Invicti Enterprise On-Demand 18 Aug 2022

This update includes changes to the internal agents. The internal scan agent’s current version is The internal authentication verifier agent’s current version is


  • Improved the Jira integration.
  • Improved the notification rule scope.
  • Added an option to block navigation on SPAs pages.
  • Removed the target URL health check that lets the scan continue despite getting error messages such as 403.
  • Added the information message when users want to delete the preferred agent configured to a scan.
  • Improved the scan profile to edit Basic, Digest, NTLM/Kerberos, and Negotiate Authentication while starting a new scan.
  • Updated the text on the GraphQL Instropection pop-up.
  • Updated the Basic Authentication message for the internal authentication verifier agent.


  • Fixed a bug that caused the scan session failure when the scan is paused and resumed.
  • Fixed a bug that causes server error when expired integration is cloned.
  • Fixed an issue where the Due Days for FreshService integration is displayed as required despite being optional.
  • Fixed an issue that prevented the Authentication Verifier Server from communicating with the web application when the IP Restriction is enabled.
  • Fixed a bug that disabled the Send To button on the All Issues page when users select edit but navigate back to the page.
  • Fixed a bug where DefectDojo automatic issue import is not working.
  • Fixed timeout issues during website DNS checking.
  • Fixed an issue where a JavaScript Setting option blocks inputs for the single-page applications to be reported in the Web Pages with Inputs node.
  • Fixed the improper path parsing when a postman collection file is imported.
  • Fixed a bug that caused the browse section to continue appearing on the Links/API definition page after the import process is canceled.
  • Fixed the null return upon the “GET /scans/list-scheduled” API call.