Skip to main content

Changelog

New product updates & features from the Aikido team.

Back to all posts

Changelog #27 - Customize Autofix PR's, front-end library detection and outbound alerting for Zen + more

May 06, 2025

Features

  • Customize Autofix PR’s - Configure the pull request title, prefix, label, commit message, and summary to adapt Aikido to your needs.

  • Front-End Library Detection: Aikido will now detect and alert on CVE’s within your website. so you get full coverage of your dependencies without the need for repository scanning.

  • Zen Firewall Outbound alerting allows you to get notified when new outbound connections are detected from your applications to stop data leaks and other malicious traffic.

Aikido Intel - Malware & Vulnerability Database

Our research team has discovered over 36 the last two weeks! Including a critical XRP supply chain attack.

Improvements

  • General - Settings/Advanced: allows to ignore entire secret history

  • Autofix - Parent package updates for .NET

  • Scanning improvements - SQL injection for C/C++

  • Scanning improvements - Python rule for unsecured http calls

  • Scanning improvements - Rust rule for insecure jwt

  • Domains & API’s - API Payload Customization: It's now possible to both visualize and edit the sample data on swagger level to increase the reach of Aikido API scanning.

  • Domains & API’s - API fuzzer: we now show request headers as well in the request logs

  • Domains & API’s - Frontend domains; you can now also set the frequency

  • Zen Firewall - Sink stats

  • Zen Firewall - Python 1.1.8

  • Zen Firewall - NodeJS release 1.6.21

  • Zen Firewall - Zen for .NET 1.2.7 & 1.2.8

  • IDE - Adoption stats visible for admins: follow the usage of the IDE within your company

  • IDE - Visual Studio 1.0.2

    • Reporting false positives / negatives

    • Setting to show ignored issues anyway

    • Further integration with git, now respecting .gitignore file

    • Better handling of file rename / delete

    • Log improvements

  • IDE - VSCode: support for SAST scanning on Intel Macs

  • Git - Made inline commenting on Azure DevOps configurable by severity (for Advantive)

  • Git - CI Gitlab (Cloud/Onprem): severity setting for comments

  • Git - Gitlab and Github ****now have improved pull request content to give developers the right context when reviewing.

  • Reports - CSV export of activity log

  • Reports - CSV export now has auto-ignored reasons exported as well

  • API - Add snooze until date, comments ignore/snooze, EPSS value

  • API - Added ability to clone a repo