Release Notes 2022.9.0

New features and enhancements in Seeker 2022.9.0

Rapid Scan Static powered by the Sigma engine

Seeker can now run rapid static analysis scans of source code and display the detections on the new dedicated Code Risk dashboard. You can enable or disable this feature for any project. Currently, it is supported only for Node.js applications.



Related Information: View and Explore Code Risk, Configure Rapid Scan Static

Seeker system tray icon for .NET Agents

The new Seeker .NET Agents system tray icon is your entry point to the easy management of .NET Core and .NET Framework Agents deployed on a Windows system. From the icon's contextual menu, you can configure the Agents running on that system and troubleshoot them by viewing the Agent log and generating diagnostic dumps. You can also monitor the status of Seeker .NET Agents service, as well as start, restart, or stop the service.

This capability is automatically available after running the .NET Agents installer.

Related Information: Manage .NET Agents

API

A new scope Manage test runs is now available for API access tokens.

Agents

The Seeker Agents have been enhanced with the following features:

Technologies Features
Java Support for Java 19.
.NET Core, .NET Framework In addition to mapping an application running in an IIS application pool to a Seeker project by the application's virtualPath, you can now map it by its physicalPath.

Related Information: Map IIS applications to Seeker projects
Java, .NET Core, .NET Framework, Node.js The Agents can now perform cross-project tracking of unsafe data originating from GraphQL queries.
.NET Core, Node.js GraphQL and OpenAPI endpoints are now displayed in the Endpoint Risk dashboard with more accuracy.
Node.js Support for the popular Apollo GraphQL server library.
Go Support for Go 1.19.
PHP
  • Resumed the previously discontinued support for legacy PHP 7.2.x versions. As of 2022.9.0, you can test applications written in these versions with the latest PHP Agent.
  • You can now use the new seeker.home_dir property to define your Seeker home directory in the seeker.ini file.

    Related Information: Basic Location Settings
Python Support for the Flask 2.2.x framework.

Checkers

The following vulnerability checkers have been added, enhanced, or changed:

Technologies Name New/Enhanced/Changed
Python

Log Injection

Log Injection (Second-Order)

 New
Python

Server-Side Code Injection

Server-Side Code Injection (Second-Order)

New
Python

Sensitive Information Saved Unencrypted

Sensitive Information Saved Unencrypted (Second-Order)

 Enhanced: the checkers now detect sensitive information that is saved to logs.