Invicti Enterprise On-Demand 20 Jan 2022

This update includes changes to internal scan agents. The internal scan agent’s current version is 2.0.2.135.

IMPROVEMENTS

  • Added a condition for team members when sending an email notification.
  • Added a condition when sending an email notification for Out-of-Date Technologies to customers.
  • Improved the importing of RAML files includes other files.
  • Updated the Freshservice integration not to send a user agent header.
  • Improved the API responses by adding model mapping for AuthenticationProfileOption and AuthenticationProfileId.  
  • Added a message to the Jira integration to show that the integration is created successfully.  
  • Added an error message for invalid component value of newly created Jira integration.  
  • Improved the pop-up message that warns users that they share the report with a person from the outside of the organization.  

FIXES

  • Fixed an issue that prevented keywords from being refreshed when the login required URL is changed on the Login Verification window.
  • Fixed a misspelled word on the GraphQL Introspection window.
  • Fixed a bug that prevented each website using its own default scan policy when a scheduled group scan is launched.
  • Fixed the issue where the client-side cookies were not excluded correctly.
  • Fixed an issue with latestVulnerabilityStatePointId values that return errors on the Issues/To Do and Issues/All issues.  
  • Fixed an issue that shows a two-factor authentication warning message for provisioned team members with Okta.
  • Fixed an information message that uses the word “notification” although the message is about the integration.  
  • Fixed an issue in DefectDojo, YouTrack, and TFS integration that refreshes the New Integration page when a custom field is added and the user selects the Create Sample Issue button.  
  • Fixed an issue that shows extra leading white space in the console of the Website page.
  • Fixed the issue with the Missing XSS protection Header in the Out-of-Scope link.
  • Fix the issue that prevents the built-in scan policies from being updated when there is a new update for the On-Demand version. 
  • [INTERNAL AGENTS] Fixed a request payload when the Agent sends big scan data.
  • [INTERNAL AGENTS] Fixed OAuth2 verification that fails due to the OTP settings model being null.
  • [INTERNAL AGENTS] Fixed the scan error on completion issue because of crossthread error by moving to ConcurrentDictionary.