January 2023 update for Invicti Enterprise on-premises

This blog post announces the January 2023 update for Invicti Enterprise on-premises, highlighting cumulative enhancements to key integrations and several usability improvements.

January 2023 update for Invicti Enterprise on-premises

We’re delighted to announce the release of Invicti Enterprise on-premises 23.1. The new release rolls together many updates and improvements. Most notably, we’ve enhanced integrations with Jira, ServiceNow Incident Management, Jenkins, and docker agents. 

Customization and visibility improvements to the Jira integration

Jira is a widely trusted issue-tracking tool used by over 100,000 customers to help agile teams develop and maintain high-quality software. Invicti has been providing and incrementally improving its Jira integration for many years, and the current update brings several enhancements to improve the overall user experience in Invicti Enterprise:

  • Customizable priority mapping when creating issues corresponding to vulnerabilities lets you choose exactly which Jira issue priorities should be assigned to which vulnerability severities reported by Invicti Enterprise.
  • To help keep your issue information in sync, you can now retrieve project-related information after providing default fields. Manual data entry is restricted to complex custom fields: Assigned To, Components, Due Days, Epic Link, Labels, Priority, Reporter, and Security Level.

For further information, see our support page on integrating Invicti Enterprise with Jira.

Better issue visibility and more customization in the ServiceNow Incident Management integration

Invicti’s integration with ServiceNow Incident Management now brings more customization options, more precise problem mapping, and an improved user interface. ServiceNow (SNOW) assists enterprises in grouping and managing digital operations workflows. Enterprise clients trust it to manage their digital processes, including task prioritization and cross-departmental task sharing, as well as incident detection and response with ServiceNow Incident Management.

The current update adds the following capabilities to the existing ServiceNow Incident Management integration in Invicti Enterprise:

  • Prioritize vulnerability severities according to user preferences: Indicate how severity levels reported by Invicti for discovered vulnerabilities should be mapped to SNOW priorities.
  • Retrieve project-related information: Provide values for default fields to retrieve project information.
  • Define project detail mappings: Fine-tune the integration by configuring fields and mappings to match your specific SNOW project.

For further information, see our support page on integrating Invicti Enterprise with ServiceNow Incident Management.

Report updates to the Jenkins integration

In addition to Jira, we have also updated our Jenkins integration. The updated Jenkins integration enables you to automatically generate a wide variety of reports, from detailed technical summaries to compliance and best-practice overviews. 

The Jenkins plugin now gives you the option to generate any of the following reports: Detailed Scan Report, Executive Summary, Full Scan Detail, HIPAA Compliance, ISO 27001 Compliance, Knowledge Base Report, OWASP Top Ten 2013, OWASP Top Ten 2017, PCI DSS Compliance, SANS Top 25, and WASC Threat Classification.

For further information, see our support page on integrating Invicti Enterprise with the Jenkins plugin.

Deeper insight into vulnerabilities in website groups

Invicti Enterprise now has the ability to report vulnerabilities discovered across website groups. Defining the right scan coverage and reporting process is crucial for a full picture of your web security posture. After completing a vulnerability scan, Invicti delivers the appropriate reports to the appropriate audience to notify them that the scan has been completed and provides a role-specific summary of the results.

The current upgrade builds on the existing reporting capabilities for individual scan targets (single websites or applications) by adding the option to generate vulnerability reports that span user-defined website groups. This makes it much easier to evaluate and compare the security and issue remediation status across business-specific categories of scan targets.

For further information, see our support page on generating reports for a website group.

Centralized control over all scans

We’ve also made it easier to control vulnerability scans. With the scan control center, you can suspend all scans so none of your team members can run scans. You also have the option to pause all scans and resume all paused scans. The scan control center also features a real-time information panel where you can see how many total scans are running, pausing, paused, and failed.

Note that the control center pauses and resumes scans in bulk. To pause or cancel any specific scan, you can use the Recent Scans page.

Further information

For a complete list of what is new, improved, and fixed in this update, see the Invicti Enterprise changelog.