Version 4.14

14 August 2020

[FEATURE] Check selection: Group/ subgroup can now be collapsed

[FEATURE] Check: New AU-GL-0004-01: Information disclosure via login errors must be prohibited

[FEATURE] Check: New CF-DT-0001-01: ABAP server Directory Traversal protection

[FEATURE] Check: New CF-IC-0022-03: SMTP server header sending WEB AS version

[FEATURE] Check: New CF-KE-0004-01: Parameter ixml/dtd_restriction must prevent xml attacks

[FEATURE] Check: New CF-RF-0007-01: Parameter rfc/selftrust must not be active

[FEATURE] Check: New CF-US-0002-01: SAP NWBC scripting must be disabled

[FEATURE] Check: New CF-US-0003-01: SAP GUI scripting recording must be disabled

[FEATURE] Check: New CF-US-0004-01: SAP GUI scripting notification must be enabled

[FEATURE] Check: New CF-US-0005-01: SAP GUI scripting must be enabled on a per user basis

[FEATURE] Check: New CF-US-0006-01: SAP GUI scripting must be set to READ-ONLY

[FEATURE] Check: New CO-LP-0053-01: List dialog users that have not logged on for a long time

[FEATURE] Check: New EN-SS-0008-02: Allowed SSL clientside ciphersuites

[FEATURE] Check: New IN-SC-0008-01: SCC4: Nr of times PRD system was opened in specified period

[FEATURE] Check: New CO-PP-0038-01: Java pw: Minimum password length

[FEATURE] Check: New CO-PP-0039-01: Java pw: Username cannot be part of password

[FEATURE] Check: New CO-PP-0040-01: Java pw: Old password allowed in new password

[FEATURE] Check: New CO-PP-0041-01: Java pw: Alpha numeric chars in password

[FEATURE] Check: New CO-PP-0042-01: Java pw: Mixed case chars in password

[FEATURE] Check: New CO-PP-0043-01: Java pw: Special chars in password

[FEATURE] Check: New security notes checks

[FIX] Application: The application buttons are rearranged, especially the back button

[FIX] Authorization: The Protect4S authorization roles have been improved