Release/

January 2025

Features
Highlights

Automated GitLab DAST Export from Aptori Sift CI Scans

Description:
Aptori now supports automated export of scan results in the GitLab DAST (Dynamic Application Security Testing) report format, enabling direct integration with the GitLab Security Center. As part of your CI pipeline, Aptori Sift runs security tests automatically, and upon completion, it exports the results in the standardized GitLab DAST format. These results are then ingested by GitLab and made available in the GitLab Security Dashboard, giving development and security teams real-time visibility into vulnerabilities without any manual effort.

This integration streamlines DevSecOps workflows by bridging CI-based testing with centralized GitLab reporting, ensuring that security insights are delivered exactly where teams manage their pipelines.

Where to Find It:
Aptori Sift automatically handles the export as part of its CI run. The output follows the GitLab DAST report schema, enabling compatibility with GitLab's security center.

Who Can Use It:
Available to teams using Aptori Sift in their CI/CD pipelines and with GitLab Security Center enabled.

Enhanced Python SDK with User, Group, and Report Management Functions

Description:
The Python SDK has been expanded to include new functions for managing Users, Groups, and Report generation. These enhancements enable developers and automation workflows to interact more comprehensively with the Aptori platform through code. With these additions, teams can now automate user provisioning, manage group configurations, and generate reports programmatically—streamlining operations, improving consistency, and reducing manual overhead.

Where to Find It:
Available in the latest version of the Aptori Python SDK. Documentation and usage examples can be found in the SDK’s official GitHub repository or package documentation.

Who Can Use It:
Developers and administrators with access to the Aptori Python SDK and appropriate API permissions.

Improved Search Across Groups, Projects, and Assets

Description:
Navigation and management have been streamlined with enhanced search capabilities across key areas of the platform. Users can now quickly locate Groups and Projects using the improved search functionality within the navigation drop-down menus. To further enhance usability, the Search Bar now supports search across all Assets, making it easier to find and manage specific assets in large environments.

Where to Find It:

  • Use the navigation bar to search within Group and Project drop-downs
  • Go to the Search Bar section to search across all assets
  • Navigate to Settings → Groups to search by Group name

Who Can Use It:
All users with access to Groups, Projects, and Assets.

Release Notes

2025.1.8

Enhancements

  • Group Deletion Confirmation
    The UI now requires users to confirm group deletion by entering the exact group name, adding an extra layer of safety.

Bug Fixes

  • Authorization Validation Output Fix
    Sift now correctly displays the expected and actual status codes when there's a mismatch during authorization validation.
  • Group Deletion Cleanup Fix
    Fixed an issue where deleting a group did not properly trigger garbage collection, ensuring that all associated projects and assets are now correctly removed.
  • Group Search on User Invite
    Added the ability to search for a group name when inviting a user to Aptori, improving ease of use during onboarding.

2025.1.5

New Features

  • Preselect Group on User Invite
    Added the ability to preselect a group when inviting a new user, simplifying onboarding and access management.

Internal Features

  • Assets Report Fix
    Resolved an issue where the Assets Report was omitting certain entries, ensuring accurate and complete reporting.

SDK Enhancements

  • Python SDK: User Management Functions
    Introduced new functions to support user management via the Python SDK, streamlining integration with Aptori’s user access controls.

Documentation

  • User Management OpenAPI Definition
    Updated the OpenAPI specification for user management operations, including detailed usage examples for easier implementation.
  • Sift Configuration Guide
    Added a description of the authorization validation check to the Sift configuration guide, providing clearer setup instructions.

2025.1.4

New Features

  • Optional Authorization Validation in Sift
    Sift now supports authorization validation to check credentials during run initialization, enhancing security during scans.

Enhancements

  • Simplified Admin UI
    Removed unnecessary settings from the User Profile section in the Admin UI for a cleaner experience.
  • Improved Asset Management UI
    Enhanced the user interface for editing and deleting assets, improving usability and control.
  • Severity Field in GitLab DAST Export
    The gl-dast result export in Sift now includes the Severity field for better integration with GitLab reporting tools.
  • Expanded Report Columns
    Reports now display additional data, including the latest run duration and the number of checks performed in the latest run.

Bug Fixes

  • Group Selector Search Fix
    Fixed the Group selector in the navigation breadcrumb by adding a search capability for quicker selection.

2025.1.3

New Features

  • GitLab DAST Report Output
    Added support for a new Sift result format: "gl-dast", enabling output in the GitLab DAST report format for seamless integration with GitLab security workflows.

2025.1.2

New Features

  • Search for Assets
    A new Search for Assets functionality has been introduced, improving usability by making it easier to locate and manage assets.

Bug Fixes

  • Member Search Fix
    Resolved issues with the Search for Member functionality when adding a new member to a group, ensuring accurate and reliable results.

2025.1.1

New Features

  • System Usage Metrics
    Usage metrics are now displayed in Settings → Organization, providing visibility into system activity and usage levels.
  • Search by Group Name
    Users can now search Groups by name in Settings → Groups, improving ease of navigation.
  • Add User to Group via API
    A new API allows you to add a user to a group using their email address as an identifier.
  • Comprehensive Assets Report
    The Assets Report now includes all assets in the Aptori system, along with summary details of the last scan for each asset.

Enhancements

  • Case-Insensitive Search in Project Dropdown
    The Project dropdown in the Add Asset workflow now supports case-insensitive search.
  • Succinct Quickstart Text
    The text in the Quickstart menu has been revised for clarity and brevity.
  • Persistent Navigation Filter
    The navigation filter now remembers Group and Project selections across sessions, preserving user context on the next login.
  • Improved OpenAPI Handling
    • OpenAPI version 2.0 specifications are now handled more robustly.
    • Processing error messages for OpenAPI specs are now surfaced to users when uploading a new asset.

SDK Enhancements

  • Python SDK: Group Management
    New functions have been added for managing groups via the Python SDK.
  • Python SDK: Report Generation
    Report generation capabilities are now supported in the Python SDK.

Internal Features

  • Navigation Filter Fix on Run Result Page
    Fixed an issue where the navigation filter didn’t correctly select the Project name when landing directly on a Run Result page.

Documentation

  • User and Report APIs
    Updated documentation includes detailed guides for the User Management APIs and Report Generation APIs.

Aptori
Aptori is the AI for the good guys—enabling security teams to reduce risk, accelerate secure releases, and ensure continuous compliance.

Aptori is the leader in autonomous application security, delivering the first deterministic AI to detect and remediate business logic vulnerabilities with precision.

The Aptori AI Security Engineer proactively identifies, prioritizes, and fixes vulnerabilities across code, APIs, applications, and cloud environments. By eliminating security backlogs and freeing engineering capacity, Aptori empowers teams to innovate faster and ship secure software at scale.
PLATFORM
Why AptoriProduct Updates
          
RESOURCES
InsightsGuidesGlossaryWhite PapersDocumentation
SOLUTIONS
AI-Driven AppSecAI Security EngineerAI Code FixApplication Security TestingAPI Security TestingAPI Risk AssessmentPrevent BOLA AttacksPCI DSS 4.0 Compliance
NEWSLETTER
Get monthly news and insights in your inbox