Aptori Release Changelog

OSV-Scanner integration is now available in Aptori

Leverage the OSV-Scanner to detect vulnerabilities in your project's dependencies.

Infrastructure as Code (IaC) Scanning

The Infrastructure as Code (IaC) scanner analyzes code that defines and manages IT infrastructure to detect security vulnerabilities, misconfigurations, and compliance issues before the infrastructure is provisioned.

Secure your cloud using AWS vulnerability scanning

AWS vulnerability scanning helps you easily detect and mitigate vulnerabilities within your cloud infrastructure.

Achieve visibility of your AWS infrastructure with automated scans designed to minimize your attack surface and prioritize issues for efficient resolution.


A new Inspections feature in Aptori-Sift empowers you to craft test cases tailored to your application's unique business logic, simplifying the process of validating custom policies that address specific aspects of your application.

Real-Time Vulnerability Risk Scoring using EPSS and CVSSv3

The Exploit Prediction Scoring System (EPSS) is an approach to predict the likelihood of a given vulnerability being exploited in the wild. Produced by the Forum of Incident Response and Security Teams (FIRST), EPSS employs a data-driven, probabilistic model that estimates the risk of exploitation within 30 days. This system uses a combination of vulnerability characteristics and real-world data to provide a dynamic score, offering a more nuanced and responsive measure than static vulnerability assessments. 

Aptori Enhanced with Essential Security Scanning Capabilities

Aptori now includes integrations with industry-leading application security scanners for Software Composition Analysis (SCA), Dependency Checks, Secrets Detection, Container Scanning, and Static Application Security Testing,

Eliminating BOLA: Automated Authorization Policy Testing Through Code-Free Descriptions

Aptori's Sift, an API security testing tool, can autonomously generate and execute test cases to confirm the effectiveness of an authorization policy. Sift ensures comprehensive testing of all possible scenarios involving creators, actors, actions, and entities, handling anything from 10 to thousands of test cases, all completed swiftly within seconds.