PentestPortal release - October 2022

Much work has been done to fulfill some major wishes of our partners and their customers. In this release, the following has been delivered and released to production.

New Features

• #144 - Now it is possible to generate and send a Penetration Test Waiver from an assessment automatically. A customer contact and a pentest company contact as well a language can be chosen. Then the waiver is generated and sent to Signhost to obtain securely and legally valid a signature of the involved parties.

• #357 - It is now possible to create and update contact persons at partner level. This is an important feature that is also used by pentest waivers but also for sending reports to (other) employees of the partner.

• #358 - Contact persons of the partner are now available upon sending a report.

Minor updates

• #344 - The name of the partner is now shown throughout the application

• #360 - The scope table in the application as well the report have been extended with the 'Comments' property of a target.

Fixes

• #303 - Spaces are no longer disappearing upon typing in text fields

• #307 - Assessment UI button fix

• #310 - ASVS quality check did not complete even in cases where the check was OK

• #331 - Time of assessment generation/rendering was not visible anymore

• #335 - CVSS strings were not stored correctly, resulting in strange things in reports

• #345 - ObjectIDs were shown in CSV exports instead of the value

• #346 - Basic Security Scan file name contained 'invalid date'

• #363 - Report layout contained a bug in the automatic calculation of the text-color