What's New 🚀🚀¶
Introducing GitLab account-wide integration with a convenient "Select All" option for GitLab in ZTP. To enhance your workflow, make sure to remove existing GitLab installations before proceeding.
A Personal Access Token (PAT) with API privileges and access to all organizations is now required for seamless integration.
- The latest update to the SAST tool includes a new deduplication feature for easier management of related findings.
- Zero Touch Provisioning now supports Azure DevOps, offering a streamlined experience for you.
Embrace the future of policy management with the all-new Policy UI version 2. Gain unprecedented control and granularity over policy decisions and actions.
For new policies, experience the power of the new UI (V2) while retaining visibility and editing capabilities for existing policies created with the old UI.
- Generate and send PDF reports for your scan history effortlessly, enhancing your documentation and reporting capabilities.
- The Webhook integration is now visible to all users, providing enhanced transparency and ease of use.
- Improve your Software Composition Analysis (SCA) with enriched SCA data. Discover the new Fixable filter and delve into enhanced findings details for SCA and Container-related issues.
Repository PII Information Indication
Safeguard sensitive data by adding repository attributes indicating the presence of Personally Identifiable Information (PII).
Dive into comprehensive details of findings, now including a dedicated filter and section for PII information, providing better visibility and control.
- Experience Zero Touch Provisioning on multiple platforms, including Github, Bitbucket, and both SaaS and On-Prem versions of GitLab.
- Improve your Ansible security with the new Checkov scanner module, now available to fortify your projects.
- Seamlessly integrate BoostSecurity with Microsoft Teams for outbound notifications, ensuring you easily stay in the loop.
- Boost your productivity by connecting your workflow to the Azure SCM integration.
- Gain greater control over your Software Bill of Materials (SBOM) with the new licenses filter, providing enhanced insights into your projects.
- Take charge of your Findings management with the new support for snoozing findings. Customize snooze duration and provide justifications for more efficient workflow.
- Security Events are findings that may indicate a potential breach. These events require manual review to ensure no malicious activity has occurred.
Single-Commit Pull Requests in CircleCI
- Simplify your development cycle by integrating single-commit pull requests into your CircleCI workflow.
- Elevate your workflow with our GitLab integration. Seamlessly connect BoostSecurity to GitLab for enhanced protection measures, collaboration, and streamlined workflows.
Findings View Enhancements
- Boost your Findings management with bulk suppression capabilities and comprehensive information, including CVE IDs and advisory links.
- Visualize resources in the
Policies > Resourcesview with easy-to-identify SCM icons.
- Enjoy a smooth interface with improved findings view filters that collapse inactive filters by default, ensuring a seamless experience.
- Experience better resource management with the introduction of the attributes filter and attribute display in the
Policies > Resourcessection.
- Additional attributes include repository visibility, language, and origin for customized policies.
- Simplify your access with the GitLab sign-in feature, allowing you to use your GitLab credentials seamlessly.
- Sign in effortlessly using your Bitbucket credentials, streamlining your access to BoostSecurity.
JIRA Auto-Close Feature
- Enhance your JIRA integration with the new auto-close feature, enabling seamless closure of JIRA tickets upon resolution or suppression in code/UI.
- Dive into the world of Azure DevOps with our new extension.
- Empower the analysis of your findings with new EPSS and CVSS score filters, ensuring you focus on what truly matters.
- The insights page provides an all-new graph describing violations and findings per scanner.
- Improve your vulnerability analysis with added visibility into CVE information within your SBOM.
- The improved landing page summarizes important trends in the state of your software's security.
- Integrate BoostSecurity with Bitbucket, unlocking new features, including support for Main and PR flow, PR comments, check failures, and more.
- Introducing a cutting-edge SCA scanner module for Golang, powered by the Nancy scanner.
- Improve your Python project security with our new SCA scanner module powered by the safety scanner.
Insight Violations and Findings Statistics
- Insight violations and findings statistics now exclude suppressed findings and violations.
- Improve your package security with support for the npm-audit scanner.
- Discover enhanced source scanning capabilities with our new Checkov scanner module.
- Empower your source code analysis with our new CodeQL scanner module.
- Improve your Ruby projects with our new SCA scanner module powered by bundler-audit.
- Experience seamless container image analysis with our new scanner module, generating component inventories for container images based on Trivy.
- Streamline your container image security with our new scanner module, providing enhanced container image scanning capabilities.
- Improve your source code analysis with new modules based on Brakeman for Ruby and Gitleaks, ensuring comprehensive security coverage.
- Unlock the potential of Go code security with our new source code scanner powered by Gosec.
- Introducing our SBOM service and scanner module to provide comprehensive inventory and vulnerability reporting for repositories.