ThreadFix – No Plans for Labor Day? Take ThreadFix for a Test Drive!


We’ve got another beta build of ThreadFix (beta22) available for download – both the demo ZIP version and the VM appliance. Updates in this release include:
  • More error checking to avoid accepting bad scans
  • Scheduled updates to bug tracker defect statuses as well as scheduled times to pull down new results from SaaS providers (WhiteHat, Veracode, and Qualys)
  • Major updates to the Snort virtual patches to improve performance
  • Support for Qualys in the EU region
  • Updates to the Burp importer to handle more vulnerability types
  • Upgrades to Tomcat 7 and Servlet 3.0
We’re really thrilled with all the feedback we’ve been receiving – please keep it coming. I’m especially interested in folks exercising the scan importers for various technologies. We have a limited set of test data we use to create and debug the importers so having folks test them with their output files helps us clean up any rough edges which is really valuable.
Have a great Labor Day weekend and if you have some free time run ThreadFix through its paces and let us know what you think.
dan _at_

Posted via email from Denim Group’s Posterous

About Dan Cornell

A globally recognized application security expert and the creator of ThreadFix, Dan Cornell holds 20 years of experience architecting, developing and securing web-based software systems. As the Chief Technology Officer and a Principal at Denim Group, Ltd, the parent company of ThreadFix, he leads the technology team to help Fortune 500 companies and government organizations integrate security throughout the development process.