Skip to content

2020.01 Release Notes

These are the updates to the Managed Services Platform in the 2020.01 release.

IMPORTANT: Older-version Endpoints to Be Discontinued

In release 2019.10, the deprecation of version 1 and version 2 requests was announced. The current release, 2020.01, supports the older version but as of release 2020.02, an attempt to access the old URL will result in a 410, “Gone”, error code.

In order, each row of the following table shows (1) a description of the endpoint, (2) the endpoint to be discontinued, and (3) the version-3 endpoint that replaces the earlier version:

Get list of scans `GET v1/customer/get_scans` `GET v3/scans`
Schedule a new scan `POST v1/customer/scan/schedule` `POST v3/scans`
Download reports by a scan `GET v1/customer/get_reports` `GET v3/reports`
Get a list of targets `GET v2/customer/targets` `GET v3/targets`
Create a new target `POST v2/customer/targets` `POST v3/targets`
Upload files to be used by a scan `POST v2/file` `POST v3/scans//files`

What’s New

In addition to discontinuing support for deprecated features, these are the changes introduced in this release:

  • Additional custom fields for test life cycle management: By specifying a value for the new custom field Application ID, customers can now associate a test in the Managed Services Portal with a string that identifies the application itself.

    In addition, the new fields Actual Start date and Actual End date show customers the start and end dates of a security testing engagement, in order to help determine and analyze the variances between requested and actual test start and end dates.

  • Enhancement of test searching capability: The Managed Services Portal’s test information searching capabilities have been enhanced to offer more searching capabilities. Customers can now search for the new Application ID field and for test names. Searching for a specific Application ID is also available in the MSP API.

  • Deprecated services: In order to streamline our portfolio of application security testing services, certain services such as Dynamic Application Security Testing Essential (DAST-E) and Static Analysis Security Testing Automated (SAST-A) have been discontinued. In addition, now a Web services security assessment can only be performed as part of a Penetration Test service (PT-E or PT-S).

API additions and changes

Continuing on our path of platform openness and interoperability, we have added new requests, and also added new fields to the version 3 Schedule Scan and List Scans requests:

  • New Get Vulnerabilities and Get Individual Vulnerability requests: The call GET https://secure.cigital.com/api/public/v3/vulnerabilities returns a list of vulnerabilities, which can be filtered by Customer ID, Scan ID, Target ID, Status, or State.
  • New Application ID field for Schedule Scan (POST scans) and Update Scan (PUT scans): In version 3, you can specify an Application ID value when you schedule a scan or update it. An Application ID is a user-defined value to help monitor which tests apply to which code.

  • New date fields for the List Scans (GET scans) request: In addition to the requested start date and the estimated completion date fields, the date fields new to version 3 show when a scan actually began and actually ended.

    The scheduledDate and estimatedCompletionDate fields report the dates initially requested, as in previous releases.

    The new fields startDate and endDate report the actual dates on which the scan started and ended. These new values can help in analyzing the variances between requested and actual test start and end dates.

Release Notes

  • Report format transition

    The formats for XML reports was updated in the 2019.05 release, and the format for CSV (comma-separated) reports was updated in 2019.06. The updated formats are not backward compatible with the old reports.

    To ease the transition to the new reports, the old XML and CSV reports are still published under the “Additional” section, as xml_report (deprecated).xml and csv_report (deprecated).csv. This section will be discontinued in a future release.

Parent topic:2026.5.0 Release Notes