What's new
This section describes new product features and enhancements in this release, as well as deprecations and anticipated changes, where relevant.
New in HCL AppScan Standard version 10.0.3
- Web Services: Explore using popular test suites
- Streamlined web services scanning using popular external tools. Postman and
SoapUI can now be opened from the AppScan UI and are automatically
configured for exploring with AppScan as the recording proxy. You can now
open them directly from:
- Login Management
- Manual Explore
- Multi-Step Operations
- Security testing improvements
-
- Detect and test non-standard HTTP headers: Automatically detect application-specific HTTP headers and test them as application parameters
- New tests:
- Detect cipher suites that do not support PFS
- Detect when AEAD is not supported by the host
- Detect and validate SameSite cookie references
- CVE-2019-18935 - Telerik UI for ASP.NET RCE
- CVE-2017-11317 - Telerik UI for ASP.NET File Upload
- CVE-2019-0604 - Microsoft SharePoint RCE
- Multi step operations
- Improved performance
Fixes and security updates
Fixes and security updates are listed here.
Will be removed in a future release
- Scan Expert
- Generic Service Client (GSC)
- X-Force categorization in Advisories and Issue Details
- Malware detection capability
- Ability for user to edit advisories and fix recommendations (in Test Policy view)