🚀 Invicti Acquires Kondukto to Deliver Proof-Based Application Security Posture Management

100% Signal 0% Noise
Platform
Platform Overview
Features
CAPABILITIES
Web Application Security
ASPM
API Security
DAST
SAST
SCA
Container Security
AI-Powered AppSec
Pricing
Why Invicti
About Us
Case Studies
Contact Us
Resources
Resource Library
Blog
Webinars
White Papers
Podcasts
Case Studies
Invicti Learn
Live Training
Partners
Support
Get a demo
Home
/
Documentation
/
v25.4.0 - 8 April 2025
Invicti Product Release Notes
Invicti Enterprise On-Demand
Invicti Enterprise On-Premises
Invicti Standard
Invicti Application Security Platform
08 Apr 2025

v25.4.0 - 8 April 2025

This update includes changes to the internal agents. The internal scan agent’s current version is 25.4.0. The internal authentication verifier agent’s current version is 25.4.0.

New feature

  • Added an option to prevent reopening Issue Tracker issues when a vulnerability is marked as False Positive and later revived (Read more).

Improvements

  • Requests with empty or default values are not sent to DeepInfo
  • Introduced a new setting under the Account General settings, within the Data Privacy and Security section, to modify the X-AMZ-Expires parameter while downloading the scan data
  • Enhanced the "Configure New Agent" page to include additional details for auth verifier agents (Read more)
  • Updated remediation details for outdated AngularJS versions
  • [BREAKING CHANGE]: Updated the Docker agent's compression method and file extension; ensure any automation or scripts referencing the old format are updated accordingly.

Resolved issues

  • Fixed an issue where the Issue note field could not be updated
  • Fixed inefficient algorithmic complexity in DotNet IAST Sensor
  • Resolved the issue where an invalid character response occurred when attempting to add a user
  • Resolved the "Invalid Target URI" error that occurred when editing the Target URI to end with multiple slashes (///) on the new scan page
  • Resolved the issue where the scan profile was not updating with the support account
  • Fixed restrictions for JIRA integration
  • Fixed an issue where pressing "Enter" instead of clicking the "Check" button during password verification triggered a full scan instead of the intended login verification
  • Updated Chromium and Node.js versions, resolving Chromium-related issues, including the unexpected increase in Chromium count.
  • Exclude URL rules now function correctly even when the excluded URL is the target
  • Fixed an issue with retrieving OAuth2 token data from JSON responses
Invicti Security Corp
1000 N Lamar Blvd Suite 300
Austin, TX 78703, US
© Invicti {year}
Resources
FeaturesIntegrationsPlansCase StudiesRelease NotesInvicti Learn
Use Cases
Penetration Testing SoftwareWebsite Security ScannerEthical Hacking SoftwareWeb Vulnerability ScannerComparisonsOnline Application Scanner
Web Security
The Problem with False PositivesWhy Pay for Web ScannersSQL Injection Cheat SheetGetting Started with Web SecurityVulnerability IndexUsing Content Security Policy to Secure Web Applications
Comparison
Acunetix vs. InvictiBurp Suite vs. InvictiCheckmarx vs. InvictiProbely vs. InvictiQualys vs. InvictiTenable Nessus vs. Invicti
Company
About UsContact UsSupportCareersResourcesPartners

Invicti Security is changing the way web applications are secured. Invicti’s dynamic and interactive application security products help organizations in every industry scale their overall security operations, make the best use of their security resources, and engage developers in helping to improve their overall security posture.

LegalPrivacy PolicyCalifornia Privacy RightsTerms of UseAccessibilitySitemap
Privacy Policy