ThreadFix 1.2 RC1 Now Available

ThreadFix_72
Last week we pushed up the binary downloads for ThreadFix 1.2RC1. Major changes include:

  • Streamlined user interface and improved user experience
  • Centralized dashboard showing trending, most vulnerable applications and recent scans and user comments
  • Improved reporting capability as well as five new reports
  • Auto-detection of scan types (no more channels!)
  • Various bugfixes and enhancements.

I’m hoping to upload some screencasts before too much longer. In the meantime, here are a couple of screenshots of ThreadFix 1.2RC1:

Threadfix_dashboard
This is the new dashboard screen you land on after logging in. From here you can see vulnerability trending over the past six months, the top 10 most vulnerable applications, recent scan uploads and recent comments applied to vulnerabilities.

Threadfix_nomorechannels
This is the new scan upload screen. You’ll notice that you no longer have to tell ThreadFix what scan type you are uploading. Instead the scan type is auto-detected. No more configuring channels!

Threadfix_reporting
This is the new reporting interface. We reorganized things into different tabs (Trending, Snapshots, Comparisons) and added five new reports (6 and 12 month vulnerability trending, top 10 and 20 most vulnerable applications, top 10 most common vulnerabilities by CWE identifier).

So take a look at ThreadFix 1.2RC1 and let us know your thoughts. Here are some helpful links:

Contact us to talk about ways you can build your software security program on ThreadFix.

–Dan

dan _at_ denimgroup.com

@danielcornell

About Dan Cornell

A globally recognized application security expert, Dan Cornell holds over 15 years of experience architecting, developing and securing web-based software systems. As the Chief Technology Officer and a Principal at Denim Group, Ltd., he leads the technology team to help Fortune 500 companies and government organizations integrate security throughout the development process. He is also the original creator of ThreadFix, Denim Group's industry leading application vulnerability management platform.
More Posts by Dan Cornell

Leave a Reply

Your email address will not be published. Required fields are marked *