In the new release, the Security Suite module has undergone a comprehensive modernization, including the implementation of a user report system for controlling settings and the development of a mechanism for creating individual vulnerability reports. The "Landscape" module interface has enhanced search functions for RFC connections and their management.
The ABAP code vulnerability control system has implemented multiple selection of detected vulnerabilities, an improved indication system, added tags for classification, and a window for changing vulnerability properties. The "Fix Status" tab has been transformed into "Change History" with the ability to add comments.
The Code Security Extension Module has been enriched with new Dockerfile verification scenarios aimed at detecting potential threats associated with the execution of shell scripts, the use of non-standard instructions, and access to variables. An information panel has been implemented to visualize code analysis results, allowing tracking of the number and criticality of vulnerabilities, their dynamics, and sources.
The system now displays scan times, has an improved reporting system, and multiple group selection functionality in the software code vulnerability management section. The web interface now allows viewing of analysis logs.
The Platform Security Extension Module has enhanced security control capabilities, including support for GOST certificates for proxy servers and the implementation of 11 new security profile checks for the 1C cluster. Authorization has been added when scanning web resources.