Copyright

© 2021 Outpost24® All rights reserved.

This document may only be redistributed unedited and unaltered. This document may be cited and referenced only if clearly crediting Outpost24® and this document as the source. Any other reproduction and redistribution in print or electronically is strictly prohibited without explicit permission.

Trademark

Outpost24® and OUTSCAN™ are trademarks of Outpost24® in Sweden and other countries.


Release Date: 2021-04-29

Version: 4.26.6.0


Important Notice to all HIAB customers

Expiring CA Certificate

On the 18th of May an old CA certificate that is central to our HIABs communicating with each other and Outscan will expire. We have discovered that an integral part of the solution will currently not cleanly switch to validate using the already deployed replacement CA certificate. An update will be included in this release that will prevent this problem occurring if applied before the 18th May, and we strongly recommend all customers apply this release to their HIABS before the 18th May.  Should a customer, for what ever reason, be unable to meet this timeline, please raise a support ticket as a matter of urgency to obtain assistance in re-establishing HIAB communications.


New Features

AppSec

  • Launched the SWAT migration and dashboards MVP. A new tab has been introduced in the Portal called Web Applications. Clicking on this provides a 'card' for each SWAT Webapp. Clicking on the web app allows you to see some information on finding trends, fixed trends, OWASP category failures.  We will be adding to this over the coming months and welcome customer feedback on items they wish to see added.  For more information on the SWAT migration project see this FAQ.
  • Added a Crawl list tab to the SWAT Webapp card in the portal. This currently shows the coverage of the last scan performed and will differ day to day depending on the time you review the information versus the coverage of the last scan. In a future release we will merge scan data and show differences in coverage each day. For more information, please see the Portal documentation in the Knowledge base.
  • Appsec Scale is now available as a source of scanner in the Outscan RC platform, removing the need for a separate HIAB scheduler when a customer uses the Outscan RC platform. A HIAB deployed as a scale scanner is still required.

CloudSec 

  • Container inspection is now available as a source of scanner in the Outscan RC platform, removing the need for a separate HIAB scheduler when a customer uses the Outscan RC platform. A HIAB deployed as a container inspection scanner is still required.

NetSec

  • Released support for deploying the data sovereign agents server under Red Hat Enterprise.

Bug Fixes and Minor Improvements

AppSec

  • The Menu options on findings in the Portal are now dynamically determined based on the source of the finding.  As such it will no longer be possible to request verification on a Scale finding, or mark a SWAT finding as a false positive.
  • Fixed a bug in the UI trend graphs that could cause open findings trends and graphs to incorrectly show fixed findings in the totals.
  • Fixed a bug in the PDF reports trend graphs that could cause open findings trends and graphs to incorrectly show fixed findings in the totals.
  • Fixed a bug that prevented the SWAT Fixed column from showing correctly under specific circumstances.
  • Fixed an issue with AppSec Scale reports that caused CVSSv2 findings to be incorrectly labeled as Critical, when the highest possible rating should be High.
  • Fixed a bug in the Swat Classic UI that incorrectly labelled OWASP A10 as a green check, when it should, in reality, be marked as a grey box with the words 'cannot be assessed externally'.

NetSec

  • Fixed an issue with Excel reports that, when applying a filter along with 'only listed targets' , the incorrect number of targets is displayed.
  • Fixed a bug that would cause us to incorrectly identify the version of Windows Defender installed on a target.
  • Detection for the SolarWinds Serv-U component has been improved.

API

  • Fixed an issue that prevented the API from correctly loading when viewing as an OpenAPI.JSON file. 
  • Added a missing Accept Field for use on a HIAB.

End of Life Announcement

No current End of Life announcements