April 2020 Update for Invicti Enterprise
This blog post announces the April 2020 update for Invicti Enterprise. The new features of this release are U2F Authentication, issue synchronization for Azure DevOps and ServiceNow integrations, form validation errors in the knowledge base and reports, CVSS 3.1 support, and email reports after a scan.
Your Information will be kept private.
Stay up to date on web security trends
Your Information will be kept private.
We’re delighted to announce the latest release of Invicti Enterprise. The highlights of this release are: U2F Authentication, issue synchronization for Azure DevOps and ServiceNow integrations, form validation errors in the knowledge base and reports, CVSS 3.1 support, and email reports after a scan.
This announcement showcases what is new in this latest Invicti Enterprise update. Many of these new features have originated from customer requests, while others provide further support and options for existing features.
For further information, see Two-Factor Authentication.
For further information, see Integrating Invicti Enterprise with Azure DevOps and Integrating Invicti Enterprise with ServiceNow.
For further information, see How to Create a Notification.
Universal 2nd Factor Authentication
U2F is an open authentication standard that enables users to securely access multiple online services with a single security key. We have added support for U2F authentication. You can use YubiKey or any other compliant U2F device.
For further information, see Two-Factor Authentication.
Issue Synchronization for Integrations
Invicti Enterprise now enables the resolution and reactivation of issues in Invicti Enterprise following Invicti scans conducted in Azure DevOps and ServiceNow. Invicti Enterprise also offers webhook support. This enables you to detect any status changes made in Azure DevOps and ServiceNow in their counterpart issues in Invicti Enterprise.
For further information, see Integrating Invicti Enterprise with Azure DevOps and Integrating Invicti Enterprise with ServiceNow.
Form Validation Errors in Knowledge Base
During the scanning process, Invicti Enterprise successfully validates web forms as part of the crawling stage. However, due to validation errors, some web forms could not be submitted, with the result that they were not displayed in scan reports. With this update, all validation errors that are encountered during the scan are now listed in a new Form Validation Errors node in the Knowledge Base tab of the Technical Report section of scan reports.
CVSS 3.1 Support
The Common Vulnerability Scoring System (CVSS) is a free and open industry standard for classifying the severity of computer system security vulnerabilities. CVSS assigns severity scores to vulnerabilities, allowing security staff managing detected issues to prioritize responses and resources according to the potential threat. We have added version 3.1 scores to vulnerabilities reported by Invicti Enterprise.
Email Reports After Scan
We have added a new feature to the notification system. Invicti Enterprise can now send scan reports as email attachments along with Scan Completed notifications. Previously, any completed scan notification could only be sent to registered and confirmed email addresses of Invicti Team Members. Now, any external email address can be added.
For further information, see How to Create a Notification.
