This is an archive post from the Netsparker (now Invicti) blog. Please note that the content may not reflect current product names and features in the Invicti offering.
We're delighted to announce a Netsparker Enterprise update. The highlights in this update are support for internal agents and bulk operations, and new issue tracking integrations and API endpoints.
Other updated features in September 2019 for Netsparker Enterprise include support for data exporting, a technical contact change option, a scan conversion option, and new malware technology.
This announcement highlights what is new in this latest Netsparker Enterprise update. Many of these new features have originated from customer requests, while others provide further support and options for already existing features.
Support for Internal Agents
Netsparker Enterprise can be configured to run scanner agents on Amazon Web Services (AWS) so your website will be scanned by agents installed on Netsparker Enterprise's servers. But in some organizations, certain websites will only be available in the local network (not the public internet). Netsparker's Internal Agent feature allows you to scan these internal websites using an agent which you can download and install on your network.
This feature was previously only available in the Netsparker Enterprise On-Demand edition. Support for using Internal Agents (‘Internal’) along with AWS cloud integration (‘Cloud’) Agent Mode has now been rolled out to all Netsparker Enterprise editions. In our September 2019 update, this feature has also been added to the On-Premises edition.
For further information, see Internal Agents in Netsparker Enterprise.
New Issues Tracking Integrations
Netsparker Enterprise already has many out-of-the-box issue tracking system integrations. With this latest update, integration is also available for:
Redmine and Bugzilla are both web-based project management and issue tracking tools. Integrations for them are also available on Netparker Standard. Kafka is a stream-processing software platform that handles real-time data feeds.
For further information, see Issue Tracking Systems.
Support for Bulk Operations
Netsparker Enterprise now has added support for bulk operations on the Recent Scans page. It's now easier to delete, cancel, pause multiple scans at the same time. Prior to this update, scans could only be managed on an individual basis. But for companies and organizations that run hundreds and thousands of scans daily, this process absorbs undue time. Now, thanks to the inclusion of this Bulk button, large scale scan management operations are greatly streamlined.
For further information, see How to Run Bulk Operations on a Scan.
New API Endpoints
With Netsparker Enterprise, you can use API Endpoints to view information about Issues in list format. This enables you to integrate any information detected by Netsparker Enterprise with other applications or systems. This update has added new API endpoints so that Agents can be better managed, as well as Issues.
For further information, see Netsparker Enterprise API – Agents.
Support for Data Exporting
Netsparker Enterprise already has a wide range of data exporting options, including WAF rules, HTTP Requests, scan results, vulnerability lists and reported vulnerabilities to other projects. This update adds support for exporting data on Activity Logs and Manage Team page. Now, an Export to CSV button allows team member information data exporting to a delimited text file that uses a comma to separate values. However, than can be altered to a semicolon, pipe or tab as required.
For further information, see How to Export to CSV in Netsparker Enterprise.
Technical Contact Change Option
An option to change the Technical Contact for each website in a group has been added to the Edit Website Group page. New Issues in the websites in this website group will be assigned to this user.
For further information, see Website Groups in Netsparker Enterprise.
Scan Conversion Option
Many scans targets require continual testing throughout the SDLC. Netsparker Enterprise now has added the ability to convert completed scans into a Scheduled Scans. This means that you can create schedules in advance for all types of scans (full, retests and incremental scans).
For further information, see How to Convert a Completed Scan Into a Scheduled Scan.
Netsparker can detect any web malware injected into websites. This new security engine is called the Malware Analyzer. You can access it from the Security Checks tab of the New Scan Policy window. The Scanner Agent's operating system should be Windows Server 2016 or above.
For further information, see Malware Analyzer.
For a complete list of what is new, improved and fixed in this update, refer to the Netsparker Enterprise Changelog.
Your Information will be kept private.