Frontline Web Application Scanning (Frontline WAS)

NOTE: Frontline WAS has been renamed to Web Application Scanning (WAS), and its release notes are now bundled with the Fortra VM release notes.

August 2023

Version 6.5.6.0

August 30, 2023

New Features
  • This version of Frontline Web Application Scanner introduces several enhancements for the PCI Self Service feature
  • Initial Support for RNA Upgrade Pipeline to Install Ubuntu 20.04
Enhancements
  • PCI Self Service:
    • Scan Groups now support dynamic auto-creation of WAS scans from VM scans that detect webservers
    • Support file attachments for PCI Disputes
    • Support assignment of PCI disputes to selected PCI analyst
    • System generated WAS Audit policy created for PCI Compliance Scans
    • Enforce PCI workflow parameters in scans created for Scan Groups with applied settings
    • New notifications added to ensure assigned PCI analyst is notified whenever a dispute comment is made
    • New PCI Vulnerabilities CSV Export report
    • Generate PCI Compliance Reports sections as reports and ZIP
Fixes
  • PCI Self Service:
    • Disable ability to dispute on scans older than 90 days
    • Revert to original vuln status when disputes sent back to pending
    • Revert status (Pass or Fail) on expired disputes when rescanned
    • Set dispute expiration to end of quarter
    • Prevent PCI Compliance Report for only WAS scans
    • Correctly note WAS webapps not found during scan in section 4c of PCI Compliance Report
    • PCI Compliance Report Scan Summary part 3b needs to show most recent note
  • Scan Groups:
    • New Scan Group button forwards to link with query information on url
    • Sorting by "Next Period Start" sort does not sort correctly
  • Intermittent failures recrypting scanner credentials
  • Scans attempting to launch on artificial RNAs error out immediately

July 2023

Version 6.5.5.2

July 7, 2023

Enhancements
  • This version of Frontline Web Application Scanner introduces various bug fixes and enhancements to improve overall usability and quality.
  • One-Time Scans: Add OTS configuration for IBM i DDM Service Unauthenticated RCE One-Time Scan.
Fixes
  • One-Time Scans: Updated verbiage for consistency and grammatical correctness.
  • PCI Self -Service: Fix the incorrectly filtered global view of the PCI dispute list.
  • Multi-scan reports potentially error from setting value on incorrect field.

May 2023

Version 6.5.4.1

May 31, 2023

Fixes
  • PCI Compliance Reports marked incorrectly as "Failing"
Version 6.5.4.0

May 31, 2023

New Features
  • WAS Security Seals
  • Linux Agent Support
Enhancements
  • PCI Self Service: Update our PCI ASV number and POC in PCI Compliance Report
  • PCI Self Service: Support PCI reporting on undetected hosts
  • Add "status" support for completed Scan Group runs to Scan Group Template controller / page
Fixes
  • Update package dependency versions
  • Fix max CVSS scores displayed in the Vulnerability Dictionary
  • Miscellaneous filters
  • WAS vuln assessment workflow unavailable on accounts with on the Web Application Scanning subscription
  • Console Error when resetting password

April 2023

Version 6.5.2.5

April 7, 2023

Enhancements
  • Internal improvements for tracking metrics and maintaining stability in Frontline.
Version 6.5.2.4

April 3, 2023

Enhancements
  • Internal improvements for tracking metrics and maintaining stability in Frontline.

June 2022

Version 6.4.4.0

June 11, 2022

New Features
  • Edge Network support increases the scalability and responsiveness of our scanning communication network.
  • Implementation of Business Groups.
  • Reports enhancements with support for scheduled and emailed reports.
  • Added a Global Vulnerability Search for MSP accounts.
Enhancements
  • Business Group Column in active view display (Ticket 18151).
  • Auth Scan Config: Add a "Test Your Config" button (Ticket 20422).
  • Dynamic Labels used as Rules for Business Groups (Ticket 18019).

  • Preserve access to historical scans / reports after Business Group access levels change (Ticket 20046).

  • Report Scheduler (Ticket 17363 and 1456).

  • Vulnerability Age Report (Ticket 17601).

  • Added the ability to save report filters for future use (Ticket 19099 and 1457).

  • Included an Authenticated Creds Test button (Ticket 19473).

  • Enterprise Admin Group able to view other groups dashboard (Ticket 19635).

  • Custom Report Templates - Data Filters (Ticket 20275).

  • Frontline WAS Business Group capability (Ticket 21396).

  • Change how we manage IP restrictions for Business Groups (Ticket 22207).

