We’re delighted to announce the release of Netsparker Enterprise On-Premises 1.9.3. The highlights of this release are the GitLab CI/CD scripting updates, Oracle WebLogic checks, and WASC Threat Classification Report.
We have also added new security checks, improvements, and fixes.
GitLab CI/CD Scripting Updates
Netsparker already supports integration with GitLab CI/CD. With this update, Netsparker can now stop the scan if the build is failed in the GitLab CI/CD pipeline. Builds can be failed in the GitLab CI/CD pipeline when Netsparker identifies a specified level of vulnerability, such as critical or high level.
For further information, see Integrating Netsparker Enterprise with GitLab CI/CD.
Oracle WebLogic Security Checks
Netsparker Enterprise can identify two critical vulnerabilities detected in Oracle WebLogic Server. Oracle WebLogic Server is an application server to develop, deploy, and run enterprise applications using Java Platform Enterprise Edition.
Oracle released a critical patch update to address critical WebLogic Server vulnerabilities CVE-2020-14882 and CVE-2020-14883. These vulnerabilities may allow attackers to compromise Oracle WebLogic Servers. Netsparker Enterprise can identify if your web application is vulnerable to these vulnerabilities in Oracle WebLogic Server.
For further information, see Easily Exploitable Vulnerabilities in Oracle WebLogic Server.
WASC Threat Classification Report
Netsparker Enterprise allows you to generate the Web Application Security Consortium (WASC) threat classification report that lists only issues that fall under the WASC threat classification. This report is essential for organizations that want to improve their web application security.
For further information, see WASC Threat Classification Report.
Scan Group Selection in the Trend Matrix Report
The Trend Matrix report provides correlated, trending data about the status of vulnerabilities that were identified in your web application across several scans and enables you to easily track changes in the web application. With this update, it is possible to filter the report based on the scan group created.
For further information, see Trend Matrix Report.
Allowed Website Limit
Netsparker allows you to create and manage team members. With this update, users with administrator privileges can determine how many websites a specific user can be responsible for. It is an easy process with a slider.
For further information, see Managing Team Members in Netsparker Enterprise.
General Performance Improvements
In addition to the improvements specified above, we implemented a number of enhancements to Netsparker Enterprise. For example, the performance of the Discovery service has been improved. In addition, we have streamlined the process of exporting reports for websites with large numbers of vulnerabilities. The performance of custom scripts has also been improved.
For a complete list of what is new, improved, and fixed in this update, refer to the Netsparker Enterprise Changelog.