#20 - Scan packages for malware directly in the CI pipeline

Features

• Aikido Zen released for Java: Aikido’s In-app firewall ‘Zen’ now available for Java applications

• Support for .aikido ignore files: Ignore vulnerabilities by PATH and CVE number with the .aikido file

• SAST Swift support: Swift is now supported by Aikido’s static code scanning

• Generate reports for Auditors: Easily generate reports for compliance auditors from the Aikido reporting page

• CI Scanning includes malware detection: Now scan for malware directly in the Aikido CI (via request only)

• Bitbucket CI: Bitbucket PR checks configurable directly via Aikido UI

Improvements

• DAST: Authentication on the REST API is now possible via oAuthV2 client credentials flow.

• UI/UX:

  • Option to IP lock the Aikido Dashboard (via request only)

  • Bulk activate/deactivate repositories in the repo settings

  • Incident filters on the Aikido dashboard are now stored in URL allowing them to be easily shared

• API:

  • Manage domains with support for ‘create’, ‘remove’, and ‘list’ domains

  • Manage team members with the ability to ‘add’ and ‘remove’ users from the team via the API

• Reporting: Spanish ENS compliance reporting has been added to the Aikido reports page

Vulnerability Database

Our research team has discovered 25 new vulnerabilities over the last two weeks!