Skip to main content

CxPS Release Internal Note (v3.3.x)

The following release updates are available for the latest CxIAST version Use the search tool to find a specific subject.

New Features and Changes

CxIAST version 3.3.2 includes the following new features and changes:

Category

Feature

Setup & Configuration

Version upgrade: The upgrade is supported from v3.0.0 and above. Otherwise, it is required to clean the DB and uninstall the version before running clean install of v3.3.2.

Note : The .NET Core SDK version might need to be upgraded to support the new AC-even in an upgrade.

New AC prerequisites: .NET Core 2.1.5 or 2.1.6.

SSL Configuration: Allowing SSL configuration from the installer.

Management enhancements

  • API Discovery – Provides visibility regarding which APIs are exposed by the monitored applications, when it was first discovered, and which APIs have been tested versus which ones have not.

    * API Discovery is currently only supported for Java on Spring MVC, Jersey and Spring boot

  • Functional c overage calculation update – Prior to version 3.3, functional coverage indication was calculated by 2 techniques:

    1. Method coverage – rough estimation of used method percentage during the functional test.

    2. Number of unique requests, which help with comparing the quality and difference between two scans.

      In v3.3 we are replacing (when applicable) the 1st technique (method coverage) with a new functional testing coverage estimation which is based on the API Coverage, which is more aligned with the QA way of test coverage estimation.

  • Allow actions while scan in progress – Prior to v3.3, any action on a vulnerability (Change state, Severity, ...) required the scan to be stopped. From version 3.3, you can do it anytime.

  • Putting scan into SDLC context – You can now associate a specific scan with a specific build number or any other information using tags. Tags can be free of text or any Jenkins variable. This enables easier orientation when reviewing scan result in the CxIAST UI. (Scan tags can also be added via REST API or directly by the agent.)

Java

· Java 11-12 support!!!

Node.js

· Major stability improvements – New robust instrumentation technique that dramatically reduces the probability of crashes.

· Accuracy and stability improvements.

.NET

· Accuracy and stability improvements

Issues Fixed on 3.3.1

Category

Limitation

Setup & Configuration

CxIAST server is now enforcing TLS 1.2 by default.

Management enhancements

A CSV file corruption when exporting to CSV was fixed.

Java

Arguments required previously for Java 9+ applications are now not required.

Accuracy and performance improvements.

Node.js

Accuracy and performance improvements.

.NET

Accuracy and performance improvements.

Known Limitations

Category

Limitation

.NET Agent

  • C# and ASP.NET only

  • Missing capabilities (compared to Java)

    • Query customization is performed manually (not from the UI)

    • Method Coverage

    • API Discovery

    • Agent auto upgrade is performed only on agent registration.

Node.js Agent

  • Missing capabilities:

    • Method Coverage

    • API Discovery

    • Application tags

Java Agent

  • On upgrade, the application restart is required.

  • Java 13 and higher is not supported.

  • Standalone applications are partially supported.

Supported Environments

Operating System

Windows

10 (or higher)

Windows Server

2012 (or higher)

Linux

Any official Linux distribution (excl. macOS)

SQL Server

SQL

2012 (or higher)

* SQL express is supported, but as it is targeted for small-scale installations it is not recommended to be used.

Application Server

Apache Tomcat

7 (or higher)

JBoss EAP

7 (or higher)

WebLogic Server

12cR2 (or higher)

Jetty

8 (or higher)

Wildfly

10.1 (or higher)

Eclipse Vert.x

3.1 (or higher)

WebSphere

WebSphere Liberty – 18 (or higher)

WebSphere Traditional - 9 (or higher)

Payara

5 (or higher)

Browsers

Microsoft

Edge

Google Chrome

43 (or higher)

Build Servers

Jenkins

1.580.1 (or higher)

Supported Code Languages

Language Supported

Version

OS

Application Server

Java 6 (or higher)

Windows or Linux

Apache Tomcat v7 (or higher)

Jetty v8 (or higher)

JBoss EAP v4 (or higher)

Wildfly v10.1 (or higher)

WebLogic Server 12cR2

Eclipse Vert.x v3.1 (or higher)

WebSphere Liberty – 18 (or higher)

WebSphere Traditional - 8.5 (or higher)

Payara - 4.1.x and 5

.NET framework 3.5 (or higher)

Windows

IIS, IIS Express

Node.js LTS 6 (or higher)

Windows or Linux

Not Applicable

.

In this section: