Aug 31, 20213.8.230

New

  • We have added support for a new attack module 'Remote Code Execution'.

  • We have added support for a new CrawlConfig option 'RemoveContentSecurityPolicy' under the Advanced Options in the Scan Config.

Improved

  • We have added support to the AppSpiderEnterprise installer for SQL backup and restore. With this new feature, the duration of the ASE installation will increase depending on the size of the SQL database. If you wish to skip this process, a system environment variable APPSPIDER_ENTERPRISE_INSTALLER_SKIP_DB_BACKUP needs to be added with a value of true, 1 or yes.

  • Password policy was updated inline with BHIS (Blackhill info sec) recommendations

Customer Requested
  • We added support so that users set up in the Notification page will receive an 'AppSpider | Scan Execution Completed' email notification.
  • Added configuration options to the scheduler application allowing the number of attempts and time between attempts when downloading reports to be configured.

Fixed

Customer Requested
  • We fixed an issue where scheduled scans were failing to start as the next occurrence was not set.
Customer Requested
  • We fixed an issue so it is now possible to change the severity of a finding in the Details view on the Discovered Issue page.
Customer Requested
  • We fixed an issue where if you set the url validation to false and then create a scan config with an url of just http://, the url was added as :///.
Customer Requested
  • We fixed an issue where 'http://www.webscantest.com' was being added by default as a scan url when creating a new scan config.