Changelog
Follow new updates and improvements to Astra Security.
May 13th, 2025
New
Improved
Fixed
This update introduces a powerful new reporting feature, key usability enhancements, and important bug fixes to streamline your scanning and vulnerability management workflows.
New Feature:
JSON Vulnerability Reports – You can now export vulnerabilities as JSON reports for one or more scans, making it easier to integrate data with internal tools or security platforms. P
Navigate to Reports > Select Vulnerability Summary Report Type (previously CSV report type) > Select JSON Report > Select your scans, and hit Export.
This new report format provides a machine-readable structure, enabling automation and data import into your existing security systems.
Read more about different reports type you can generate from OrbitX platform here.
Improvements:
Streamlined Vulnerabilities Page – The Vulnerabilities page has been revamped for a smoother experience, faster load times, and improved filtering and pagination. You can now customize your view using the Manage Views option to display only the columns you need
Enhanced Scan Visibility – The Scan in Progress widget now includes ETA and column headers, providing a clearer view of ongoing scans and their expected completion time.
Quick JIRA Access – Manage vulnerability tickets effortlessly with a new JIRA button that lets you open or create JIRA tickets directly from the vulnerability table (visible only for users with JIRA integration enabled).
Role Update Confirmation – After updating member roles, a confirmation toast now appears, ensuring you’re notified of the successful change.
Target Type Filtering in Reports – You can now sort and view reports based on asset type using the new Target Type filter, making it easier to locate specific scan data.
Bug Fixes:
Streamlined Cloud Target Setup – The programmatic access step has been removed for Digital Ocean and other cloud targets where it is not applicable, reducing unnecessary steps.
Accurate Vulnerability States After Rescan – Fixed an issue where vulnerabilities appeared in Under Review state after a rescan completion. Now, vulnerability states change to Solved or other states, accurately across scans.
Fixed Automated Rescan Trigger – Starting a manual rescan no longer incorrectly triggers automated rescans for other targets, preventing unintended scans.
Save Button Issue– The Save button now activates correctly after adding cloud target credentials, ensuring seamless workflow continuity.
Scan Filter Bug Fix – Resolved an issue where the scan filter wasn’t displaying scans for selected targets on the vulnerabilities page, restoring expected filter functionality.
Under Review Exclusion in Automated Rescans – Automated rescans now exclude vulnerabilities marked as Under Review, maintaining consistency with manual rescans.
May 6th, 2025
New
Improved
We’re excited to introduce Incremental Scanning for Web Applications—a powerful new way to run full security scans faster by focusing only on what’s changed.
Astra now automatically detects changes in your web application and scans only the newly discovered or modified endpoints. This means you get the depth of a full scan in the time it typically takes for a lightning scan—no more choosing between speed and thoroughness.
Here’s how it works:
Automated Crawling – Our crawler explores your application and builds an updated inventory of all new or changed endpoints (without running any tests). You can schedule crawls or run them manually from the Automations tab.
Delta-Based Full Scans – Instead of scanning your entire application, full scans now target only the updated parts using the latest inventory. Just choose Automated Scan (Full) and set Inventory Coverage to Delta.
Why it matters:
✅ Faster turnaround with comprehensive coverage
🔍 No blind spots—nothing important is skipped
🔁 Seamlessly fits into your existing automation workflows
Want to know how to run an Incremental (Delta) Scan? Read our step-by-step instruction here.
Want to know what kinds of changes we detect? Read our detailed guide to understand how Astra identifies new or modified endpoints.
Upgrade your scanning strategy today and make your security workflows smarter and faster.
April 29th, 2025
New
Fixed
This update introduces a powerful new integration, key visibility improvements, and usability fixes to strengthen your workflow and scanning experience.
New Feature:
Enhanced API Visibility with Istio Integration – We’re excited to launch our new Istio integration, designed to improve security insights for APIs running inside service mesh environments.
Deeper Traffic Monitoring – Leverage OpenTelemetry-based telemetry collection within Istio to gain full visibility into API traffic and behavior across services.
