Improvements/Bug Fixes for GitHub Integration
We have been working to improve the experience using DigitSec to scan GitHub repositories. We have reduced the number of scans that we run on a repository to only the target branch. We’ve also improved the way issues are communicated to GitHub so that there is greater alignment between the findings presented in our system and the findings that are presented in the SARIF file.
GitHub does have certain limitations to the number of issues they can accommodate and we have noted that in our documentation. Also, GitHub deems some vulnerabilities as duplicates thus causing a slight variance in the top-line number of vulnerabilities reported.
We have made some updates to our Algorithm that will improve recognition of certain bugs such as SOQL injection vulnerabilities.
User Permission Editing
We have resolved a bug that prevented certain users that had been assigned a particular permission from being edited.
We have updated our system to properly handle authentication and redirection of inbound links.
Modifying Scan Settings on Multiple Workspaces
For users that utilized the Switch Workspace pull-down menu to quickly make changes to Scan Settings, a bug with the UI not properly reflecting new changes even though the system recorded them has been fixed.
Vulnerability Bookmark interfering with Working Issues Export
In our Spring23 Release, we introduced a new feature that would visually highlight the previously viewed Vulnerability when moving from a Vulnerability Detail screen to a Vulnerability Index screen. This introduced an issue where there was not a way to “de-select” the highlighted vulnerability which also impacted the “Working Issues Export.”
We have temporarily rolled back this feature in this version to accommodate a more substantive resolution to this issue.
Improved Formatting on View Report
We are making improvements to the View Report functionality to resolve some of the extraneous spacing between some of the report elements. We’re also fixing page-wrapping issues on some of the long file paths. This is in advance of additional working this summer to deploy “lighter weight” reports and to allow for more customized reporting.
We are pleased and excited that our customers have been sharing a great deal of feedback for how DigitSec can integrate into their workflows and security reporting. Our feature backlog continues to grow!
We’d like to preview a couple of features that are in active development that we hope to move through the pipeline quickly.
Schedule a Scan
Many customers who rely on the web app to manage their usage of DigitSec have asked for the ability to schedule scans to kick off automatically. We expect to roll this out in the coming months.
We are working on a system that will integrate system logs with usage logs to allow customers to quickly review how our system is running under the hood and to see historical information on configuration changes and system utilization.
If you have any questions, please do not hesitate to contact us. We can provide answers and guidance on how these features can enhance your use of DigitSec and Salesforce security.