Articles in this section

DeepFactor Release Notes Follow

Avatar
DeepFactor Support
  • Updated

 

DeepFactor 1.4

Improvements and Fixes

  • ZAP Scan Improvements
    • Upgraded ZAP version from 2.9 to 2.10
    • Optimized ZAP plugin for HTTP request and response evidence collection and reporting
    • Added OWASP alert web confidence report  
    • Added WebApp scanning using Swagger (yaml or json) document 
  • Insights
    • Added reporting of CVE alerts at occurrence level
    • Added stack trace alerting for Alpine applications
    • Added DF CLI help page
  • Miscellaneous Fixes
    • Added ability to add comments to alert at each occurrence level
    • Added API to create Jira tickets at alert occurrence level
    • Added Web Scan repo in diagnostics logs
    • Added API to compare alerts difference between App versions
  • Known Limitations
    • Stack traces are currently not reported for Alpine applications

DeepFactor 1.3.1

Improvements and Fixes

  • Insights
    • Fixed Alert count mismatch in risk scenarios tile.
    • Disabled ZAP plugin to report HTTP request and response to address high memory consumption when scanning some web applications.

  • Instrumentation

    • Added Kubernetes admission webhook for DF instrumentation of applications
    • Added parsing json blob as argument to application run using dfctl run.
      dfctl run now requires absolute path of the command.

  • Integrations

    • Published Orb for integrating DF into CircleCI pipeline.  
    • Added OpenAPI document publishing on portal for downloads

      Note: DeepFactor does not publish OVAs and AMIs for patch releases. Customers can upgrade to 1.3.1 using their portal instances.


DeepFactor 1.3

The DeepFactor 1.3 release contains the following improvements and fixes. 

Improvements and Fixes

  • ZAP scan improvements
    • Reporting HTTP request and response as evidence in ZAP alerts.
    • Added ability for users to exclude URI params in scan config.
    • Added ability for users to stop running ZAP scan and collect results.
  • Insights
    • Reporting of stack traces in alerts
    • Improved alert workflow
    • Alerts and Alert policy regrouping
    • Alert acknowledgement at occurrence level.
  • Integrations
    • Okta integration for standard edition
    • Published REST APIs for third party integration
    • Published Orb for integrating DF into CircleCI pipeline.  
  • Miscellaneous fixes
    • DF_API_TOKEN has been renamed to DF_RUN_TOKEN. DF runtime will support DF_API_TOKEN for one more release before deprecating it.
    • Fixed install-dfctl.sh scripts to not upgrade all packages on the host.
    • Added support for “Scan Strength Config” while launching ZAP scans via API
    • Added ability for admins to change password for other users. This is also supported via API
    • Reporting of name of the process as evidence for alerts on loading of library that are not part of any package.
    • Added alert page summary info at top.
    • Email verification is mandated for users signing up for accounts on DF resolute server.
    • Fixed forgot password flow on resolute server.

Limitations

  • Swagger document not available as yet. This should be published soon.

DeepFactor 1.2

The DeepFactor 1.2 release contains the following improvements and fixes. 

Improvements and Fixes

  • Instrumentation
    • Added new application on-boarding flow.
    • Transitioned from build-time instrumentation to runtime instrumentation by adding support for
      dfctl run instead of dfctl create and manifest-based sealed application launch.
  • ZAP Scan Improvements
    • Improved evidence in ZAP scans.
    • Increased handling of HTTP response by 3XX.
    • Enhanced reporting scan progress.
    • Added active scan policy support.
    • Added more evidence for SQL injection alerts.
  • Insights
    • Added stack trace alert reporting.
    • Fixed reporting CVEs for Alpine applications.
  • Installation and On-boarding
    • Users can now change data TTL from admin settings.
    • Added one-command installation of dfctl.
    • portalctl now supports restart verb to restart portal services.
  • Integrations
    • Improved Slack Notifications.
    • Added API support for third-party integrations (Work in Progress).
  • General Fixes
    • Fixed error in reporting CVEs for some Ubuntu versions.
    • Fixed ZAP Scan proxy fills out disk.

Limitations

  • Stack trace for Alpine applications are not reported.
  • DeepFactor instrumented Chrome application running NodeJS has undefined behavior.
  • Jenkins plugin needs upgrade after changes in supported API.
  • Launching of DF instrumented postgres service on CentOS 7 fails.
  • MongoDB on CentOS7 VM does not send telemetry to the backend.
  • DeepFactor instrumented service telemetry reported in default runtime environment.
  • DeepFactor supports registering only one component per container image (more then one component executing inside one container image is not allowed).

DeepFactor 1.1

The DeepFactor 1.1 release contains the following new features and improvements. The build version is 1.1-482.

New Features

  • Added User Flow in the portal UI replacing Invite User to improve the user onboarding workflow.
  • Added alert reporting by sub-category.
  • Added support to revoke tokens using portalctl.
  • Added ZAP Scan performance improvements for web servers that do not set content-length or transfer encoding. (Requests that depended on connection close to terminate content previously took 60 seconds to time out.)
  • Added more evidence for ZAP Scan Alerts.
  • Added Jenkins CI Plugin for Deepfactor container build instrumentation.

Improvements and Fixes

  • Fixed issues with Dependency Check for applications using JAVA as well as NodeJS components.
  • Fixed issues in telemetry reporting for DF instrumented Redis service on CentOS7 platform.
  • Fixed issues in telemetry reporting for DF instrumented Httpd service on CentOS7 platform.
  • Fixed user token expiration issue.

Limitations

  • Launching the Deepfactor instrumented postgres service on CentOS 7 fails with the following error:
Jun 09 08:22:49 localhost.localdomain postgresql-check-db-dir[22892] : sh: rpm: command not found
Jun 09 08:22:49 localhost.localdomain pg_ctl[22907]: sh: rpm: command not found
  • WebApp Scan may launch against old/dead instances.
  • Application instrumented using dfctl create, when launched, extracts an instance of libdf under /tmp. This may cause file system to fill up over a period of time.
  • DeepFactor Instrumented HAProxy Service may experience crashes.
  • DeepFactor supports registering only one component per container image. (The service cannot have more then one component executing inside one container image.)
  • DeepFactor instrumented service telemetry gets reported in default runtime environment.
  • MongoDB on CentOS7 VM does not send telemetry to the backend.

Related articles

Comments

0 comments

Article is closed for comments.