- Knowledge base
- Product news
-
Security updates
-
Product news
-
Next-Gen Vulnerability Management
-
Getting started
-
General
-
Operating status
-
System & Network Security
-
Web Application Security
-
Cloud Security
-
API Security
-
Phishing Simulation & Awareness Training
-
Attack Surface Management
-
Scanner Appliance
-
Device Agent
-
On-premise platform deployment
-
Asset management
-
Vulnerability Manager
-
Reports
-
Digest reports
-
Organizer
-
Continuous monitoring
-
Integrations
-
Platform API
-
Remediation
-
Users
-
PCI DSS ASV scans
-
Partner Portal
-
Terms & conditions
-
Dashboard
2025-10-9: Easily manage Device Agent vulnerabilities and more
Managing vulnerabilities on Device Agent assets
Ignoring vulnerabilities is now generally available for Device Agent assets, giving you greater control over how findings are managed. You can now also manage ignored vulnerabilities directly from an ignored vulnerability, making it easy to review and manage as needed.
This provides a more consistent and flexible workflow for handling accepted risks or noise across all asset types.
Read about how to ignore and manage a Device Agent vulnerability here.
Web & API scanning enhancements
We've made several important improvements to our web & API scanning to enhance detection accuracy, visibility, and coverage. Out-of-Band (OOB) detection is now supported for deserialization vulnerabilities, JWT misconfigurations, and Spring4Shell. These additions complete OOB support in our new OOB Web Scans profile, bringing it fully up to date.
We have also improved the visibility of URLs in the Information HIDs, making it easier to identify which URLs were impacted for easier troubleshooting, and added new coverage for TrustedTypesCSPEnforcement, which checks whether HTTPS responses include Trusted Types CSP enforcement. This helps identify missing protections in browser-side security.
Additional enhancements
- You can now properly clone Teams for easier setup and management.
- Applications and ports are once again viewable via the icon, not just the row.
- Authenticated network scans against Windows targets will now show a warning if the registry is inaccessible.