New
- New configuration option: We added a new configuration option,
AllowOutOfScopeHTTP, which allows the Scan Engine to crawl out of scope pages on the HTTP protocol when enabled. - New authorization flag: We added a new authorization flag,
WarningOnlyOnLoginFail, which makes it so that if a login fails due to bad authorization, the scan itself will not fail. - New hooks feature: We added a new hooks feature for automated login to allow users the ability to update dictionary files at the scan configuration level.
- New scanning ability: We added the ability to scan using IPv6 addresses.
- New Information Leakage attack: We have added a new Information Leakage attack that detects when a Windows username is exposed.
Improved
- We improved the Scan Engine’s crawl coverage.
- We added the ability to stop a pending scan via the REST API.
- We have made further improvements to Incremental Scanning to reduce duplicate findings.
- We updated the internal Chrome browser to version 90.
- We extended Swagger functionality to include “example(s)” mechanisms for all objects that have it.
Fixed
- We fixed an issue that was causing an engine crash in build 7.4.027.
- We fixed an issue that was causing memory issues in 7.4.027.
- We fixed an issue where users were receiving a 404 error message when attempting to download via the REST API.
- We fixed an issue where some pages failed to load due to the following error message:
ERR_TOO_MANY_RETRIES. - We fixed an issue where some sites were not rendering in the traffic recorder.
- We fixed an issue in the REST API where report regeneration was failing on the first attempt.
- We fixed an issue with automated login where a reCaptcha was incorrectly being found.
- We fixed an issue where false positives were being flagged for Privacy Policy.