ThreadFix 2.2.8 Release


The ThreadFix team has been hard at work to bring you the best of their efforts and those of the community via the ThreadFix Community Edition. We’d particularly like to thank Pearson Education for their contributions to the 2.2.8 features. We are excited to announce that the latest version is available for you to download today. Curious about what’s new? Have a look below:

ThreadFix Version 2.2.8 – What’s New:

  • Added ability to set default credentials and project for defect trackers.
  • Added support for deep linking after being prompted to log-in.
  • Added REST call for scan details.
  • Added REST call for scans list.
  • Added unmapped finding data to scan upload REST response.
  • Updates vulnerability tree to now show full URLs when available.
  • Added capability to set custom remediation text for specific CWEs, to be included when vulnerability is added to a defect tracker.
  • Added REST call for setting CWE custom remediation text.
  • Added option to view CWE custom text to vulnerability search REST call.
  • Added ability to upload multiple scan files at once.
  • Added REST call for multi-scan upload.
  • Added ability to set scan-specific vulnerability filters.
  • Added REST call to update application information.
  • Added REST call to update team information.
  • Added support for AppScan Enterprise as a remote provider.

If you are enjoying using ThreadFix Community Edition, please consider helping by talking about it at a conference or over a beverage of your choice with a friend. You can also share the good news by sending a tweet mentioning @ThreadFix. You can participate by visiting GitHub, too. Of course, if you’re ready to move to ThreadFix Enterprise with scan orchestration, LDAP support and a number of other enterprise-ready tools, please visit the website or get in touch. Thank you for supporting ThreadFix.

About John Dickson

John Dickson web resolution

John Dickson is an internationally recognized security leader, entrepreneur and Principal at Denim Group, Ltd, the parent company of ThreadFix. He has more than 20 years' hands-on experience in intrusion detection, network security and application security in the commercial, public and military sectors. As a Denim Group Principal, he helps executives and Chief Security Officers (CSO's) of Fortune 500 companies, including major financial institutions, launch and expand their critical application security initiatives.