Release/

November 2025

Features
Highlights

Open Source Vulnerability Tracking Service

Aptori has introduced a new Open Source Vulnerability Tracking Service, a background service designed to continuously track and contextualize vulnerabilities across open-source software ecosystems. The service operates as a dedicated component within the Aptori Platform, ensuring customers always have access to the most current vulnerability intelligence.

Release Notes

25.11.3

New Features

  • Open Source Vulnerability Tracking Service
    Introduced a new background service that tracks the latest vulnerabilities in open-source software.
    • Runs as a separate pod within the Aptori Platform.
    • Requires 10 GiB of ephemeral storage.
    • The aptori-platform Helm chart automatically provisions this requirement. Ensure your Kubernetes cluster supports pods with this storage capacity.
  • Tool Settings UI for Org Owners
    Organization Owners can now configure tool settings via a new Tool Settings tab in the Platform UI.
    • This includes support for tools like Opengrep and configuration of the SMART License.
  • Pipeline Settings Tab
    A new Pipeline Settings tab has been added to the UI, enabling configuration of gating policies for automation and CI/CD integration.
  • Automatic Dependency File Generation
    The platform now automatically generates a dependency requirements file with updated versions, supporting more secure and reproducible builds.

Enhancements

  • Password Complexity Update
    When Basic Authentication is enabled, password requirements have been updated to enforce stricter complexity.
  • Improved PDF Reports
    PDF reports now include:
    • Hyperlinks for easier navigation
    • Display of Risk levels instead of severity for better alignment with platform-wide risk metrics
  • Runs Report Enhancements
    • Added issue-by-risk counts to the Runs report
    • The exported CSV now includes new columns to reflect risk-based breakdowns
  • Run Counters by Risk Level
    Issue counters in run results now reflect counts by risk level, replacing the previous severity-based counts.

Sift 25.11.3

New Features

  • Pipeline Decision Exit Behavior
    Sift now exits with a non-zero exit code when the Pipeline Decision Policy in the Platform returns a failure.
    • Errors while reading the decision are logged but do not cause a non-zero exit.
    • Use the CLI flag --ignore-pipeline-decision to override this behavior.
  • Schema Defaults in OpenAPI Definitions
    Sift can now use default values defined in OpenAPI schemas during test generation.
    • This feature is opt-in using the CLI flag --use-schema-defaults.

25.11.1

Aptori 25.11.1

Bug Fixes

  • When uploading an API definition, we have improved limits in the Semantic Model construction to reduce timeouts and CPU usage for some API definitions with complex type schemas.

Sift 25.11.1

Bug Fixes

  • Add limits to Semantic Model construction to reduce CPU usage for some API definitions with complex type schemas.

Aptori
Aptori is the AI for the good guys—enabling security teams to reduce risk, accelerate secure releases, and ensure continuous compliance.

Aptori is the leader in autonomous application security, delivering the first deterministic AI to detect and remediate business logic vulnerabilities with precision.

The Aptori AI Security Engineer proactively identifies, prioritizes, and fixes vulnerabilities across code, APIs, applications, and cloud environments. By eliminating security backlogs and freeing engineering capacity, Aptori empowers teams to innovate faster and ship secure software at scale.
PLATFORM
Why AptoriProduct Updates
          
RESOURCES
InsightsGuidesGlossaryWhite PapersDocumentation
SOLUTIONS
AI-Driven AppSecAI Security EngineerAI Code FixApplication Security TestingAPI Security TestingAPI Risk AssessmentPrevent BOLA AttacksPCI DSS 4.0 Compliance
NEWSLETTER
Get monthly news and insights in your inbox