Invicti Enterprise On-Premises 18 Jan 2016


  • Mobile friendly UI with a lot of design improvements
  • Added support for sending notification email for canceled scans


  • Improved resource finder checks for websites which have custom 404 pages
  • Increased the default value of Maximum 404 Signature setting to be store more signatures
  • Improved timeout calculation for vulnerability checks which require late confirmation
  • Replaced scan finish dates with scan urls in global dashboard
  • Permissions can be entered while inviting user
  • Added icon for scheduled scan items
  • Optimized instance launch times for AWS agents
  • Improved API documentation for scan policy and website endpoints
  • Improved website address validation rules
  • Improved website selection on the new scan page
  • Added tooltips to scan policy and new scan pages
  • Added Enable Content Type Checks setting to scan policy scope section
  • Improved validation for scan profile names
  • Improved notification email templates


  • Scheduled scan’s target url’s scheme could not be changed
  • Fixed tooltip text for completed scans
  • Fixed a bug where entered URL rewrite rule was overridden on focusing to regex input
  • Fixed an issue where Ignore These Content Types setting was not set correctly
  • Fixed an issue where scan policy names were duplicated
  • Fixed an issue where form authentication settings were not initialized correctly for group scans
  • Fixed DOM simulation issue where all delegated events on an elements were not being called
  • Fixed a Heartbleed security check issue where it was causing the crawling phase to be stalled