Added the option to set a Custom HTTP Authorization Header under Scan policy > HTTP > Request
Adjusted agent download parameters to allow installation of internal scanner agents using the Docker client via the Invicti registry service
Changed the compression tool and default compression format for log files from 7zip to Tar
Added functionality to enable entering multiple IP addresses and IP ranges into the IP Address Restrictions setting. Previously, only single-entry IP addresses were permitted.
Added TLS certificate authentication as an option when integrating with HashiCorp Vault. Previously, we only supported token authentications.
New security checks
Added new patterns to detect XSS
Improvements
Improved notification delivery with integration services
[Closed Beta] Protected visibility of passwords within custom scripts
Improved detection and reporting of File Inclusion vulnerabilities
Improved detection and reporting of Sensitive Data Exposure vulnerabilities
Improved detection and reporting of Dockerfiles
Disabled caching from the boolean-based MongoDB security engine to avoid possible false positives
Improved the content-type exemption for non-HTML content types in the CSP engine
Improved the typehead.js check to increase stability
Removed the X-XSS-Protection header check because it is deprecated by modern browsers
Added functionalities to prevent bot detection and fixed an issue that was causing cookie loss after authentication
Improved the remediation part for the JetBrains .idea detected vulnerability
Added information to the UI about the functionality of the 'Edit My Team's Role' permission
Added bypass list functionality for scan policies
Fixes
Fixed a bug in the date filter that was causing incorrect information to display on the dashboard
Fixed the external SOAP web service import problem
Fixed a problem that was causing default values to be filled incorrectly, resulting in false negatives
Fixed Vulnerabilities visible from the UI but not via API in certain failed scan situations
Fixed inconsistent scan states in rare deleted scan scenarios
Fixed missing Next Execution Time for certain scheduled scans
Fixed an issue that prevented saving scheduled scans in some scenarios
Fixed inconsistencies in the Resource Finder with certain hidden files and backup files
Improved updating of groups in Azure Provisioning scenarios