GitHub Actions CI/CD integration. Added
Authentication Profile feature to be able to define shared authentication once and utilize them on many scans without explicitly configuring Form Authentication for websites utilizing the same authentication procedure. Added
UrbanCode Deploy Added
Azure Pipeline Extensions Added the ability to
tag issues Added a new Scope option for
Scan Groups of Websites while configuring notifications to be able to better scope notifications for web applications/APIs under a website. Added State filter to notifications which you can use issue states like Fixed, Revived, New, etc. as filtering options.
Added Choose Scan Profile while scheduling from API
Added TLS 1.3 Support
Removed the scan report selection from notification events that do not produce any reports.
Added account-based option to display authentication credentials on API responses.
Improved time zone calculations to handle new time zones.
Improved configuration validation error messages for Privileged Access Management integrations.
Added an option to specify a scan profile while scheduling scans through API.
Added support for Form Authentication Custom Scripts for cases when a Privileged Access Management integration is used.
Added support for 11 digit phone numbers while inviting a new member.
Added an option to ServiceNow integration to specify if the incident should be set to Closed when the vulnerability is fixed.
The Category selection for ServiceNow integration is editable.
Added a field to specify the user’s Single Sign-On email address while creating a new team member using the API.
Improved configuration options for Jenkins.
Added the option to fail Jenkins build for only confirmed vulnerabilities
The login process redirects the
Single Sign-On users to their providers Added NIST, DISA STIG, and ASVS classifications to Report Policy
Added support for importing links from multiple RAML files from a ZIP file (include directive support).
Improved Azure AD Single Sign-On in-app help text.
Removed the Current Password field for admin users (logged in with Single Sign-On) while editing a member.
Added “Maximum URL Rewrite Signature” Scan Policy Crawling option.
Improved access control by introducing new more granular permissions
Improved role assignment for website groups while inviting new members
Added IgnoreSslCertificateErrors option to Docker agent.
Improved GitLab CI/CD script failure conditions.
Adding a title to the API field in the edit team member page
Fixed an issue that occurs with updating scan profile
Fixed an issue with Imported Links getting updated to Null while using Update ScanProfiles API
Fixed the validation problem
Fixed some bugs for the Sitemap
Fixed an issue that getting an error which caused by connection problem with authentication verification hub on scheduled scan
Fixed the problem of not being able to delete the scan with a profile
Fixed the forgot password issue for
Single Sign-On Fixed an issue where the Launch button does not get enabled on the New Scan page after you enable the IAST scanning and download the sensor files.
Fixed an issue where a notification that is sent to an external email address was not displayed on the audit logs.
Fixed an issue where starting a PCI scan via using API could not start the scan.
Fixed an issue where a new notification created via API does not add the specified integration(s) to the new notification.
Fixed an issue where a team member was not created in API if the auto-generated password is enabled.
Fixed an issue where the custom value of FormAuthPageLoadTimeout was being overridden by its default value.
Fixed validation error messages on the Email Settings page.
Fixed some of the swagger API validation errors reported for the REST API
Fixed an agent scan stuck issue while archiving
Fixed a retest problem where some issues could not be retested
Fixed an agent auto-update issue
Fixed an issue with the GitLab integration script where builds were not failing when they were supposed to fail
Fixed an issue where the “Add Attachment Report” section was missing while adding a new notification
Fixed a mismatching type issue on /scanprofiles/list API response model
Fixed an issue where a failed scan sends an excessive amount of email notifications
Fixed an issue where Exclude Authentication Page configuration resets when another scan is performed
Fixed agent auto-update issues
Fixed an unhandled ArgumentNullException which causes some authenticated scans to fail
Fixed an error that occurs while trying to mark an issue as false positive
Fixed an internal server error that happens while using the /api/1.0/scanprofiles/update API endpoint for some profiles
Fixed an issue where a deleted issue tracker integration was still keeping the old issues IDs referenced
Fixed an issue where the helper NHS service is unexpectedly terminated on environments with multiple agents running