🚀 Invicti Acquires Kondukto to Deliver Proof-Based Application Security Posture Management
100% Signal 0% Noise
Platform
Platform Overview
ASPM
API Security
DAST
SAST
SCA
Container Security
AI-Powered AppSec
Features
Pricing
Why Invicti
About Us
Case Studies
Contact Us
Resources
Resource Library
Blog
Webinars
White Papers
Podcasts
Case Studies
Invicti Learn
Live Training
Partners
Support
Get a demo
Home
/
Documentation
/
28-Jan-2016
Invicti Product Release Notes
Invicti Enterprise On-Demand
Invicti Enterprise On-Premises
Invicti Standard
Invicti Application Security Platform
28 Jan 2016

28-Jan-2016

IMPROVEMENTS

  • Improved support for Single Page Applications (SPA) by rewritting the DOM parser
  • Improved DOM Parser and DOM XSS performance
  • Added icons to scan policy combo box to denote optimized platforms for policies
  • Improved Korean language support
  • Attached proof for the blind SQLi vulnerabilities
  • Added "Proofs" knowledge base nodes
  • Removed out of scope links from URL rewrite report
  • Added HTTP response status code 308 to list of redirect status codes
  • Added link to TFS API download page for Send To extension
  • Added Crawling and Scan Performance knowledge base nodes
  • Eliminated web application fingerprinter's meta tag requests by re-using crawled link response
  • Improved performance of the email disclosure detection pattern significantly
  • Added automatic exploitation for Boolean and Blind SQL Injection vulnerabilities
  • Added .svg to default set of ignored extensions
  • Removed DOM XSS security checks from default built-in policy
  • Added a new built-in scan policy that includes DOM XSS security checks
  • Added a new scan policy setting section for JavaScript related settings
  • Removed outdated PCI 2.0, PCI 3.0 and OWASP Top Ten 2010 classifications and report templates

Bug Fixes

  • Fixed a NullReferenceException which could occur while editing a custom policy
  • Fixed a bug occurs when a proof is empty
  • Fixed the horizontal scroll bar that is shown while adding a new URL rewrite parameter
  • Fixed an issue with comparison report where two reports were showing the same date even if the latter one has been retested
  • Fixed a FileNotFoundException occurs while caching DOM requests
  • Fixed a ThreadInterruptedException thrown by DOM XSS scanner while trying to close application
  • Fixed an UnauthorizedAccessException occurs while cleaning the scan temporary directory
  • Fixed the explanation text for Entered Path and Below scope
  • Fixed the SSL/TLS fall back code to cover more HTTPS web sites
  • Fixed a CannotUnloadAppDomainException occurs while trying to close form authentication verifier dialog
  • Fixed an out of date JavaScript library version issue where identified version was bigger than Invicti’s latest version
  • Fixed the slow performance issue which occurs when "Automatically Detect Settings" proxy setting is enabled
  • Fixed the broken proceed button on trial popup dialog
  • Fixed an out of date JavaScript library version issue where version value cannot be captured
  • Fixed an issue with OWASP reports where vulnerabilities in same category were not being grouped together
  • Fixed a not found detection issue where redirect analysis fails on redirect cases
  • Fixed a broken compatibility issue which occurs while loading scan files exported with previous versions
Invicti Security Corp
1000 N Lamar Blvd Suite 300
Austin, TX 78703, US
© Invicti {year}
Resources
FeaturesIntegrationsPlansCase StudiesRelease NotesInvicti Learn
Use Cases
Penetration Testing SoftwareWebsite Security ScannerEthical Hacking SoftwareWeb Vulnerability ScannerComparisonsOnline Application Scanner
Web Security
The Problem with False PositivesWhy Pay for Web ScannersSQL Injection Cheat SheetGetting Started with Web SecurityVulnerability IndexUsing Content Security Policy to Secure Web Applications
Comparison
Acunetix vs. InvictiBurp Suite vs. InvictiCheckmarx vs. InvictiProbely vs. InvictiQualys vs. InvictiTenable Nessus vs. Invicti
Company
About UsContact UsSupportCareersResourcesPartners

Invicti Security is changing the way web applications are secured. Invicti’s dynamic and interactive application security products help organizations in every industry scale their overall security operations, make the best use of their security resources, and engage developers in helping to improve their overall security posture.

LegalPrivacy PolicyCalifornia Privacy RightsTerms of UseAccessibilitySitemap
Privacy Policy