New Features and Updates
A new user type,Notification User, is now available for configuring email notifications
for distribution lists and non-application users.
New Features and Updates
Introducing enhanced security visibility: View security violations directly within your libraries. New columns display violation counts, sortable and filterable, in both the main table and side panels, providing a comprehensive risk assessment for efficient prioritization and action.
Introducing new statuses in the Mend AppSec Platform for better tracking and alignment with remediation processes, maintaining backward compatibility with the Legacy SCA application. Added statuses include "In Review" and "Issue Created" for direct libraries. Existing status behaviors remain unchanged, ensuring seamless integration and workflow continuity across platforms.
The Dependencies Findings report, previously available at the application/project level, can now be generated at the organization level.
New Features and Updates
For Code Remediation Suggestions, the exact line numbers are now displayed in addition to the code diff view.
React event-handlers defined in separate files are picked up as entry points when analyzing JavaScript code.
Improved accuracy of the detection of CWE-79: Cross-site Scripting (XSS) for C#.
Resolved Issues
The link from a source code snippet within the Mend AppSec Platform was not working properly when Bitbucket Data Center was used as a repository, which made it impossible to open the corresponding file location within the repository. This has now been corrected.
New Features and Updates
Updated the UI for defining Kubernetes integrations that closely mimics the Registry integrations flow.
Added a Configuration step where users can define a schedule for automatically triggering a scan on the Kubernetes integration.
Additionally, the last scan time for Kubernetes integrations is now shown in the the My Integrations table.
New Features and Updates
Detection of Azure AI Foundry models is now supported.
Introducing support for AI-specific license indices, including Mistral Research, Mistral Non-Production, and Llama4 licenses. Relevant information will be displayed in the AI Models table.
Added a new Behavioral Risk integration - OpenAI Compatible API.
Resolved Issues
(SCA) Hotfix: Fixed an issue where the CLI would incorrectly report an invalid organization token, leading to scan failure.
No notable updates.
New Features and Updates
(Open Beta) The Developer Platform now supports custom configuration, partitioning, and scanning for monorepos. Applicable for both SCA and SAST.
(SCA) Poetry 2.x project scans are now supported.
This enhancement allows users to analyze dependencies defined and locked with Poetry 2.x using the same workflow, at no additional configuration overhead.
Resolved Issues
Fixed a bug where non-admin users could click on the +Add button in the custom work items section of the Developer Platform settings. The button is now disabled for non-admins.
Resolved Issues
Fixed an issue where remediation pull requests were not created on feature branches in certain scenarios.
Resolved Issues
Fixed an issue where remediation pull requests were not created on feature branches in certain scenarios.
Resolved Issues
Updated the org.eclipse.jgit dependency in the scanner and controller to version 6.10.1.202505221210-r to fix CVE-2025-4949.
Resolved Issues
Updated the org.eclipse.jgit dependency in the scanner and controller to version 6.10.1.202505221210-r to fix CVE-2025-4949.