diff --git a/addOns/help/src/main/javahelp/contents/releases/2.16.0.html b/addOns/help/src/main/javahelp/contents/releases/2.16.0.html index 669e143f..0fa60149 100644 --- a/addOns/help/src/main/javahelp/contents/releases/2.16.0.html +++ b/addOns/help/src/main/javahelp/contents/releases/2.16.0.html @@ -9,33 +9,65 @@

Release 2.16.0

-This is a bug fix and enhancement release. -
+This is a bug fix and enhancement release. Look out for new +Blog Posts and Videos +which will cover some of these new features in much more depth in the coming days and weeks. +

+This release was made possible thanks to Checkmarx +who employ 3 of the Core Team to work on ZAP. +

These release notes do not include all of the changes included in add-ons updated since 2.15.0.

Some of the more significant enhancements include:

Update to a Minimum of Java 17

-TODO add details. +ZAP now requires a minimum of Java 17 to run. This allows us to use more modern Java features in the ZAP codebase. -

Menu Items Restructured

+

Detachable Tabs

-The desktop context sensitive menu items have been reordered, and grouped in a more logical way. -This should make it much easier to find the menu item you want, when you want it. +You can now detach any of the ZAP desktop tabs so that they will appear in their own windows. +This means that you can see more than one tab in the group at the same time, and allows you to distribute those windows +across multiple monitors. +Just right click any tab to see the 'detach' option and close the tab window to return it to the main ZAP window. -

Detachable Tabs

+

Standard Policy Definitions

+ +We now have a standard set of active scan policy definitions which we recommend for use in specific situations. +Using these definitions will just enable the most suitable active scan rules. This will speed up your active scans +and will reduce noise. Some of the standard active scan rules are really targetted at pentesters, and these can waste +developers time. +

+For more details see the new Scan Policies add-on. + +

Site Tree Export and Pruning

-TODO add details. +We now have a standard format for representing the Sites Tree in a text file: +Sites Tree Format. +This format uniquely identifies nodes in the Sites tree. +While this might not sound particularly exciting, it does actually allow you to use ZAP to perform "differential" scans, +i.e. only attacking endpoints that have changed. This means that ZAP can be used to perform really fast testing in CI/CD. -

TODO Add More Headline Features

+

Sequence Scanning Updates

-TODO add details. +The Sequence Scanner add-on has received +significant attention. It now runs much more quickly and has full Automation Framework support. +As a result it has been promoted to Beta status. + +

Passive Scanner Moved into an Add-On

+ +The passive scanner has now been moved into an add-on: Passive Scanner. +We have an ongoing plan to move as much functionality out of the core as possible, as this allows us to push out fixes and +enhancements much more quickly. + +

Checkmarx Rebranding

+ +This release is the first full release with the "ZAP by Checkmarx" branding.

Docker Hub Organisation Deprecation

We will not use the softwaresecurityproject org for 2.16.0 or following releases. - +

If you still use this org then please switch to zaproxy.

Dependency Updates