  • Custom email lists for scanning notifications (Ticket 22633).

  • Added the ability to enable recurring reports (Ticket 23319).

  • Made Scan Description variable visible in UI (Ticket 23827).

  • Fulfilled request for NVD Reporting Functionality (Ticket 24517).

  • Choose what reports automatically generate after a scan (Ticket 24885).

  • Sending reports (Ticket 25073).

  • Added Business Group column to Scanners page (Ticket 18553).

  • Added support for a Microsoft patches only report (Ticket 1831).

  • Auth Scan / Credential PDF Detailed Status Report (Ticket 1094).

  • Add support for emailing reports to users (Ticket 1514).

Fixes
  • Fixed subject for some automated emails to match email content (Ticket 25212).

  • Updating Business Group shows IPs as not associated to Scanner Profile (Ticket 24695).

  • Email headers do not match email content (Ticket 25212 and 25289).

  • Graphs & Trending - "Asset Rating Counts" not displayed in DDI Asset Rating colors (Ticket 658).

  • Asset Rating not viewable with NVD/PCI (Ticket 1072).

  • Executive Summary Report does not respect NVD/PCI options (Ticket 1082).

  • Managed Accounts Reports not available in WAS (Ticket 1320 and 1608).

  • Input fields for AV Window Size and SLA Days are active (Ticket 1323).

  • AV Summary incorrectly processes non-default options (Ticket 1369).

  • CIS CSV Export defaulting to PDF format (Ticket 1486).

  • Several filters have multiple entries in the Vuln Dictionary and Vuln Trend filter sets (Ticket 1502).

  • Clicking on 'Vuln Definition' on scan results causes loading the accounts page removes the active context and takes to the account page (Ticket 1548).

  • Vulnerabilities have multiple unique instances in agent scans (Ticket 1658).

  • Spelling error in DB/OS Tooltip (Ticket 1725).

  • Unable to delete manually added labels to Assets (or Vulnerabilities) (Ticket 1822).

January 2022

Version 6.4.3.2

January 26, 2022

Enhancement
  • Moved additional logs into Loki logging subsystem for Frontline.Cloud.
Fixes
  • Fixed Managed Accounts Users for CSV Export failures in cases related to deleted user roles.
  • Fixed Trial accounts on TryFrontline.Cloud that automatically spin down shortly after being created.
  • Added clarity to Managed Accounts Security GPAs CSV Exports sort order by including owner field in CSV export.
  • Corrected the spelling error in "Approved management access request user" filter.
Version 6.4.3.1

January 19, 2022

Fixes
  • Added multiple fixes to Frontline TAP threat intelligence feed processing for Threat Rank.
  • Frontline.Cloud infrastructure fixes related to expiring certificates.
Version 6.4.3.0

January 12, 2022

New Features
  • Includes a comprehensive suite of management reports targeted specifically for MSPs utilizing Frontline.Cloud.
    • Reports include CSV reports, PDF reports and email alerts that allow MSPs to effectively manage their customer based and understand usage and trends.
Enhancements
  • Added ability to see raw request data for all users.
  • Added delay-time-period before automatically spinning down Trail accounts (Bug 25048).
  • Added support to filter scan results by a list of CVEs (Bug 23333).
  • Changed default RNA Access Request time to be 8 hours.
  • Deprecated Oracle Image Virtual RNA download.
  • Introduced report review workflow into Frontline.Cloud (Bug 20672).
  • Allowed Trial account options to be set during Trial account creation as an option.
  • Removed per-account limits for Virtual RNA appliance tokens.
  • Replaced Digital Defense, Inc with Digital Defense by HelpSystems.
  • Improved support for NVD / PCI rating schemes within Frontline.Cloud (Bug 23934, 25071).
  • Added suite of MSP / Super account management reports (Bug 24793, 20040, 20517).
  • Replaced logo with favicon for themes list.
  • Various infrastructure improvements and security updates.
  • Added WebApp Scan Export API.
Fixes
  • Fixed slow speed on Manage RNAs list page.
  • Corrected broken links to help pages on new account Dashboard (bug 24931).
  • Fixed incorrect body text in RNA Access Approved email.
  • Fixed display of report options in report's options appendix.
  • Updated super account usage metrics that failed in some instances.
  • Trial accounts can be upgraded to General accounts (Bug 25253, 25060).
  • Corrected various bugs for reports including grammar, spelling and style fixes.
  • Fixed Virtual RNAs that could not be downloaded on TryFrontline.Cloud due to trade.gov API changes (Bug 25299).

Back to Digital Defense Products