Highlights
SOAP 1.1 API Support
Aptori now supports SOAP 1.1 APIs, enabling comprehensive security analysis of legacy and standards-based XML services. This enhancement extends Aptori’s application and API security coverage to environments that continue to rely on SOAP for mission-critical integrations, including telecom, financial services, and enterprise platforms.
Release Notes
26.1.4
New Features
- SOAP 1.1 API Support
Aptori now supports SOAP 1.1 APIs, enabling analysis of legacy and standards-based XML services. - New Analyzers
- BUAWeakSessionID to detect weak session IDs.
- XXEInjection to detect XML External Entity injection vulnerabilities.
Enhancements
- Analyzer Improvements
Enhanced the following analyzers for improved detection accuracy:- NoSQL Injection
- InvalidInputType
Bug Fixes
- Invite Display Fix
Resolved a UI issue where invites were not displayed correctly in the Settings section.
Sift 26.1.4 (January 8, 2026)
New Features
- SOAP 1.1 API Target Support
Sift can now target and scan SOAP 1.1 APIs, expanding coverage for legacy services. - XXEInjection Analyzer
Introduced the XXEInjection analyzer to detect XML External Entity injection vulnerabilities in SOAP operations. - BUAWeakSessionID Analyzer
Added a new BUAWeakSessionID analyzer that checks for session ID weaknesses, including predictability and low entropy.
Enhancements
- NoSQL Injection Analyzer
- Added timing-based blind injection techniques to detect more advanced attack scenarios.\
- Reduced false positives through improved response analysis.
.svg){kind=small}
.svg){kind=small}
