Invicti Enterprise On-Demand 19 Jul 2022

This update includes changes to the internal agents. The internal scan agent’s current version is 2.0.2.147. The internal authentication verifier agent’s current version is 2.0.2.147.

NEW FEATURES

IMPROVEMENTS

  • Enhanced the Discovery Service to detect more relevant web applications.
  • Improved the Late-Confirmation Storage Mechanism to lower disc usage.
  • Improved the rate limit for the All Issues API endpoint.
  • Added an API endpoint to better understand how many websites each user scanned.
  • Added raw scan file expired status to the Scan Failure Reasons.
  • Added the IsEnabled API endpoint for the OAuth2 setting.
  • Updated the icons on the Trend Matrix page.
  • Added logs to scheduled scans to identify the license issue when the scan couldn’t be launched.
  • Improved the internal agent to check whether OAuth2 is enabled or not.
  • Improved the Activity Log to include information on vulnerability profile changes.
  • Improved the Scan Profiles API endpoint to include information on the imported URLs.

FIXES

  • Fixed a bug caused by special characters that affected the Out of Scope node.
  • Fixed a bug that caused the OAuth2 settings to disappear after being saved in a scan profile following enabling and disabling operations.
  • Fixed a bug that throws errors on the summary page for technologies links.
  • Fixed the issue that IP Address Restriction is not working on API access.
  • Fixed an issue that shows the same vulnerabilities more than once in the scan summary reports.
  • Fixed a bug that shows the soft-deleted scan policies when their URL is entered.
  • Fixed a bug that prevents notifications from appearing on the user interface when data size is exceeded.
  • Fixed imported links DLL mismatch problem for Postman and GraphQL.
  • Fixed a bug that shows an empty list of possible GraphQL endpoints in the Security Checks list.
  • Fixed a bug that throws 500 Internal Server Error returns upon the “GET issues/addressedissues” API call.
  • Fixed a bug that throws 500 Internal Server Error returns upon the “GET /issues/todo” API call.

REMOVAL

  • Removed the Ignore these extensions field from the scan policies page.