Invicti Standard 5.6 – January 2020 Update

This blog post announces the January 2020 update for Invicti Standard 5.6. The new features of this release are WAF identification detection, license activation, new integrations, a new scan policy and report, a new login confirmation, and an auto export feature.

Invicti Standard 5.6 – January 2020 Update

We’re delighted to announce the release of Netsparker Standard 5.6. The highlights of this release are:

  • A new WAF identification security check
  • An alternative method of license activation
  • New Send to Actions and WAF integrations

New Security Check

We have added a new security check – WAF Identifier Engine.

WAF Identifier Engine

This new security check detects whether the target website in a scan is using a Web Application Firewall that blocks Netsparker attacks, and warns the user about it.

For further information, see WAF Identifier.

License Activation

We have added Netsparker Enterprise Integration to the License Required dialog. This enables the activation of a license using the Netsparker Enterprise Information that is stored in the Netsparker Enterprise tab in the Options dialog.

For further information, see Activating Your Netsparker Licences and Installing Netsparker Standard.

New Integrations

Netsparker Standard already has many integrations. The Netsparker Standard 5.6 Update has added several new integrations to the Send To and WAF tabs.

Send to Actions

Web Application Firewall

Integration is now also available for FortiWeb.

For further information, see Generating FortiWeb Web Application Firewall Rules from Netsparker, Issue Tracking Systems and Web Application Firewall Support.

SANS Top 25 Report

The SANS Institute has developed the CWE (Common Weakness Enumeration) list of top 25 software security vulnerabilities. Netsparker Standard 5.6 has added a SANS Top 25 Scan Policy and report.

For further information, see Report Templates and CWE/SANS TOP 25 Most Dangerous Software Errors.

New Login Confirmation

The 5.6 Update has added a new login confirmation to ensure that Netsparker was able to acquire an authentication session after conducting the login sequence. This is in order to notify users in case of any failure due to changed credentials. In addition to this, Netsparker will confirm detected logouts from now on and will prevent any misleading logout detected notifications.

New Login Confirmation

For further information, see Logs.

Auto Export Feature

Completed Netsparker Standard scans can be uploaded to Netsparker Enterprise. We have added an Auto Export feature that enables the automatic export of all old session files not previously uploaded to Netsparker Enterprise, when connected to its servers. This new option, ‘Upload finished scans to Netsparker Enterprise automatically’, is enabled in the Netsparker Enterprise tab in the Options dialog.

For further information, see How to Upload Finished Scans to Netsparker Enterprise Automatically from Netsparker Standard.

Further Information

For a complete list of what is new, improved and fixed in this update, refer to the Netsparker Standard Changelog.