Skip to main content

Published Release Notes

Find release notes for the selected Pega Version and Capability

Browse resolved issues for Platform releases.

This documentation is for non-current versions of Pega Platform. For current release notes, go here.

Java injection vulnerability check

Valid from Pega Version 8.3

Pega Platform™ now notifies you of Java injection vulnerabilities in activities, functions, and stream rules at design time and at run time.  You can customize Pega Platform to check for additional vulnerabilities to ensure that your application runs without problems.

For more information, see Configuring the Java injection check.

Usability improvements to Admin Studio

Valid from Pega Version 8.3

Admin Studio offers a variety of usability enhancements, including:

  • New access groups to differentiate between full and read-only access to Admin Studio
  • A Java class lookup utility
  • A requestor list for the logged-on operator
  • The ability to display system node type in the logs

Also, if your environment uses Predictive Diagnostic Cloud (PDC), the Admin Studio overview page now includes a link to PDC.

For more information, see Managing requestors.

Enabling security policies now requires current password

Valid from Pega Version 7.1.3

As part of Pega’s initiative to protect against malicious attacks, the change password dialog has been enhanced.  When Security Policies have been enabled for your system, new users or those with expired passwords will now be prompted for both their existing password as well as their desired new password.

For more details, review the Designer Studio > System > Settings > Security Policies landing page.

Customize your report headers

Valid from Pega Version 7.1.5

You can customize the way that the header for all of an application's reports will be displayed by overriding the section pyReportEditorHeader. Save a copy of this section into the application's ruleset, then edit it to display the information, images, and layout that you desire. Once changes are saved, each of your application's reports will automatically use the updated header.

Advanced inline report filters

Valid from Pega Version 7.1.5

You can create a custom section and use it to display report filter controls at the top of the report, replacing the default display. The custom section can include basic controls (such as a drop-down menu or text entry field), and the controls can only provide values for the filter functions established in the Edit filters section of the Query tab for the Report Definition.

Access Manager portal

Valid from Pega Version 7.1.5

Changes to the Access Manager simplify the process of modifying the access rights of features for an application. The changes, including creation of an Access Manager portal, make it easier for non-technical users, such as business architects, to set access rights even if they may not have a deep understanding of Pega 7's security model and class inheritance structure.​

BIX performance improvements for CSV output in the Pega Cloud

Valid from Pega Version 7.2.1

BIX performance has been enhanced to download up to 25 GB of data per hour for extracts from a BLOB-less class table for CSV output. This high-throughput option is available only for Pega Cloud instances that use a Postgres database. This option is used automatically for these types of extracts.

When this option is used, the –x and –c command-line options for BIX are not supported, and the checkSum field in the manifest summary is not populated. If you need these options, you can revert to the previous implementation by using a setting in the prconfig.xml file.

For more information, see BIX high-throughput data downloads in the Pega Cloud.

Add custom HTTP response headers in your application

Valid from Pega Version 7.2.1

The Pega 7 Platform supports the addition of custom security HTTP headers that are supported by your browser. For example, you can now create custom X-Frame-Options, X-XSS-Protection, and Strict-Transport-Security headers. These headers improve the security of your application against client-based attacks.

For more information, see Creating a custom application header

Attribute-based access control model

Valid from Pega Version 7.2.1

Attribute-based access control (ABAC) is a security authorization model in which access rights are determined through the use of policies and attributes. A policy decision engine in ABAC evaluates digital policies against available data (attributes) to permit or deny access to the requested resource. For example, you can now determine access rights to cases by examining security attribute values assigned to the user and the case.

For more information, see Attribute-based access control.

New hashing algorithm for Password property types

Valid from Pega Version 7.2.2

To provide extra protection against brute-force attacks, a new hashing algorithm has been added to the Pega 7 Platform. Bcrypt is used as a default hashing algorithm for Password property types. The bcrypt key setup algorithm takes a long time to process. This means that potential attackers would have to spend a substantial amount of time testing every possible key.

For more information, see Using the bcrypt hashing algorithm for Password property types.

We'd prefer it if you saw us at our best.

Pega.com is not optimized for Internet Explorer. For the optimal experience, please use:

Close Deprecation Notice
Contact us