Get a demo
AppSec with Zero Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo

Invicti Enterprise On-Premises 17 Oct 2024 v24.10.0

New Features

  • Administrators can now assign Agent Groups to Teams for greater control over agents and the teams that can use them. Contact our Support team to activate this feature

New Security Checks

  • Adjusted the severity of SSLv3 and TLS 1.0 vulnerabilities to reflect their security risks
  • Added support for CSP frame-ancestors
  • Added detection for CVE-2024-6297, affecting several WordPress plugins
  • Added XWiki version disclosure vulnerability and attack patterns

Improvements

  • Pre-request script now works in DOM as well
  • The Azure Extension now retries connections, preventing pipeline failures
  • Anonymous sharing of diagnostics and user data with our analytics partner, Pendo, is now opt-out only

Fixes

  • Remediated a high vulnerability issue on the Agent Dotnet dependency package
  • Fixed an issue that was preventing the selection of configuration items during ServiceNow integration setup
  • Fixed an issue with updating targets using the target group ID
  • Fixed an issue where the Auth Verifier heartbeat was showing an hour behind due to daylight saving time adjustments
  • Fixed an error that was occurring when editing Report Policies
  • Fixed an issue with a REST API endpoint returning alternating severity data for TLS 1.0 vulnerabilities
  • Resolved an issue with a pre-request script that was affecting crawling functionality
  • Fixed the issue where tagging in the Discovery service would create a single-character tag when converted to a target
  • Fixed an issue where the encryption process remained pending and incomplete after starting encryption key generation
  • Fixed a bug in the API where ‘/api/1.0/issues/allissues’ always returned NULL in the History field
  • The option to suspend all future scans is now available to all customers in Scans Control Settings
  • Fixed the false negative issue related to Polyfill.io
  • Fixed an issue related to creating a custom script for a web application using the OIDC method with a login pop-up
  • Fixed the issue where the scan summary page did not time out according to the settings
  • Resolved an issue where the AV agent failed to install during the installation process
  • Resolved an issue where modifying the settings triggered an error
  • Resolved an issue that was blocking the loading of issue details