enterprise

Code Dx 5.2.8

Code Dx 5.2.8 11/20/2020

Tools

  • Enterprise Updated Contrast tool connector to improve location ingestion logic, add data flow ingestion, improve status ingestion, and filter out unlicensed projects from configuration dialog
  • Enterprise Fixed bug causing Qualys WAS connector to fail

Code Dx 5.2.7

Code Dx 5.2.7 11/12/2020

Additions

  • Added support for ASVS standard
  • Enterprise Added project metadata display on projects listing and findings page
  • Enterprise Made general improvements to URL validation for tool connectors
  • Enterprise Added a delay/throttling to issue tracker requests

Fixes

  • Enterprise Fixed a bug causing multiple page refreshes after issue tracker sync/auto-create
  • Enterprise Fixed issue tracker bulk operations not obeying the finding selections on the findings page
  • Enterprise+ML Fixed a bug causing predictions to not be updated after recorrelation

Tools

  • Enterprise Added sandbox support to Veracode tool connector
  • Enterprise Added support for ASoC app reports
  • Enterprise Made improvements to ingestion and correlation of Contrast component analysis results
  • Enterprise Added status mapping for Contrast tool results
  • Enterprise Made improvements to Protecode tool reader to support semicolon-delimited input files

Code Dx 5.2.6

Code Dx 5.2.6 10/19/2020

Fixes

  • Fixed an issue that may cause errors in components dealing with URLs lacking a trailing slash

Tools

  • Enterprise Made further fixes for restricting the length of remarks in ASoC data flows

Code Dx 5.2.5

Code Dx 5.2.5 10/16/2020

Fixes

  • Enterprise Fixed an issue causing HTTP redirects to not be followed for some issue tracker and tool connector configurations

Tools

  • Enterprise Updated AppScan Enterprise integration to treat advisory data as optional

Code Dx 5.2.4

Code Dx 5.2.4 10/14/2020

Changes

  • Made improvements to the data flow interface, added source code display
  • Enterprise Changed default "include child projects" setting on dashboard to true

Fixes

  • Fixed a bug that potentially causes phantom findings to appear when re-correlating projects that have had failed analyses

Tools

  • Enterprise Improved severity ingestion logic for AppScan Enterprise
  • Enterprise Fixed a bug causing the NowSecure tool connector to fail on certain API requests
  • Enterprise Fixed a bug causing ASoC data flows containing large source snippets to fail to ingest

Code Dx 5.2.3

Code Dx 5.2.3 10/6/2020

Additions

  • Enterprise Added {{ifeq}} issue tracker template helper for general equality checks

Fixes

  • Fixed a bug related to trailing spaces for values in props file
  • Fixed a bug causing analysis and re-correlation failures with component analysis findings with a purely numeric version number

Tools

  • Enterprise Added option to AppScan Enterprise connector to filter results by severity
  • Enterprise Fixed an issue causing the AppScan Enterprise tool connector to only display 1000 projects

Code Dx 5.2.2

Code Dx 5.2.2 9/30/2020

Changes

  • Enterprise Added option to hide scripted Jira fields

Fixes

  • Fixed a bug causing breadcrumbs to not clear when their corresponding filter is collapsed
  • Enterprise Added missing close button on LDAP configuration dialog
  • Enterprise Fixed a potential bug related to duplicate detection method names
  • Enterprise Fixed a bug causing hybrid correlation to fail if data flows with no source mappings exist

Code Dx 5.2.0

Code Dx 5.2.0 9/18/2020

Additions

  • Added bulk comment, triage, and severity override functionality
  • Enterprise Added ability to run tool connectors during analyses

Changes

  • Overhauled finding table UI
  • Added a slight update delay on the findings table to allow making multiple filter changes at once
  • Promoted some Code Dx API endpoints from ‘experimental’ to ‘stable’
  • Improved correlation and de-duplication for SCA findings and results

Tools

  • Improved data ingestion for results from SCA tools
  • Updated bundled Dependency-Check to v5.3.2
  • Enterprise Updated ASoC tool connector support
  • Enterprise Added tool reader and connector support for ThunderScan
  • Enterprise Added support for Tenable.sc compliance reports
  • Enterprise Added tool connector support for Netsparker Enterprise
  • Enterprise Made SonarQube branch selection optional
  • Enterprise Added tool connector support for DataTheorem Mobile
  • Enterprise Added tool reader and connector support for Seeker
  • Enterprise Added API Token authentication for Black Duck tool connector
  • Enterprise Improved BlackDuck tool data ingestion
  • Enterprise Added ability to filter by scan name for Tenable.sc tool connector
  • Enterprise Added tool connector support for AppScan Enterprise

Code Dx 5.1.4

Code Dx 5.1.4 9/16/2020

Fixes

  • Fixed a bug causing Qualys results to fail to ingest when offline

Tools

  • Enterprise Added API token authentication option to Fortify SSC tool connector