Releases/

Product Updates

Stay up to date with the latest improvements, new features, and security enhancements in the Aptori platform. We’re continuously evolving to help you detect, prioritize, and remediate vulnerabilities with speed and precision.

Expanded Vulnerability Mapping Across Security Standards and Attack Taxonomies

Aptori now delivers comprehensive vulnerability mapping across a broad range of industry standards, compliance frameworks, and attack taxonomies—helping security and compliance teams prioritize remediation, accelerate audits, and understand threat context more effectively. With this enhancement, every reported issue is automatically mapped to the most relevant frameworks, offering deeper insight into both technical risk and regulatory impact.

Policy Editor with Rego Support for Custom Security Policies

The new Policy Editor enables users to create, manage, and apply custom security policies using the Rego policy language. These policies extend the power of the Aptori Sift engine by allowing organizations to define rules tailored to their specific security, compliance, or coding standards.

Jira Multi-Server Support with Project Mapping

Aptori now supports integration with multiple Jira servers, enabling organizations to manage cross-team and multi-instance workflows more effectively.

EPSS Version 4 Integration for Dynamic Risk Prioritization

Aptori now integrates  EPSS Version 4 (Exploit Prediction Scoring System) to deliver smarter, data-driven vulnerability prioritization. Each issue is dynamically updated with the latest EPSS scores,

New Issue Status: "Fix Not Available"

Aptori now supports a new issue status called "Fix Not Available". This status is designed for scenarios where a vulnerability or issue has been confirmed, but no viable fix currently exists—such as third-party dependency limitations or architectural constraints.

Sift Version 2 Configuration via UI Wizard

The Aptori UI now supports configuration file downloads using the Sift Version 2 schema

Configurable Data Retention for Scan Results

The new Configurable Data Retention feature gives administrators control over how long Aptori scan results are retained.

Generator Sets for Dynamic Test Data

The new Generator Sets feature allows users to define global, reusable variables that automatically populate matching fields across all tests.

Automated GitLab DAST Export from Aptori Sift CI Scans

Aptori now supports automated export of scan results in the GitLab DAST (Dynamic Application Security Testing)report format,

Improved Search Across Groups, Projects, and Assets

The Search Bar now supports search across all Assets, making it easier to find and manage specific assets in large environments.

Enhanced Python SDK with User, Group, and Report Management Functions

The Python SDK has been expanded to include new functions for managing Users, Groups, and Report generation

New findBy API for Flexible Resource Lookup

new findBy API endpoint has been introduced to simplify searching for Assets, Projects, or Groups

Enhanced Projects Page with Insights and Risk Charts

The Projects page has been redesigned with a streamlined table layout that improves clarity and navigation.

User-Defined Labels for Assets, Projects, and Groups

Users can now create and assign custom labels to Assets, Projects, and Groups.

OSV-Scanner integration is now available in Aptori

Leverage the OSV-Scanner to detect vulnerabilities in your project's dependencies.

Infrastructure as Code (IaC) Scanning

The Infrastructure as Code (IaC) scanner analyzes code that defines and manages IT infrastructure to detect security vulnerabilities, misconfigurations, and compliance issues before the infrastructure is provisioned.

Secure your cloud using AWS vulnerability scanning

AWS vulnerability scanning helps you easily detect and mitigate vulnerabilities within your cloud infrastructure.

Achieve visibility of your AWS infrastructure with automated scans designed to minimize your attack surface and prioritize issues for efficient resolution.

Inspections

A new Inspections feature in Aptori-Sift empowers you to craft test cases tailored to your application's unique business logic, simplifying the process of validating custom policies that address specific aspects of your application.

Real-Time Vulnerability Risk Scoring using EPSS and CVSSv3

The Exploit Prediction Scoring System (EPSS) is an approach to predict the likelihood of a given vulnerability being exploited in the wild. Produced by the Forum of Incident Response and Security Teams (FIRST), EPSS employs a data-driven, probabilistic model that estimates the risk of exploitation within 30 days. This system uses a combination of vulnerability characteristics and real-world data to provide a dynamic score, offering a more nuanced and responsive measure than static vulnerability assessments. 

Aptori Enhanced with Essential Security Scanning Capabilities

Aptori now includes integrations with industry-leading application security scanners for Software Composition Analysis (SCA), Dependency Checks, Secrets Detection, Container Scanning, and Static Application Security Testing,

Eliminating BOLA: Automated Authorization Policy Testing Through Code-Free Descriptions

Aptori's Sift, an API security testing tool, can autonomously generate and execute test cases to confirm the effectiveness of an authorization policy. Sift ensures comprehensive testing of all possible scenarios involving creators, actors, actions, and entities, handling anything from 10 to thousands of test cases, all completed swiftly within seconds.