Invicti Enterprise On-Premises 18 Nov 2024 v24.11.0
New Features
Integration with Mend SAST: display Mend SAST results alongside DAST results in Invicti Enterprise so you can prioritize all your application security testing fixes in one list → Learn more
API Security: Added integration with Azure API Management to fetch Swagger2 and OpenAPI3 specification files → Learn more
API Security now supports working with RAML specs from MuleSoft Anypoint Exchange
New Security Checks
Updated detection for ActiveMQ – Remote Code Execution (CVE-2023-46604) and TorchServe Management API SSRF (CVE-2023-43654)
Changed scanning without a duration limit to a customer support request-only option
Reporting improvements for the “Unknown Option Used In Referrer-Policy” vulnerability
Improved the behavior of the ‘Recent Scans’ button group on the global dashboard when using the mobile view
Fixes
Fixed a timeout bug in zero-configuration API discovery
Fixed some wording inconsistencies and other minor improvements to the user interface
Removal of sitemap data when a scan is canceled, failed, or aborted
Resolved an issue in the General Settings page configuration
Resolved an issue with user sessions not timing out in compliance with the specified configuration
Fixed a false positive issue with Boolean Based MongoDB Injection detection
Out-of-date version for Boolean Based MongoDB Injection is now reported correctly
Vulnerability profiles that are set as hidden will now still be reported in the scan reports of scans completed prior to the vulnerability being hidden
Fixed a bug in the editing of scan profiles with custom report policies
Resolved an issue in the exporting of team member data with all attributes selected
Resolved an issue with missing vulnerability profiles in custom report policies
By using this website you agree with our use of cookies to improve its performance and enhance your experience. More information in our Privacy Policy.