Release on November 18, 2022

  • OTP (one-time password): Bright now provides the possibility to use a Time-Based One-Time Password (TOTP) and Hash-Based One-Time Password (HOTP). OTP is used during the creation of an authentication object for a target that uses a TOTP input field.
  • Editable labels for scans: it is now possible to filter scans by one or multiple labels, which simplifies the interactions with a large number of scans. Also, all the existing labels can be autocompleted in new scan settings, if needed.

Release on November 4, 2022

  • Editable labels for scans: Now all the scans can be marked by attaching fully editable labels, which are displayed in the scan details tab. It is available both in UI and API interfaces and helps users to attach any valuable information to the scan.
  • Prevent duplicate tickets: There are no more duplicating tickets while scanning using any type of available integrations. Also, as a part of this update, ticketing integration settings were moved from the Organization level to the Project level. As a result, adjusting the ticketing setting is now way faster and easier.

Release on October 20, 2022

  • Authentication trigger via browser’s location change patterns: Now the authentication object detects logout trigger via URL location change in the browser. The users just need to type exactly the same URL or its segments that they see in the search bar and do not need to think about whether it was an HTTP request or just manipulation of entries in the history.
  • Change severity of Project Issues: Bright now provides the possibility to manually change the severity of a particular project issue. Therefore, customers can use the app as a “source of truth” for their full collection of project scan findings.

Release on October 5, 2022

  • Authentication trigger via browser’s location change patterns: Now the authentication object detects logout trigger via URL location change in the browser. The users just need to type exactly the same URL or its segments that they see in the search bar and do not need to think about whether it was an HTTP request or just manipulation of entries in the history.
  • Mismatch of results when running a scan with crawler versus HAR fixed.: There is no more mismatch of issue severities when running a scan with crawler versus HAR.
  • Change severity of Project Issues: Bright now provides the possibility to manually change the severity of a particular project issue. Therefore, customers can use the app as a “source of truth” for their full collection of project scan findings.

Release on September 21, 2022

  • Authentication trigger via browser’s PAGE (DOM) change patterns: When the target application is opened with an unauthenticated browser, there may be some elements on the page, which are not visible when the browser is authenticated (for example, the login form). Now the user can pick the element’s selector using the browser’s Development Tools and create a trigger that starts the authentication process if an element is found using this selector. For details, see Creating Authentication.

Release on September 6, 2022

  • Copy scan configuration as REST API (curl) option: Bright now enables users to copy scan settings as REST API cURL command to run a scan. When there are several scans with different settings completed in Bright, the user can copy the scan configuration as REST API (curl) command to start a new scan. Therefore, it is possible to use the same scan settings to automate scan execution or to integrate into CI/CD.

Release on August 24, 2022

Check out the new features and improvements from Bright.

Release on August 10, 2022

Known Issues

Release on July 27, 2022

Check out the new features and improvements from Bright.

Release on July 13, 2022

Check out the new features and improvements from Bright.