Invicti Enterprise On-Premises 01 Apr 2021

NEW FEATURES

• Added Invicti Shark that enables Interactive Application Security Testing (IAST)
• Added the ability to execute Custom Scripts for Security Checks
• Added the ability to edit wordlist entries in the Forced Browsing
• Added the integration with CyberArk Enterprise Password Vault
• Added the Scan Profile column to the Recent Scans window

IMPROVEMENTS

• Improved the visual elements of the dashboard
• Improved the performance of the Technology Dashboard
• Added the ability to create new SSO users via API
• Added the ability to get a team member’s last login timestamp via API
• Added the Website URL filter to the Scheduled Scans page
• Improved the performance of the Sitemap
• Updated the Name Id Policy value for SAML as the email
• Added the ability to delete the Website Groups with ID API Endpoint
• Added the Next Execution Time tooltip to the scheduled scan
• Added the Scan Profile Name information to the Scan Task Groups in the Website Dashboard
• Added the ability to save the Privileged Access Management integrations without testing
• Fixed the scan failed errors
• Added the title fields for Vulnerability List items
• The delete button is disabled for system notifications on the Notifications page
• Added the ability to assign scans to internal agents via scheduling
• Removed all (encrypted and cleartext) authentication credentials on the API responses
• Minor revision changes will also trigger agent auto-updates
• The downloaded agent log file is named agentlogs.zip
• Improved the stabilization of the agent state transitions

FIXES

• Added Script Engine Type to the Authentication Verifier
• Fixed the request agent logs bug
• Fixed handling authentication tokens while executing the form authentication
• Fixed the issue where the wrong vulnerability database version was displayed in the agent info
• Fixed the scan session null error
• Fixed the bug in the scan policy optimizer wizard tree
• Fixed the issue where users cannot create a custom script in a three-legged OAuth2 Authentication
• Notification events require appropriate permission
• Added Scan Profiles, Scans, and Scheduled Scans’ links while deleting the scan policy
• Fixed XSS for Jira and Pivotal Tracker integrations
• Fixed NullReferenceException while exporting scans from Invicti Standard to Invicti Enterprise
• Fixed an issue about a scan that is not matching with the agent which is in the selected agent group
• Fixed the scan policy cloning bug
• Fixed an issue where the View Scan Reports and Manage Issues (Restricted) options under the Scan Permission are not saved while creating new members
• Fixed the text problem in the information of the Technologies Dashboard User Interface
• Fixed an issue where users cannot save an empty Excluded URL field
• Fixed an issue where scan policy and report policy drop-down appear blank while editing the scheduled group scan
• Fixed a bug that occurs while deleting the scan profile
• Fixed the form authentication fields encryption
• Fixed the loading problem of default scan profile selection
• Fixed the Pre-Request Script Error on Scheduling Scan
• Fixed Exclude Addressed Issues on the Export Report
• Fixed usage report page style problem