2026-07-02: More detail, richer API data, and clearer remediation tracking
Reproduce and fix web vulnerabilities faster with complete details
We've made it significantly easier to understand, reproduce, and remediate web vulnerabilities. Each finding now includes the complete technical detail - headers and payloads included - giving your security and development teams everything they need to reproduce the issue and implement the right fix.
- Full headers and payloads included
Every web vulnerability now surfaces the request headers and payloads used during detection, removing the guesswork from reproduction and cutting down the back-and-forth between security and development teams. - Faster path to remediation
With all technical details available directly on the vulnerability, developers can reproduce the exact conditions that triggered the finding - making it easier to validate the issue, build the fix, and confirm it's resolved. - Fewer tools, less context-switching
Instead of piecing together details from scan logs or external tools, everything you need to act on a web vulnerability is now in one place inside Security Center.
Read how to reproduce vulnerabilities here.
EPSS, asset risk scores, and device vulnerabilities - now in the API
We've expanded the API to surface key risk and vulnerability data that was previously available only in Security Center. Exploit Prediction Scoring System (EPSS) scores and asset risk scores are now available as enrichment on both asset and vulnerability endpoints, and vulnerabilities detected by device agents can now be listed through the API as well. Whether you're building integrations, feeding data into a SIEM or ticketing system, or automating risk-based prioritization workflows, these additions give you direct programmatic access to the data points that matter most.
- EPSS scores in the API
Every vulnerability returned by the API now includes its EPSS score, giving your integrations access to exploit likelihood data - so you can build automations that prioritize based on real-world threat activity, not just severity ratings. - Asset risk scores in the API
Asset-level risk scores are now available as an enrichment on asset endpoints, making it straightforward to pull prioritized asset data into dashboards, reports, or orchestration workflows outside of Security Center. - Device agent vulnerabilities in the API
Vulnerabilities discovered through device agents are now included in API responses alongside network-scanned findings - giving you a complete view of your vulnerability landscape through a single integration point.
The ports selector on network vulnerabilities now displays the status of each port - such as Fixed, Reopened, or New - directly in the view. The list of ports also respects your active filters, so you can quickly narrow down to the ports that still need attention.
- Status visibility per port
Instantly see which ports have been resolved, which have reopened, and which are newly discovered - without clicking into each one individually. - Filter-aware selector
The ports selector now responds to your active filters, making it easy to focus on what matters - for example, showing only ports with open or reopened vulnerabilities to prioritize your remediation efforts.

Detection vs. Fixed widget returns - now with team and tag scoping
The Detection vs. Fixed widget is back, now enhanced with the ability to scope data by tags and teams. See the balance between newly detected and resolved vulnerabilities, filtered by team or tag, so you can go beyond account-wide averages and dig into the metrics that matter most - whether that's a particular team's remediation pace or how vulnerabilities are trending across a defined set of assets.
This widget will make its way to your dashboard soon.

*This corrects our initial communication, which indicated that the Mean Time to Resolution (MTTR) widget was also included in this release. It is not part of this release.
Full hostname visibility and primary hostname selection on network assets
Network assets now display all associated hostnames directly on the asset, giving you a complete picture of how each asset is identified across your environment. You can also select which hostname should act as the primary - making it easier to keep asset naming consistent and aligned with how your team refers to them.
- All hostnames in one place
Every hostname associated with a network asset is now visible on the asset itself, so you no longer need to cross-reference multiple sources to understand the full identity of an asset. - Set a primary hostname
Choose which hostname should be treated as the primary identifier for each asset. This is especially useful in environments where assets are reachable under multiple names, ensuring reports, dashboards, and vulnerability views reflect the naming convention your team actually uses.

Additional enhancements
- The Team selector is now searchable, making it easy to identify selections when you have many teams created.
- We've improved the re-scan experience for hostnames so the hostname is now preserved properly.
- The web scan is getting an update to better identify duplicate content, which should reduce scan time on certain targets.
