Skip to main content

March

· 3 min read

NG Production Release Update

We're excited to announce the latest updates in this release!

Add Users to Tenant

  • Administrators can view existing users within the tenant and invite new users. Update and delete functionalities are planned for future releases.

Reload Specification

  • Users can now reload the latest OpenAPI Specification (OAS) to automatically discover new endpoints or updated schemas.

Bulk Risk Acceptance

  • Users can now accept risks for multiple vulnerabilities by updating them in the Threat Detections tab.

Self-Service Endpoint Configuration

  • Add new headers and query parameters.
  • Update values for existing parameters.
  • Update sensitivity of each individual attribute in an endpoint.
  • Update Authentication requirement for individual endpoints
  • Specify an example request body to hydrate parameters for a successful interaction with the endpoint.
  • This self-service configuration gives customers more flexibility and control over their endpoints.

Dry Run Workflow Decoupling

  • This feature helps customers understand how well each endpoint is prepared for security coverage and provides a path for the customers to take actions in the product to progressively improve readiness.Dry runs now happen before scans, speeding up value delivery. When onboarding an application, we now check endpoint readiness and sensitivity. Readiness status appear in the Endpoints View, and upcoming releases will let customers configure endpoints for progressive coverage for deeper category tests.

Global Hosted Agents

  • Tenant Admins now have the ability to share Hosted Agents across all users in the tenant. This centralizes the creation and management of agents, enabling the scanning of the entire tenant application footprint.

Delete Hosted Agents

  • As a follow-up to February’s Hosted Agent release, we’ve introduced the ability to delete existing hosted agents. Only the creators of agents can perform this action, and only deactivated agents can be deleted to prevent unintended impacts on application scans.

SSO Improvements

  • We’ve made several improvements to the self-service SSO setup:
    • Previously, customers could only set up SSO once and needed the CS team for any subsequent changes. With this update, customers can now reconfigure SSO settings independently.
    • We’ve also adjusted the configurations to support a wider range of IDP versions.

Operational Improvements

  • We continue to enhance the backend to support more efficient operations. we focused on:
    • Improved throughput and capacity utilization during inter-service communication.
    • Fixed an RBAC bug that incorrectly marked inaccessible endpoints as vulnerable.
    • Resolved BOLA issues that prevented scans in other categories if BOLA was in scope.
    • Made data transfer improvements in the Scan Orchestrator, enabling scans for larger applications.