Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Release Notes

Invicti Application Security Platform

RSS Feed

14 Aug 2025

Copy Link
Discover new features in Invicti Application Security Platform including scan comparisons, new reports in Application dashboards, vulnerability assignments.

New features

  • Added the ability to restrict HTTP methods for a DAST scans on a Target
  • Added “Export to file” bulk action in Projects
  • Added “Sync vulnerabilities” bulk action in Projects
  • Added “Last updated” per SAST source in Projects
  • Added “Export to file” action in Projects
  • Added “Sync vulnerabilities” action in Projects
  • Added handling of custom namespaces in specifications for WSDL imports
  • Added NTA Standalone mode
  • Added details about an API operation to API catalog
  • Added “Scan comparison” feature to Past scans tab
  • Added a scan message when AI-aided login is used
  • Implemented automation to push vulnerabilities into issue trackers every time they are found, creating new or updating existing work items if needed
  • Added vulnerability assignment to a specific user
  • Implemented standard and compliance reports for Application consolidating all SAST asset vulnerabilities for a comprehensive application security overview
  • Added “Most vulnerable technologies” list to the Application dashboard
  • Added filtering by application, asset, and environment to the Vulnerabilities page
  • Added information on the status and version of the installed NTA to the API sources section in Discovery Configuration

30 Jul 2025

Copy Link
Discover new features in Invicti Application Security Platform including enhanced DAST scanner with AI support and LLM vulnerability detection.

New features

  • Enhanced DAST scanner with improved performance and vulnerability detection capabilities
  • Fully redesigned user interface and experience
  • New Applications feature allows to group related targets under logical application structures
  • AI-powered web form auto-completion for DAST scans (Read more)
  • AI-powered authentication handling for DAST scans
  • Dynamic targets for integration into CI/CD pipelines (Read more)
  • Detection of IDOR (Insecure Direct Object Reference) and BOLA (Broken Object Level Authorization) vulnerabilities in APIs
  • Improved API analysis through stateful scanning capabilities
  • Concurrent scan support for internal scanning agents
  • Docker-based internal scanning agents
  • Simplified Packages
  • LLM vulnerability detection including:
    • LLM Command Injection
    • LLM-enabled Server-side Request Forgery (SSRF)
    • LLM Insecure Output Handling
    • Tool Usage Exposure
    • Prompt Injection
    • System Prompt Leakage
    • LLM Fingerprinting (Read more)