Release Notes 2024.2.0
New features and enhancements in Seeker 2024.2.0.
Usability improvements
- You can now display vulnerabilities and other data in project dashboards in
different predefined views. A view is a fixed set of vulnerability filter
selections. For example, you might want to define a view including only
vulnerabilities of Critical and High severity, tagged
as Seeker-Verified.
Related Information: Configure Vulnerability Views
- From the Projects page, you can now export a list of projects in the currently selected scope along with their metrics in the CSV, JSON, and XML formats.
- The list of currently connected Agents on the Agents page now displays custom tags assigned to each Agent.
- It is now possible to include the @ sign in group names.
API
The GET api/{ver}/outboundendpoints and GET api/{ver}/vulnerabilities APIs have been enhanced by an ability to paginate results using the new offset and limit parameters.
Note: The maxResults parameter is deprecated
as of this release. Use the limit parameter instead.
Agents
The Seeker Agents have been enhanced with the following features:
| Technologies | Features |
|---|---|
| Java | Endpoints containing Spring Expression Language (SpEL)
expressions are now displayed in project dashboards exactly as they
appear in source code. For example, an endpoint
/:spel_expression/orders will now appear as
/${app.version:1.0}/orders. |
| .NET Core | The .NET Core Agent now supports .NET 8 applications. |
| Go | The Go Agent now supports applications running on MacOS on ARM hosts. |
Checkers
The following vulnerability checkers have been added, enhanced, or changed:
| Technologies | Name | New/Enhanced/Changed |
|---|---|---|
| Node.js | Prototype Pollution Prototype Pollution (Second-Order) |
Enhanced by an ability to configure sanitizers and validations for these checkers using the PROTOTYPE sanitizer type. |
Documentation
To improve usability, the Configuring .NET Agents topic has been reorganized into a chapter with the following focused topics: