Invicti Enterprise On-Demand

IMPROVEMENTS

• Added grouping support for agents.
• Added Scan Profile Name to Scan Group dropdown on the Website Dashboard page.
• Added websitesgroups/delete/{id} API endpoint.
• Improved the performance of the technology dashboard.
• Fixed the absolute start date of scheduled scans as a tooltip to relative dates.

FIXES

• Fixed several scan stuck issues.
• Fixed an issue where the scan is stuck when it is paused and tried to be deleted.
• Fixed an issue an incorrect email address could be entered as a notification recipient.
• Fixed an issue where the New Scan page stuck at loading when you switch back and forth between scan profiles.
• Fixed the unspecified format of the NameID SAML2 attribute by setting it to emailAddress.

IMPROVEMENTS

• Added support for provisioning users without invitation requirement if the user is going to log in using SSO.
• Added support for setting external email recipients for notifications for all the event types.
• Added SANS Top 25 Report as export.
• Updated PCI Compliance Report to match the new style of the reports.
• Added Scan Profile name to Detailed Scan Report and several other compliance reports.

FIXES

• Fixed an issue where the scan files fail to archive to S3 storage and pile up on the agent machine.
• Fixed an issue where an Internal Server Error occurs while trying to start or schedule a new scan.

IMPROVEMENTS

• Improved the Basic, Digest, NTLM/Kerberos, Negotiate Authentication entry user interface. 
• Improved the performance of Technologies pages

FIXES

• Removed the “SSO Email” field requirement for new member invitations on accounts where SSO is not enforced
• Fixed a typo on the Bugzilla integration configuration page
• Fixed the misleading error messages received when /websitegroups/update API endpoint is called with a missing or invalid “Id” values
• Fixed a UTF8 encoding issue

IMPROVEMENTS

• Added an option to fail the build for Azure Pipelines Integration
• Added the Description field for Websites and Website Groups

FIXES

• Fixed an issue where some paused scans stuck and were not be able to resume
• Fixed an issue where the incremental scan fails for a scan with form authentication configuration
• Fixed an internal agent issue where the agent was not able to start as a service 
• Removed the redundant Domain field requirement on Proxy settings of a Scan Policy

FIXES

• Fixed an issue where some Client Certificates might not work properly for authentication 
• Fixed an issue where scans might get stuck in the Pausing state