Release/

June 2025

Features
Highlights

Automations

Aptori Automations supercharge your security operations by embedding intelligence, context, and actionability directly into your SDLC. As new vulnerabilities are discovered, Aptori automatically triages, enriches, and routes findings—eliminating noise, accelerating remediation, and aligning results with your risk and compliance goals.

With Aptori Automations, your team can focus on what matters most, without being overwhelmed by duplicate findings or manual workflows.

Endpoint Exposure Analyzer

The Endpoint Exposure Analyzer helps secure your applications by proactively identifying exposed management, diagnostic, and debug endpoints that may have been unintentionally left accessible.

Release Notes

2025.6.1

New Features

  • Automations
    Automations     embed intelligence into your SDLC by automatically triaging, enriching, and routing vulnerabilities. This eliminates noise, accelerates remediation, and helps teams align with their risk and compliance goals.
  • EndpointExposure Analyzer
    The EndpointExposure analyzer scans for exposed management, diagnostic, and debug endpoints across popular frameworks, helping developers lock down or remove unintended sensitive paths before deployment.
  • Project Migration API
    A new Project Migration API allows owners to move a project—along with all its assets and history—to a new group.

Enhancements

  • Latest API Spec for Scans
    Scans now use the most recently updated API specification by default, ensuring the latest version is always evaluated.
  • Generator Uploads from Postman
    You can now upload generators via Postman Collections, with support for extracting generators from multiple collection levels.

Bug Fixes

  • Scan Result Comparison Fix
    Fixed an issue where comparing two scan results did not display correctly in the table view.

Sift

  • Added
    • --time-limit CLI Flag
      The new --time-limit flag for sift run overrides the configured run time limit.
    • allFields Analyzer Configuration
      Added allFields configuration to injection analyzers (CmdInjection, NoSqlInjection, SqlInjection, SstInjection) to attempt attacks across every field of a request.
    • EndpointExposure Analyzer
      Introduced the EndpointExposure analyzer, scanning for sensitive, exposed endpoints across frameworks to catch security risks early.
  • Changed
    • Request Log Source Tracking
      Each entry in the requests log now includes a source property indicating whether it was generated by the baseline engine ("sift") or a specific analyzer (by name).
Aptori
Aptori is the AI for the good guys—enabling security teams to reduce risk, accelerate secure releases, and ensure continuous compliance.

Aptori is the leader in autonomous application security, delivering the first deterministic AI to detect and remediate business logic vulnerabilities with precision.

The Aptori AI Security Engineer proactively identifies, prioritizes, and fixes vulnerabilities across code, APIs, applications, and cloud environments. By eliminating security backlogs and freeing engineering capacity, Aptori empowers teams to innovate faster and ship secure software at scale.
PLATFORM
Why AptoriProduct Updates
          
RESOURCES
InsightsGuidesGlossaryWhite PapersDocumentation
SOLUTIONS
AI-Driven AppSecAI Security EngineerAI Code FixApplication Security TestingAPI Security TestingAPI Risk AssessmentPrevent BOLA AttacksPCI DSS 4.0 Compliance
NEWSLETTER
Get monthly news and insights in your inbox