In the new release, the Security Suite module has undergone a comprehensive upgrade, including the implementation of a user report system for configuration control and the development of a mechanism for creating custom vulnerability reports. The "Landscape" module interface now features advanced functions for searching and managing RFC connections.
The ABAP code vulnerability control system now features multiple selection of detected vulnerabilities, an improved indication system, added tags for classification, and a window for modifying vulnerability properties. The "Fix Status" tab has been transformed into "Change History" with the ability to add comments.
The Code Security Extension Module has been enriched with new Dockerfile scanning scenarios aimed at detecting potential threats associated with shell script execution, the use of non-standard instructions, and access to variables. An information panel has been implemented to visualize code analysis results, allowing tracking of the number and criticality of vulnerabilities, their dynamics, and sources.
The system now displays scan times, has an improved reporting system, and features multiple group selection functionality in the software code vulnerability management section. The web interface now allows viewing of analysis logs.
The Platform Security Extension Module has received enhanced security control capabilities, including support for GOST certificates for proxy servers and the implementation of 11 new security profile checks for the 1C cluster. Authorization has been introduced when scanning web resources.