New Features

  • SAML authentication has been updated to allow multiple providers. This enables support for SSO in multi-tenant environments
  • Authentication settings have been updated to support multiple combinations of email & IP address for whitelisting
  • Resolve now supports risk scoring for Assets, Projects, Business Units, Applications and Networks. This feature is currently in Beta and can be enabled upon request.
  • Administrators can now add new states and configure state workflows for Instances
  • New importer for Burp Suite Enterprise scans

Bug Fixes

  • Fixed a bug in Scan Monster where the content in stages were overlapping each other If stages have a large number of results
  • Imported files from integrations were showing no name in data sources
  • UI was cluttered when multiple projects workspaces were pinned to the sidebar
  • Fixed an issue where some users were unable to delete data sources from a project
  • Program Metrics in Program Management Dashboard was failing with super admin access
  • Grid searches were failing on number inputs with a single decimal in search keyword
  • Analyst dashboard in Workbench was showing Completed projects as overdue 
  • Program Management Dashboard was showing Closed/Cancelled projects as upcoming projects 
  • Merge asset was failing with timeout error
  • In Program Management Dashboard, findings count in Findings Over Time graph was not matching the actual number of total findings
  • While moving a project to another BU, changes were not rolled back upon failure
  • Read-only Track user had the Unpublish All Instances button available
  • Edit project activity was not being recorded in project activity history
  • Instance/Finding user assignment was getting deleted when a project was moved to another BU
  • Shared asset physical location was getting deleted when a project is moved to another BU
  • Last Sighted date on a finding was not being updated when Assets were merged
  • Grid columns with numeric values were not supporting filter with ‘In’ condition
  • Calendar option has been added back to sidebar
  • Default severity was not editable in workspaces
  • While creating a manual instance, Port field was accepting text inputs instead of numbers

Known Issues

  • Since Authentication settings have been updated to allow combination of IPs and Emails, below points explain how existing whitelists are migrated:
    • When both IP and email domain whitelists are enabled then allow list is enabled and both IP and domain whitelists are migrated.
    • In case only one whitelist is enabled we'll migrate ONLY the enabled whitelist and also enable allow list. For example: If domain whitelist is enabled and IP whitelist is disabled then only domain whitelist will be migrated.
    • In case both whitelists are disabled - we migrate both IP and domain whitelist but keep allow_list disabled.
  • Updating assigned and default severity properties for Finding entity, in Entities Settings under the Admin module, causes incorrect severity to show in Workbench module.  
  • Changing the order of states / or adding new states for the Instance entity, in Entities Settings under Admin module, sometimes causes incorrect or no icon to display for Findings and Assets in workspaces.