- Restored integration with MixewayVulnerabilityAuditor
- Fixed bug that prevents dependency track vulnerabilities to being loaded
- Fixed bug stacktrace errors complaining about missing column password in table bugtracker
- Fixed bug with nexus-iq integration that detect vulnerabilities in null:null packages
- Enabled hibernate envers for projectvulnerability table
- added endpoint with more detailed statistics for both project and vulnerabilities discovered within project
- Fixed bug when some vulnerabilities status was not managed properly
- Fixed bug with Checkmarx integration
- Added ZAP DAST scanner integration
- New API and methods to show simplified statistic page
- Fixed bug with ambitious responses from requesting infrastructure scan
- Fixed bug with caused sometimes failure in creating synchronization with SCA
- Nexus-IQ Integration
- Fixing Checkmarx integration
- Adding global statistics for admin acceess
- Fixed bug that allow to perform multiple sast scans of same project. Fixed status management, now when specific codeproject has inqueue or running state equal to true, it cannot be put on queue
- Mixeway Vuln Auditor - DeepLearning microservice which use Neural Network to classify software vulnerabilities
- Vulnerability Description is displayed in more proper manner. Modal displaying details is allowing user to confirm or deny vulnerability
- Possibility to create Application profile, on both project or asset level information gathered and put into profile helps Vuln Auditor to better understand application context and then classify vulnerability
- Tables filtering set to proper level. Whenever possible select fields are possible to show.
- Vulnerabilities are no longer deleted before loading from scanner. ID of detected vulnerability is constant, vulnerability is deleted only if it is not detected in next scan.
- Partitioning software vulnerabilities was removed, in this place single tab is displayed with colum which allows to filter
- Endpoints for drawing OpenSource Vulnerabilities statistic within whole database context
- Burp Enterprise Edition plugin
- WebApp Scan limits
- Offline risk calculation so loading of dashboard wont be lasting so much time
- Redesigned model for Fortify Plugin (including usage of MixewayFortifyScaRestApi)
- Redesigned model for managing CI Operations, new fields and statuses
- New REST API endpoints for interaction with CI/CD tools (CIOperations endpoint)
- CodeVulns downloaded from Fortify SSC no longer contains description with code snipped due to performance issues
- Edit method of editCodeProject REST API now can process of changing branch
- WebApp DAST controller now properly sanitize regex for UUID and other strings
- Fixed vulnerabilities and bugs
- Vault integration is now optional however no integration will cause password to be stored in plain text
- Fixed bug related with deletion of scanners
- REST API to get scanner types already integrated
- Checkmarx integration (scope: create project, configure scan, run sca, get vulnerabilities)
- Extended Fortify SSC integration - possibility to create and configure SSC projects via Mixeway
- Fixed bug with Network scan request API
- Added possibility to put CRON expresion to DB and load if from DB
- Fixed some minnor bugs
- Initial release