July 2021 Update for Invicti Standard 6.1

This blog post announces the July 2021 update for Invicti Standard 6.1, highlighting Authentication Profiles, Enterprise Integration, the JSON Web Token security check, and dozens of other security checks.

This is an archive post from the Netsparker (now Invicti) blog. Please note that the content may not reflect current product names and features in the Invicti offering.

We’re delighted to announce the July 2021 update for Netsparker Standard 6.1. The highlights of this release are Authentication Profiles, Enterprise Integration, the JSON Web Token security check, and dozens of other security checks.

Authentication Profiles

Netsparker lets you save a custom script for form authentication and utilize this profile on many scans without explicitly configuring Form Authentication.

When you save an authentication profile and instruct Netsparker to use it, the scanner automates the authentication when it matches the URL at the beginning of the crawling process. So, you do not have to configure form authentication for websites utilizing the same authentication procedure.

For further information, see Authentication Profiles.

Enterprise Integration with Invicti’s Acunetix 360

Invicti Security, the company behind Acunetix and Netsparker, has extended its integration capabilities as part of this update. So far, Netsparker Standard could integrate with Netsparker Enterprise to export and/or import scans between the applications. With this update, you can now integrate Netsparker Standard with Acunetix 360.

For further information, see Enterprise Integration.

JWT Security Checks

We have implemented the JSON Web Token (JWT) security check. JWT has become a vital part of authentication processes in modern web application development, especially when implementing single sign-on (SSO).

With this release, Netsparker Standard can identify JWT vulnerabilities. For further information about JSON Web Token, see JSON Web Token attacks and vulnerabilities.

Dozens of new security checks

We have added dozens of new security checks, as can be seen under the New Security Checks heading in the changelog. Thus, we will be able to detect many more technologies and report the version of those technologies and known security vulnerabilities of those versions.

Further information

For a complete list of what is new, improved, and fixed in this update, refer to the Netsparker Standard Changelog.

Huseyin Tufekcilerli

About the Author

Huseyin Tufekcilerli - Director of Product Management

Product Manager at Invicti.