We have released a new version of AI Enterprise 4.2.0, which includes important changes.
New features:
1. Cross-platform scanning agent.
Starting from version 4.2.0, you can install the PT AI Enterprise Agent module on the Linux OS family. PT AI Enterprise Agent is launched in a docker container with subsequent connection to PT AI Enterprise Server.
2. Search for vulnerabilities by template.
In version 4.2.0, instead of YARA rules, custom template code analysis rules have been added. The rules allow you to identify various flaws in the code using regular expressions and templates in the DSL language.
3. New black box parameters and exploit generation.
Now, when setting up a black box, you can specify the addresses to be added to or excluded from the black box scan.
Also, if the black box scanning module is enabled for the project, according to the results of scanning in the cards of the vulnerabilities found, you can view the code of the automatically generated HTTP request with which the vulnerability is exploited.
List of improvements:
- The validity period of the token for connecting PT AI Enterprise Agent to PT AI Enterprise Server is now unlimited;
- OWASP Top 10 2017 Report replaced by OWASP Top 10 2021;
- RED OS version 7.3 and Astra Linux version 2.12 have been added to the list of operating systems supported by PT AI Enterprise Server;
- Generation of reports based on scan results in JSON and XML formats is now faster;
- Fixed problems with escaping characters in reports and input fields in the web interface;
- Added return code 35 when using incorrect blackbox parameters: Invalid BlackBox settings;
- Fixed output errors for return codes 14, 15 and 16;
- Mail notifications can now be configured in the aiproj configuration file.json;
- In the AI.Shell help, called by the aisa --help command, the display of startup parameters has been improved;
- Fixed problems when running AI.Shell with the --no-wait parameter;
- Fixed the problem of deleting PT AI Enterprise Server log files stored in the system for more than 30 days;
- Fixed an error downloading the event log during scanning;
- Fixed the problem of stopping the scanning task when there are special characters in the path to the scanning object;
- Added a ban on connecting PT AI Enterprise Agent to PT AI Enterprise Server if the versions of these modules do not match;
- Fixed an error saving project parameters on the project settings page;
- Optimized user search when integrating and creating a vulnerability correction task in Atlassian Jira;
- Fixed the problem of displaying a data flow diagram for projects in Swift;
- Fixed a bug in the vulnerable components search module when getting vulnerability descriptions for PHP projects;
- Improved validation of REST API and input fields in project parameters;
- Updated vulnerability knowledge base;
- Fixed errors downloading files from a folder when there are long file paths;
- The transition to .NET 6.0.
We remind you that for version 3.6, you will need to migrate to 4.1.0 sequentially, and then you can upgrade to 4.2.0.
The full list of changes can be found in the documentation or in the help.
Documentation and assembly are available at the following link.
|