Skip to main content

v2.2.0 — 20 Feb 2026

Added

  • Secret scanning integration using Gitleaks for detecting exposed credentials.

  • CSPM reporting for cloud security posture analysis.

  • Asset inventory improvements showing:

    • Environment classification
    • Exposed resources
    • Vulnerability findings per asset.

  • Custom report branding with organization details (useful for MSPs).

  • Web application security reports integrated into reporting system.

  • Advanced ZAP authentication support:

    • Browser-based login
    • JSON authentication
    • Form-based authentication.

  • Custom login header injection for authenticated scans.

  • ZAP performance optimization through memory tuning.

Changed

  • Optimized CWE lookup by moving external HTTP requests to a local cwe.json dataset.
  • Improved scan engine stability and processing efficiency.

Fixed

  • Fixed scope-related issues in scans.
  • Fixed incorrect CWE counts and vulnerability totals in executive reports.