Invicti improves discovery service and integrations

Invicti has expanded its discovery service with the option to identify cloud-based web assets via an AWS connection. The latest update also includes enhancements to integrations with ServiceNow Incident Management and Jira.

Invicti improves discovery service and integrations

Invicti continues to improve and expand its flagship product. The latest updates to Invicti Enterprise include improvements to the discovery service, the ServiceNow Incident Management integration, and the Jira integration.

Discovering web assets on Amazon Web Services

We have expanded our discovery capabilities to allow organizations to discover web assets running within their AWS instances.

As more and more companies move their web assets and workloads to cloud platforms such as Amazon Web Services (AWS), maintaining visibility and consistent security testing across all their cloud-based web applications becomes increasingly challenging. Invicti Enterprise now provides the option to set up an AWS connection for its discovery service, effectively expanding web asset discovery into your organization’s AWS environment.

Important note

Web asset discovery for AWS is currently offered as an Early Release feature. To enable it, please contact Invicti Support.

For further information, see our support page on adding Amazon Web Services to the discovery service.

More customization and better issue visibility in the ServiceNow Incident Management integration

Invicti’s ServiceNow Incident Management integration now offers more customization, more accurate issue mapping, and a better user experience overall. ServiceNow (SNOW) is an issue-tracking system that helps organizations consolidate and manage issues. Trusted by enterprise customers for digital workflows, it also helps businesses prioritize and share tasks across departments. 

The update adds the following capabilities to the existing ServiceNow Incident Management integration in Invicti Enterprise:

  • Customizable priority mapping of vulnerability severities: Specify how severity levels assigned by Invicti to detected vulnerabilities will be mapped to SNOW priorities.
  • Project-related information retrieval: Provide values for default fields to retrieve project information.
  • Project detail mappings: Fine-tune the integration by configuring fields and mappings to match your specific SNOW project.

For further information, see our support page on integrating Invicti Enterprise with ServiceNow Incident Management.

Additional vulnerability details in the Jira integration

When integrated with the Jira issue tracker, Invicti can now export all the reported vulnerability details, including full remediation guidance, to a Jira project.

Jira is an issue-tracking tool that assists agile teams in developing and maintaining world-class software. Invicti has been providing out-of-the-box integration with Jira for many years now, helping organizations secure their websites, web applications, and APIs against vulnerabilities.

The latest update expands the scope of information that Invicti Enterprise sends to Jira, so you can now export full vulnerability details to your Jira project. This helps to ensure your developers have all the information necessary to fix a vulnerability directly in their ticket and can resolve security defects without leaving Jira.

For further information, see our support page on integrating Invicti Enterprise with Jira.

Deeper insight into vulnerabilities in website groups

Invicti Enterprise now provides the option to report vulnerabilities identified across website groups. 

With the right scan coverage and reporting process, you can get a complete picture of your web security posture. After running a vulnerability scan, Invicti sends the right reports to the right audience to provide notification that a scan has been completed and give a role-specific overview of the results.

The latest update builds on the existing reporting capabilities for individual scan targets (i.e. specific websites or applications) and adds the ability to generate vulnerability reports that encompass user-defined website groups. This makes it easier to evaluate and compare the security and remediation status across business-specific sets of targets. 

For further information, see our support page on generating reports for a website group.

For a complete list of what is new, improved, and fixed in this update, refer to the Invicti Enterprise Changelog.