Skip to main content

Release Updates (v3.5.0)

The following release updates are available for the latest CxIAST version. Use the search tool to find a specific subject.

New Features and Changes

CxIAST version 3.5.0 includes the following new features and changes:



Setup & Configuration

  • Removed the hard-coded encryption key from the installer.

Management Enhancements

  • Added three new information tables to the execution summary. These tables are available as PDF and inside the API.

  • The incomplete documentation on hover and autocomplete has been improved.

  • Enabled Micro Service discovery in Kubernetes. The Kubernetes discovery allows viewing registered services using the Kubernetes API.



  • Enabled Micro Services discovery.

  • Added FIPS compliancy.

  • Added additional Java vulnerabilities:

    • Mail_Header_Injection

    • Unrestricted_Upload_of_File_with_Dangerous_Size

    • Null_Byte_Injection

    • Login_Information_Exposure_Through_Discrepancy

    • Code_Injection

    • Expression_Language_Injection_OGNL.

  • Added Easy-Buggy to the IAST demo applications. Easy-Buggy is a broken web application in order to understand behavior of bugs and vulnerabilities.

  • Added HttpOnlyCookie and SSRF, two new Java queries.

  • Added multi-thread support.

  • Enhanced the set of post scan actions.


  • Added Node 12 support.

  • Enhanced the performance of KPI measurements.

  • Optimized the memory utilization of KPI measurements.

  • Added application tags.

  • Enhanced the API coverage.

  • Added FIPS compliancy.

.NET Core

  • Added .NET Core support to Windows stations with IIS, IIS Express, Kestrel and to self-hosted stations.

Known Limitations



Setup & Configuration

Only supports .NET Core versions 2.1.x (2.1.15 and higher).

.NET Core

  • Requires .NET Framework 4.5.

  • .NET Core and .NET Framework share the same environment variables. Refer to the .NET Core Troubleshooting document for additional information.

.NET Framework

If you are using SSL, upgrading the .NET Framework may fail on the first attempt. In this case, re-download and install the .NET Framework agent.