What's New
This release of FortiDevSec includes the following new features.
Feature |
Description |
---|---|
C# .NET scanner |
Added support for C# .Net SAST scanner. |
FortiDAST plugin |
Added FortiDAST plugin support to configure assets/URLs from the FortiDevSec application page or from new application creation page. Note: To perform DAST scan, uncomment the dast configuration in fdevsec.yaml file even when FortiDAST is configured through GUI plugin. |
SECRET scanner enhancement |
Enhanced SECRET scanner to support detection of the following:
|
SCA scanner enhancement |
The following enhancements are made to the SCA scanner:
|
SAST scanner enhancement |
Added a new and improved custom C and C++ scanners to support Non-UTF8 code base. Note: Older C/C++ scan findings are incompatible with this scanner and will no longer be shown. |
GitLab CI/CD integration |
To enhance the permissions of FortiDevSec scanners, ENTRYPOINT is introduced in docker. However, this change has caused compatibility issues with Docker executor. Instead, we will be supporting Shell executor provided by GitLab Runner moving forward. Please refer to the latest user guide, for the updated GitLab CI/CD configuration. |
Note: Scanner docker images must be updated using docker pull <image>
command to the latest version to use the new features.