Defender 6.1.0 extends URI parameterization with new rule types, improves connector reliability and fingerprinting correctness, and resolves a broad set of issues across logging, cache behavior, IPv6 handling, and sensitive data detection.
New features
URI parameterization enhancements
This release adds several new parameterization capabilities, giving you finer control over how URI segments are identified and normalized.
- Exclusions from system and built-in parameterization rules are now supported (DEF-2061).
- Hostname and IP address parameterization is now supported (DEF-2062).
- Preceding element-based parameterization is now supported (DEF-2063).
- Custom placeholder text for parameterized segments is now supported (DEF-2064).
SDP cache efficacy metrics
The SDP cache now exposes efficacy metrics, providing visibility into cache hit rates and overall performance of the Session Data Plane caching layer (DEF-2075).
Auth URL proxying in Cequence Bridge
Auth URLs can now be proxied through the Cequence Bridge, enabling authentication flows that previously required separate handling outside the bridge (DEF-1383).
Host validation bypass for Sensor Bridge and Cequence Bridge
Sensor Bridge and Cequence Bridge now support the ignore_host_validation option, enabling deployments where strict host validation is not appropriate (DEF-2046).
Fixed issues
Defender 6.1.0
DEF-1913: FPv2 Algorithm 4 (Body Analysis) now correctly generates fingerprint components for POST requests with JSON bodies.
DEF-1938: Filter performance improvement code is re-enabled.
DEF-2049: Console log output now works correctly following a regression in the docker-init supervisord redirect.
DEF-2051: Hierarchical filter method regex lookup and cache design issues are resolved.
DEF-2052: External cq-bridge no longer sends null headers to api-edge.
DEF-2053: Redirect 302 responses for /__cq/auth/finalize no longer cause duplicate requests to upstream.
DEF-2070: SDP cache is no longer enabled when Defender is deployed with SDP_CACHE_ENABLED=FALSE.
DEF-2078: Traffic is now maintained correctly during failover.
DEF-2081: IPv6 addresses are now handled correctly in the nginx configuration.
DEF-2082: getCookieKeys() now returns cookie keys correctly.
DEF-2084: Headers logging is improved.
DEF-2085: The connector now recomputes the fingerprint when the value is "-" or "na".
DEF-2090: IPv6 host headers are no longer truncated at the first colon by the connector.
DEF-2091: QueryParamKeys DFP fingerprint generation is now deterministic for requests with no query parameters.
DEF-2093: Empty URI segments are no longer discovered as custom dictionary words.
DEF-2096: Lookahead pair rules no longer parameterize empty path segments that follow an anchor pattern.
DEF-2097: Wildcard matching in lookahead anchor patterns now works correctly.
DEF-2099: The LOG_ROTATE_SIZE and LOG_ROTATE_MAX_FILES environment variables are now applied to discovery connector and stats log rotation.
DEF-2056: Logging in mitigator.log is improved.
DEF-2080: Header key arguments in the DynFP Lua interface methods are now treated case-insensitively.
DEF-2102: Defender now processes new and enhanced URI parameterization rules received from the Cequence UAP platform.
DEF-2103: Sensor Bridge and Cequence Bridge now process new and enhanced URI parameterization rules received from the Cequence UAP platform.
DEF-2113: The version-updater configuration is updated for the latest UBI image.