Skip to main content

Release Updates (v3.6.0)

The following release updates are available for the latest CxIAST version. Use the search tool to find a specific subject.

New Features and Changes

CxIAST version 3.6.0 includes the following new features and changes:

Category

Feature

Setup & Configuration

  • Added the ability to install CxIAST on Docker

Management Enhancements

  • Improved the way to download agents from the Manager by guiding users to download the required agent andhow to deploy it properly.

  • Allowed filtering results using defined presets.

  • Integrated CxIAST with the Checkmarx DMS service in order to obtain up to date vulnerability descriptions.

Java

  • Added additional Java vulnerabilities as part of the OWASP API security top 10:

    • Missing HSTS Header

    • Missing CSP Header

    • Missing Expect CT Header

    • Permissive Content Security Policy

    • Unsafe Object Binding

    • Insufficient Key Size

    • RSA Public Exponent

    • ReDoS From Regex Injection.

  • Added the Micro services execution flow to identify the relations between different micro-services while scanning.

Node.js

  • Added HTTP2 Support.

  • Extended the vulnerability coverage for Oracle and Cassandra databases.

.NET Framework

  • Added the ability to create and customize lists and queries from the user interface.

  • Added additional .NET vulnerabilities:

    • Missing HSTS Header

    • Missing CSP Header

    • Missing Expect CT Header

.NET Core

  • Added .NET Core support for Linux with IIS, IIS Express, Kestrel and to self-hosted applications.

  • Added the ability to create and customize lists and queries from the user interface.

Known Limitations

Category

Limitation

Installation

  • If the SSL Certificate files required for installation are located on the Desktop, there might be permission issues when the user attempts to load them. In such a case, it is recommended that the SSL Certificate files are first relocated to a place where the user has full access permissions (such as the home user folder), before loading the SSL Certificate files.

  • For .NET Core apps, it is recommended to have .NET Core v2.1 installed, even if the AUT is running on another version or is standalone. Without .NET Core v2.1, the upgrade and code snippets features do not work.

Setup & Configuration

Only supports the following:

  • .NET Core 2.1.15 and up, but below 2.2.x

  • SDK 2.1.511 and up, but below 2.2.x

.NET Framework

If you are using SSL, upgrading from Agent version 3.4 or below may fail on first attempt. In this case, download and install the .NET Framework agent again.

.