Improved Context for Vulnerabilities – Correlate findings with real-time service mesh traffic to better detect, investigate, and respond to security risks.
Improvements:
External IDs Now Visible – External IDs are now displayed across multiple areas like Automations, Vulnerabilities, etc for easier traceability.
Added Scan Time Info – The Pentest and Scan Details views now include the scan initiation and updating time, improving clarity and auditability.
Improved Naming in Findings – Naming within the Findings sheet has been enhanced to reduce ambiguity and improve readability.
Risk Score Info – Added link to a help article explaining how we calculate risk score has been added to the Vulnerability Details sheet.
Richer JIRA Issue Creation – JIRA issue creation now include more detailed descriptions covering impact, affected components, reproduction steps, and fix suggestions.
Bug Fixes:
Improved Finding Names – Truncated finding names now include an ellipsis (…) to indicate additional content and improve list readability.
Date Selector Fix – Resolved an issue where the date selector defaulted to the current date instead of the selected range.
Target Filter in Integrations – Fixed a bug that caused the Target filter to not work correctly in the Integrations view.
April 22nd, 2025
New
Fixed
This update brings a powerful new scan type along with important bug fixes to keep your scanning workflows smooth and reliable.
New Feature:
We’ve introduced a brand new scan type: Automated Crawling for web targets! This lets our crawler explore your web asset and build an inventory—without running a full security scan.
You can now schedule or trigger on-demand crawls to keep your asset inventory fresh, accurate, and optimized for faster scanning.
Why this matters:
🚀 Faster vulnerability scans
🔁 Improved incremental scanning
Bug Fixes:
Post-Rescan Vulnerability Display Fix – Resolved an issue where vulnerabilities weren’t showing up after a rescan request.
Long Comments UI – Fixed a bug where long comments caused horizontal scroll issues, making them difficult to read.
False Positive Action Bug – Marking an issue as a false positive no longer causes the Scan Details page to break.
April 15th, 2025
New
Improved
Fixed
This update brings a redesigned page experience, platform improvements, and essential bug fixes to enhance your security workflow.
Improvements:
Revamped Compliance Page – The Compliance page has been fully redesigned for better clarity and usability. The previous version left many of you with questions. Navigation and clarity were key concerns—and we’ve listened.
You’ll now find a cleaner layout, improved visual hierarchy, and clearer progress indicators. We've also made it easier to understand what Astra covers and what requires your input, reducing confusion and helping you take action faster.
We're excited for you to try it and experience how much smoother compliance tracking can be.
Copy URI in Findings – You can now quickly copy the URI from the Findings details sheet, making it easier to reference and share issues.
Bug Fixes:
GCP Setup Error – Resolved an issue where users encountered an internal error while setting up GCP cloud targets.
Contact Support Button Fixed – The "Contact Support" button in the Password Reset Wizard now works correctly.
Workspace Ownership Bug – Fixed a bug where workspace ownership transfer was not functioning as expected.
April 8th, 2025
New
Improved
Fixed
This update brings a new feature, platform improvements, and essential bug fixes to enhance your security workflow.
New Feature
Credentials Verification in Manual Pentest Flow: We've updated our process to verify credentials with every pentest request. This ensures authentication is always validated ahead of time, helping avoid delays or disruptions during pentests.
Improvements
Expanded Cloud Scan Support – Now supporting all scan types for GCP and Azure cloud targets, giving you greater flexibility across environments.
Bug Fixes
Accurate Role Display – Hovering over a pentester’s profile now shows the correct role.
Subscription Page Layout Fix – Removed unnecessary horizontal scrolling on the Subscriptions page for smaller screens.
Help Button Redirect Fixed – The "Get Help" button now correctly redirects to the updated help article.
Correct Cron Scheduling – The next run date now aligns accurately with the configured cron string.
Vulnerability Sheet Navigation Fix – Arrow key navigation in the Vulnerability Details sheet now works as expected.
Stay tuned for more updates!
