Cybersecurity
DevOps Cloud
IT Operations Cloud
Here are some of the new features and enhancements provided in the latest release of Fortify WebInspect 23.1.
The hacker-level insights check has been enhanced to include information from the National Vulnerability Database (NVD) and Debricked health metrics when configured with your Debricked access token.
Two-factor Authentication
WebInspect has added the ability to automate Two-factor Authentication scans of sites using Authenticator Apps. This is in addition to our SMS- and email-based two-factor scanning. Once configured, there is no need for user interaction.
SQLite SecureBase
WebInspect now uses a SQLite database for SecureBase. The file extension is now SecureBase.db.
Support for Postman Global Variables
You can now import global variables files to use in Postman scans.
WebInspect REST API v2
The WebInspect REST API now includes a version 2, which includes asynchronous versions of endpoints that take a long time to complete. These endpoints generate a job token that you can use with the v2 Job endpoints to get the status and results from the job.
Enhanced Support of Localized SecureBase Content
A new Application Setting for SmartUpdate allows you to select a language to localize the security and report content in SecureBase.
Enhancements to False Positives
False Positives and ignored items have been renamed as Suppressed Findings in the UI, and you can now export and import suppressed findings as JSON files.
Enhanced Support for Client Certificates
WebInspect now supports client certificates with strong private key (password) protection in Guided Scans, Basic Scans, and Interactive Scans.
Improved Scan Coverage and Performance
Fortify continues to enhance its engines to improve scan coverage and performance. WebInspect 23.1.0 provides a faster crawl and audit, and better application support with the Event-based Web Macro Recorder (formerly called Web Macro Recorder with Macro Engine 23.1.0).