Version 5.17 - June 5, 2025

Version 5.17 introduces key upgrades to enhance usability for drill down and malware identification, extend static analysis, and improve performance to reduce time and minimize impact on DevOps and developer workflows. This release focuses on making vulnerability management more seamless, expanding language coverage, and accelerating secure development processes.

🧩 Improved Navigation Experience

We’ve redesigned how users interact with risks and assets across the platform.

  • All Risks is now the single entry point for all findings—navigate between SAST, SCA, Secrets, IaC, and Build risks via tabs without leaving the section

  • New switch buttons allow fast toggling between risks and assets views—move instantly from vulnerabilities to components or projects

This simplified navigation improves visibility, reduces context switching, and enables faster triage and issue resolution.

☠️ Malware Directly Integrated into Products

Malware findings are now visible directly within their respective product sections.

  • Reverse shells flagged under CI/CD

  • Malicious components exposed in SCA

  • Potential malware in application code detected through SAST

  • All malware issues marked with maximum severity and a skull icon for immediate visibility

This ensures critical threats are impossible to overlook and are prioritized as part of normal workflows without extra steps.

🐍 Python Support in SAST

Our proprietary static analysis engine now provides full support for Python.

  • Coverage extended to modern frameworks and coding patterns

  • Analysis tailored to detect the most relevant vulnerabilities in Python projects

With this, teams can confidently secure Python codebases alongside other supported languages, broadening static security coverage

🚀 SAST Engine Performance Boost

We’ve enhanced our SAST engine to deliver 20% faster scan times on average.

  • Reduced overhead during scans without sacrificing depth or accuracy

  • Minimized disruption to CI/CD pipelines and developer workflows

Faster analysis cycles enable quicker feedback and help maintain high development velocity while strengthening security posture.

🤖 AI Auto-Fix for SAST (Beta)

We’re launching beta access to AI-powered auto-fix for SAST.

  • Automatically suggests and applies secure code fixes

  • Reduces the burden on developers and accelerates remediation efforts

This capability helps teams focus on secure delivering of new features with high value and high-quality for the business.

PreviousChangelogNextVersion 5.11 - April 11, 2025

Last updated