ThreadFix 2.2.8 Release


The ThreadFix team has been hard at work to bring you the best of their efforts and those of the community via the ThreadFix Community Edition. We’d particularly like to thank Pearson Education for their contributions to the 2.2.8 features. We are excited to announce that the latest version is available for you to download today. Curious about what’s new? Have a look below:

ThreadFix Version 2.2.8 – What’s New:

  • Added ability to set default credentials and project for defect trackers.
  • Added support for deep linking after being prompted to log-in.
  • Added REST call for scan details.
  • Added REST call for scans list.
  • Added unmapped finding data to scan upload REST response.
  • Updates vulnerability tree to now show full URLs when available.
  • Added capability to set custom remediation text for specific CWEs, to be included when vulnerability is added to a defect tracker.
  • Added REST call for setting CWE custom remediation text.
  • Added option to view CWE custom text to vulnerability search REST call.
  • Added ability to upload multiple scan files at once.
  • Added REST call for multi-scan upload.
  • Added ability to set scan-specific vulnerability filters.
  • Added REST call to update application information.
  • Added REST call to update team information.
  • Added support for AppScan Enterprise as a remote provider.

If you are enjoying using ThreadFix Community Edition, please consider helping by talking about it at a conference or over a beverage of your choice with a friend. You can also share the good news by sending a tweet mentioning @ThreadFix. You can participate by visiting GitHub, too. Of course, if you’re ready to move to ThreadFix Enterprise with scan orchestration, LDAP support and a number of other enterprise-ready tools, please visit the website or get in touch. Thank you for supporting ThreadFix.

About Dan Cornell

A globally recognized application security expert and the creator of ThreadFix, Dan Cornell holds 20 years of experience architecting, developing and securing web-based software systems. As the Chief Technology Officer and a Principal at Denim Group, Ltd, the parent company of ThreadFix, he leads the technology team to help Fortune 500 companies and government organizations integrate security throughout the development process.