We’ve got another beta build of ThreadFix (beta22) available for download – both the demo ZIP version and the VM appliance. Updates in this release include:
- More error checking to avoid accepting bad scans
- Scheduled updates to bug tracker defect statuses as well as scheduled times to pull down new results from SaaS providers (WhiteHat, Veracode, and Qualys)
- Major updates to the Snort virtual patches to improve performance
- Support for Qualys in the EU region
- Updates to the Burp importer to handle more vulnerability types
- Upgrades to Tomcat 7 and Servlet 3.0
We’re really thrilled with all the feedback we’ve been receiving – please keep it coming. I’m especially interested in folks exercising the scan importers for various technologies. We have a limited set of test data we use to create and debug the importers so having folks test them with their output files helps us clean up any rough edges which is really valuable.
Have a great Labor Day weekend and if you have some free time run ThreadFix through its paces and let us know what you think.
dan _at_ denimgroup.com