Who is the report aimed at?
It feels like a mix between Management and experience System Admin who knows what to do - need to pick.
I would suggest a Summary Page (Man.) and a Full Report (Sys-Admin) with more information on actions for less experienced Sys-Admins/IT Depart...
Andrea_Cyberangels
Jun 26, 2024Please remember the following text:
Thank you, Lionel, for your review. I appreciated the time you took to be precise and helpful not only to other potential users but also to our team. We are going to take your feedback into higher consideration: a few of the issues you highlighted are already addressed in our short-term backlog. Our roadmap is public here: https://cyberangels.productlift.dev/. We have had some team issues in the last 6 months so we slowed down the development, but now we are finally back to full business and ready to transition from "Some merits" to "Great execution."