Release of August 12th, 2025
Enhancements
New scan type: Scan By Status
We’re excited to roll out a new type of scan: "Scan by Status", giving you the power to run scans filtered by Entry Point status: New, Changed, Tested, Vulnerable.
No more scanning everything when you don’t have to - target exactly what matters, save time, and get results faster.
Where to Use:
- Create Scan Page - Create status-based scans from the "scans" page that always use the latest Discovery results from the project.
- Project Page - Select specific entry points from the project page; there's no need to pre-filter by status. Choose statuses when you create the scan, and the filtering will be done automatically.
- Retest- Retest past scans with updated statuses. If entry points were selected in the original config, they’ll be reused.
Tip 1: You can select one or multiple statuses when setting up the scan, attach a Repeater, and define a schedule via the Summary and Scheduling tab.
Tip 2: Automate your workflow by scheduling a Discovery scan first, followed by a status-based DAST scan with a short delay. To ensure your DAST scan always uses the latest Entry Points without manual selection, we suggest configuring it from the scan page.
API Support for Scan by Status
Endpoint:
POST /api/v1/scans
Request Body:
"entryPointsStatuses": ["new", "changed", "tested", "vulnerable" ]
New Ignored Issues Tab
We’ve added a dedicated tab for Ignored Issues in the Project details page - making it easier than ever to manage issues you’ve chosen to ignore. This means you can keep your main Issues tab clean and focus only on what matters most - while still keeping ignored items just one click away
What’s new:
Dedicated Tab: A new "Ignored Issues" tab appears next to the Issues tab. You can hide it anytime via the settings.
Quick Actions:
- Setting the issue under the status "Ignore" will automatically move the issue to the dedicated tab.
- Reopen an ignored issue directly from the menu to move it back to the main table.
- Bulk-select multiple issues and reopen/ignore them all in one click.
- Seamless Workflow: If an ignored issue reappears in a scan, it will stay ignored and remain in this tab - no need to re-ignore it again.
Test authentication now shows progress results in real-time
Previously, you had to wait for the authentication test process to complete to see results. Steps now show progress in real-time.
Crawler will correctly find and parse OAS entrypoints
The crawler automatically detects and parses the OpenAPI Specification it encounters. Automatically expands the scan's scope by adding all endpoints defined within the schema, ensuring even "hidden" APIs are tested.
Additional Headers in Authentication Objects
Additional Headers are used to handle complex login scenarios. This feature enables you to inject custom HTTP headers or internal feature flags into every request throughout the entire authentication process. This could be essential for successfully bypassing conditional access controls like WAFs, captchas, or other security measures that could otherwise block the login flow.
Skipped Entrypoints moved to a dedicated tab
To increase the efficiency when reviewing Entrypoints in the discovery details page, we have moved the skipped Entrypoints to a separate tab. You can now see the list of skipped Entrypoints and the skipped reason without having to drill down into the Entrypoint details page.
Updates:
- The Skipped Entrypoints tab is now shown by default. Use the gear settings button on the right to disable it.
- Skipped entrypoints will be deleted after 61 days from Discovery/Scan job is finished.
API Update
Deprecated API Endpoints Have Been Removed
As of August 12th, 2025, the following API changes announced on July 15th are now in effect. The previously deprecated endpoints have been removed and are no longer operational. Please ensure all your applications and integrations are updated to use the current API endpoints to maintain functionality.
- Audit log:
- Update:
/api/v2/me/org/logs - Being deprecated:
- Update:
- Scan PDF:
- Project PDF: