April 2020 Update for Netsparker Enterprise
This blog post announces the April 2020 update for Netsparker Enterprise. The new features of this release are U2F Authentication, issue synchronization for Azure DevOps and ServiceNow integrations, form validation errors in the knowledge base and reports, CVSS 3.1 support, and email reports after a scan.
We’re delighted to announce the latest release of Netsparker Enterprise. The highlights of this release are: U2F Authentication, issue synchronization for Azure DevOps and ServiceNow integrations, form validation errors in the knowledge base and reports, CVSS 3.1 support, and email reports after a scan.
This announcement showcases what is new in this latest Netsparker Enterprise update. Many of these new features have originated from customer requests, while others provide further support and options for existing features.
Universal 2nd Factor Authentication
U2F is an open authentication standard that enables users to securely access multiple online services with a single security key. We have added support for U2F authentication. You can use YubiKey or any other compliant U2F device.
For further information, see Two-Factor Authentication.
Issue Synchronization for Integrations
Netsparker Enterprise now enables the resolution and reactivation of issues in Netsparker Enterprise following Netsparker scans conducted in Azure DevOps and ServiceNow. Netsparker Enterprise also offers webhook support. This enables you to detect any status changes made in Azure DevOps and ServiceNow in their counterpart issues in Netsparker Enterprise.
For further information, see Integrating Netsparker Enterprise with Azure DevOps and Integrating Netsparker Enterprise with ServiceNow.
Form Validation Errors in Knowledge Base
During the scanning process, Netsparker Enterprise successfully validates web forms as part of the crawling stage. However, due to validation errors, some web forms could not be submitted, with the result that they were not displayed in scan reports. With this update, all validation errors that are encountered during the scan are now listed in a new Form Validation Errors node in the Knowledge Base tab of the Technical Report section of scan reports.
CVSS 3.1 Support
The Common Vulnerability Scoring System (CVSS) is a free and open industry standard for classifying the severity of computer system security vulnerabilities. CVSS assigns severity scores to vulnerabilities, allowing security staff managing detected issues to prioritize responses and resources according to the potential threat. We have added version 3.1 scores to vulnerabilities reported by Netsparker Enterprise.
Email Reports After Scan
We have added a new feature to the notification system. Netsparker Enterprise can now send scan reports as email attachments along with Scan Completed notifications. Previously, any completed scan notification could only be sent to registered and confirmed email addresses of Netsparker Team Members. Now, any external email address can be added.
For further information, see How to Create a Notification.
For a complete list of what is new, improved and fixed in this update, refer to the Netsparker Enterprise Changelog.