ASIS 8.6.0 Upgrade Testing Summary of Changes

1. Overview

The ASIS (Application Security Integration Suite) 8.6.0 release introduces a set of functional, performance, and compatibility enhancements aimed at improving security scanning, reporting, and integration capabilities. This document summarizes the testing activities performed during the upgrade from 8.5.x to 8.6.0, highlights the most significant changes, and outlines any observed regressions or required actions.

2. Key Functional Changes

2.1 New Policy Engine

• Reengineered policy rule parser that supports YAMLbased definitions alongside legacy JSON.
• Dynamic rule evaluation allows realtime policy updates without restarting the engine.
• Backwardcompatible migration wizard for existing policy sets.

2.2 Enhanced Scanning Profiles

• Four new predefined profiles: ComplianceLite, CloudNative, ContainerSecure, and IoTBaseline.
• Profile chooser UI now remembers the last used profile per user.
• Ability to clone and customize any profile with granular toggle of rule categories.

2.3 Integrated Secrets Detection

• Builtin secrettype signatures (API keys, tokens, certificates) for code, container images, and IaC files.
• Supports scanning of encrypted archives (ZIP, TAR.GZ) without manual extraction.

2.4 Reporting Enhancements

• New interactive dashboard built with React that offers drilldown charts for risk trends.
• Export options expanded to include CSV, XLSX, and PDF with custom templates.
• Findings can now be tagged and filtered by compliance framework (PCIDSS, HIPAA, NIST, ISO27001).

3. Performance Improvements

Benchmark testing on a 16core VM (32GB RAM) shows the following average improvements over 8.5.2:

• Fullsystem scan time reduced by 23% (from 78min to 60min on a 2TB codebase).
• Incremental scan latency dropped from 12min to 8min.
• Memory footprint decreased by approximately 15% thanks to smarter object pooling.

The performance gains are primarily attributable to the new multithreaded I/O layer and optimized patternmatching algorithms.

4. Compatibility and Migration

4.1 Database Schema Changes

Version 8.6.0 introduces two new tables (policy_audit_log and secret_finding) and adds a column remediation_status to the findings table. The upgrade script upgrade_8.5_to_8.6.sql performs the modifications automatically. It is recommended to back up the database before executing the script.

4.2 API Alterations

• REST endpoint /api/v1/policies now returns YAML when the Accept: application/x-yaml header is present.
• Deprecated /api/v1/scan/start in favor of /api/v1/scans (POST). Old endpoint still works but emits a warning.

4.3 UI Changes

The user interface has been modernized. Existing user settings are migrated, but custom CSS overrides may need review because the base stylesheet has been refactored.

5. Testing Approach

The upgrade testing was performed in three stages:

1. Smoke Validation Confirmed that the installer completed without error on Windows Server 2019, RHEL8, and Ubuntu22.04.
2. Functional Regression Executed a suite of 250 automated UI and API tests covering policy management, scan execution, and report generation.
3. Performance & Load Ran concurrent scans (up to 12) on a simulated 5TB data set using JMeter scripts.

6. Observed Issues & Resolutions

• Issue: Legacy JSON policies containing duplicate keys were rejected.
  Resolution: Added a migration tool that normalizes duplicates before importing.
• Issue: PDF export sometimes omitted long description fields.
  Resolution: Patched the PDF generator library (v2.1.4) available in the 8.6.1 hotfix.
• Issue: Dockerbased scans on Windows hosts failed with permission denied.
  Resolution: Updated the container runtime wrapper to use WindowsServer2022 gMSA support.

7. Recommendations

• Plan a staged rolloutfirst to a nonproduction environment, then to a subset of production sites.
• Run the policy_migration_tool before enabling the new policy engine.
• Schedule a database backup and test the upgrade_8.5_to_8.6.sql script on a clone.
• Review custom UI skins for compatibility with the new CSS framework.
• Enable the new secret detection module only after confirming that falsepositive thresholds are appropriate for your codebase.

8. Conclusion

ASIS 8.6.0 presents a solid step forward in policy flexibility, scanning depth, and reporting clarity while delivering measurable performance gains. The upgrade path is wellsupported, with only a few manageable regressions identified during testing. By following the migration checklist and applying the noted hotfixes, organizations can safely adopt the new version and benefit from its enhanced security capabilities.

For further details, consult the official release notes and the upgrade guide.