April 2nd, 2025
New
Fixed
This update introduces a powerful new integration, key bug fixes , and usability fixes to strengthen your workflow and scanning experience.
Enhanced API Security with Azure Functions Integration: We’re excited to introduce our Azure Functions integration, providing better security monitoring for your API endpoints.
Seamless API Request Tracking – OpenTelemetry SDK-based traffic monitoring for Azure Functions, ensuring better visibility into API activity.
Stronger Security Controls – Detect and mitigate potential risks in real-time with enhanced logging and insights.
Start securing your Azure Functions APIs today!
Bug Fixes:
Prevent Unintended Scans – The "Start" button is now disabled when no content is loaded, preventing accidental scan attempts.
Reliable Target Selection – Targets now remain selected in the Scan Start flow after clicking the Scan button.
Stable Table Navigation – The Targets table no longer resets to the first page after loading.
Jira Issue Creation Fix – The page no longer breaks while creating a Jira issue.
JWT Bearer Credential Verification – Users can now successfully verify JWT Bearer credentials in API Target settings.
Seamless Login Experience – Login issues across all methods, including SSO, have been resolved for a smoother sign-in process
March 25th, 2025
Improved
Fixed
This update brings new improvements and essential bug fixes to enhance your platform experience.
Improvements
Exclude Rules for Cloud and API – You can now exclude specific URLs in API and Cloud, targets from the Target Settings, just like in Web Target Setup, for better scan customization.
Created date on Scan Details – The Scan Details page now displays the Created Date instead of the Updated Date, providing better clarity.
Bug Fixes
Fixed Workspace Selection – The Integrations page now correctly refreshes to display the right data when switching workspaces.
Vulnerability Sheet Closing Fix – The Vulnerability Details sheet now closes properly without jitters.
Accurate Workspace Display – The correct workspace name is now shown when navigating to Subscription Settings from Target Settings.
March 18th, 2025
New
Improved
Fixed
This update introduces new features, improvements, and essential bug fixes to enhance your platform experience.
New Feature
Bulk Actions for Vulnerability Statuses – You can now update multiple vulnerability statuses at once using a bulk toolbar in the Vulnerabilities list, making issue management faster and more efficient.
Improvements
Rescan Countdown Timer – A countdown now displays the number of days remaining to initiate a rescan, helping you track deadlines more effectively.
Bug Fixes
Workspace Access Fix – Opening a settings page from another workspace (without access) no longer locks the entire dashboard.
Search Bar Restoration – The search bar for Certificate ID lookup is now correctly visible on the Results page.
Accurate Vulnerability Pagination – Clicking "Load More" on the Unsolved Vulnerabilities page no longer displays an extra empty page.
API Target Setup Stability – Fixed an issue where clicking "Integrate Connector" incorrectly triggered an error on the Integration page.
Stay tuned for more updates!
March 11th, 2025
Improved
Fixed
This update introduces new improvements, and essential bug fixes to enhance your platform experience.
Improvements
Filter Vulnerabilities by timeframe– You can now filter vulnerabilities based on a specific timeframe, making it easier to analyze findings within a chosen date range
Better Members Search – You can now search by last name and email on the Workspace Members page, making it easier to find team members.
Bug Fixes
Pentest Progress Bar Fix – The progress bar now correctly appears on the Pentest Details page for non-Web/API targets.
Fixed Rescan Errors – Improved error messaging in the manual rescan sheet, ensuring the Rescan button is only disabled when necessary.
Sign-Up Page Stability – Resolved an issue causing the sign-up page to break during account creation.
Reliable OTP Login – Fixed issues with TOTP app-based login and improved email OTP delivery, ensuring a smoother and more reliable authentication experience.
Pagination Fix for Vulnerabilities – Navigating through pages on the Vulnerabilities table now works correctly, preventing redirection back to the first page.
Rescan Validity Accuracy – The last day of the rescan period is now correctly included, ensuring accurate scheduling.
Consistent Vulnerability Navigation – Fixed an issue where clicking on a vulnerability would sometimes navigate to a different one.
Stay tuned for more updates!