Acunetix 360 On-Demand 17 Jan 2023

This update includes changes to the internal agents. The internal scan agent's current version is The internal authentication verifier agent's current version is

New features

  • Added the ability to run a scanner agent for the OpenShift environment.
  • Added a scan control center to suspend all scans, and pause and resume all scans when needed.
  • Added control for login and logout during vulnerability retest.


  • Improved the Invicti web application performance.
  • Improved the ServiceNow Incident Management integration.
  • Improved the detection of whether the Jira instance is on the cloud or on-premises.
  • Improved the Jira integration to add the Affected Versions as an option.
  • [Early Release] Change the Second Level Domain option on the Discovery Service to disabled by default.
  • Change the icon of the vulnerability list for website groups on the Reporting page.
  • Added the keep connection alive message between Invicti Shark (IAST) and the web application scanner to keep the connection alive.
  • Improved the vulnerability report in which any credit card information is masked.
  • Added the Authentication Verifier Service’s IP address to the setting to prevent it from being affected by the IP Restrictions.
  • Improved the agent’s configuration file to specify a folder where the agent’s scan data is to be saved.
  • Improved the API endpoint to create team members and update their information.
  • Added the last revived date parameter to the All Issues API endpoint.
  • Improved the maximum scan duration detection.
  • Updated the TeamCity plugin that requires the Server URL and Domain URL to be the same.
  • Added the GUID control before getting the integration id to prevent any issue in the flow.
  • Improved the scanning of Burp files that are without XML extensions.
  • Increased the time out for the cloud PDF converter to prevent timeout-related errors.


  • Fixed case sensitivity when checking HTTP headers for JWT.
  • Fixed missing CSP 3 Directive.
  • Removed the redundant semicolon on the scan pages.
  • Fixed an issue that prevented the new website group from appearing on the Manage Groups page immediately.
  • Fixed a bug that prevents the scanner from attacking to login and logout pages.
  • Fixed the policies loading issue on the General Settings page.
  • Fixed the user interface issue to reflect the agent information on the Installed Framework accurately.
  • Fixed the inconsistent risk level on the generated reports. 
  • Fixed the IPv6 registered website resolution issue thrown before scanning.
  • Fixed the bug of excluding addressed issues in reports generated via Azure Pipeline Extension.
  • Fixed the synchronization issue for the Discovery Service.
  • Fixed the bug that throws a null reference exception at the authentication.
  • Fixed a bug that prevents the scanner from attacking to login and logout pages.
  • Fixed an issue that overrode TLS settings available in the scan policy when the Ignore SSL Certificate Errors is set to True in the Appsetting.json file.
  • Fixed the bug in which OAuth2 settings were not transferred properly from the web application to the agent.
  • Fixed the bug that threw an error when exporting a report.
  • Fixed null reference error during SCIM User creation.