Implemented

🤖 PHP security scanning: Our SAST tool has leveled up! It can now scan codebases containing PHP to identify vulnerabilities specific to this language. This enhancement expands our testing scope to help you deploy even more secure applications.

🔬 Docker image scanning and SBOM: Now, our automated tool can scan your Docker images, which you can import from any registry that supports username and password authentication with no specific registry restrictions. You only need to provide the registry URL and credentials. Then, you can see in the Supply chain section of our platform a detailed listing (SBOM) of each package contained in the Docker image, including security issues associated with them.

⛓️ Supply chain section: You can see your application's affected and unaffected third-party components and dependencies in this section. We separated these elements and security issues from the rest of the findings because some may pose a risk to your company while others may not, making it easier to prioritize them for treatment. Nowadays, you can view such components and dependencies as a complete list or filter them by repository under assessment.

Upcoming

🧩 Enhanced IntelliJ plugin: We recently implemented our IntelliJ IDEA extension and are improving some of its features. Currently, we are establishing links so your development team can go from the IDE to the platform to see specific findings or receive descriptions of vulnerabilities and suggestions for fixing them in IntelliJ.

⏩ From CVSS 3.1 to CVSS 4.0: Mark your calendars! From April 4, 2025, we'll only use CVSS v4.0 for all vulnerability reports. This change implies that the toggle switch for CVSS v3.1 will be removed, and all our platform's resources, including the CI Agent for breaking the build, will work merely according to the new CVSS version. The final step of this transition will be completed on October 4, 2025, when the API is fully updated.

✨Have 10-15 minutes to spare?✨

Share your opinions on our AppSec solution on Gartner Peer Insights and earn a $25 gift card! Your feedback helps others make informed decisions and shapes the future of application security. Just follow this link!