Add custom HTTP response headers in your application
Valid from Pega Version 7.2.1
The Pega 7 Platform supports the addition of custom security HTTP headers that are supported by your browser. For example, you can now create custom X-Frame-Options, X-XSS-Protection, and Strict-Transport-Security headers. These headers improve the security of your application against client-based attacks.
For more information, see Creating a custom application header.
Attribute-based access control model
Valid from Pega Version 7.2.1
Attribute-based access control (ABAC) is a security authorization model in which access rights are determined through the use of policies and attributes. A policy decision engine in ABAC evaluates digital policies against available data (attributes) to permit or deny access to the requested resource. For example, you can now determine access rights to cases by examining security attribute values assigned to the user and the case.
For more information, see Attribute-based access control.
Default value of the threadpoolsize agent affects batch indexing
Valid from Pega Version 8.5.2
After you patch Pega Platform to version 8.5.2 or higher, the system changes the default value of the threadpoolsize agent, which controls the number of concurrent activities (threads) in the system, from 5 to 15. Batch indexing in Pega Platform™ does not require all 15 threads, so you can change the agent value to increase system performance by managing the indexing/distributed/batch/numworkers dynamic system setting.
If your deployment does not support that setting, and batch indexing does not use Queue Processors, the system uses the threadpoolsize value for batch indexing instead.
For more information, see Editing a dynamic system setting.