Changelog

Stay up to date with the latest changes in Cybox Security.

4 days ago
  • New Licenses & Dependencies report: see all your project dependencies and their licenses in one place under Reports.
  • Export your dependency list as PDF for audits, or as a spreadsheet (CSV) for sharing with your team.
  • Free plan now runs scans on a schedule automatically; manual scans are available on paid plans.
  • Reports and filters: the Licenses report supports filtering and multiple export formats for flexibility.
  • Reports hub redesign: sectioned layout (Reports / Open source), four cards with clear grouping and format chips (PDF, CycloneDX, SPDX, SOC 2, ISO 27001). [Activation]
  • Executive Report, Compliance Evidence, and Licenses & SBOM cards link to their report pages; Technical Audit card triggers PDF download with loading state and error toast. [Activation]
  • Reports page helper copy and optional “Coming soon” pattern for future reports (disabled card, tooltip). [Activation]
13 days ago
  • API Security Scanner: discover API endpoints from OpenAPI specs and code (Express, NestJS, FastAPI, Flask) and check for OWASP API Top 10 risks (BOLA, missing auth, shadow endpoints, rate limiting, CORS). [Trust][Activation]
  • Optional dynamic API testing when a base URL is provided (GET/HEAD only, safe defaults). [Trust]
  • API security findings appear in Scan Results and per-asset scanner breakdown alongside SAST, Secrets, and SCA. [Retention]
  • Compliance Evidence report: download audit-ready PDF or JSON from Reports (date range, preview). [Trust]
  • Drata integration: connect Drata in Integrations to push compliance evidence to a control; Push to Drata on the Compliance Evidence page. [Trust][Activation]
  • Compliance section on Integrations: Drata (connect) and Vanta (coming soon) with custom logos. [Activation]
4 months ago
  • Added NVD CVE enrichment with CVSS scores and CWE mappings for better risk assessment. [Trust]
  • Enhanced SAST auto-fix with category prefixes: SQLi, XSS, Secrets, Dependency. [Velocity]
4 months ago
  • Launched cyBOT Advisor with step-by-step onboarding guidance for GitHub setup. [Activation][Trust]
  • Redesigned empty states with shadcn/ui Empty component for professional design. [Activation]
4 months ago
  • Streamlined mobile navigation with always-visible glass effect. [Activation]
  • Optimized spacing, performance and SEO metadata across site. [Activation]
4 months ago
  • Enhanced avatar upload error handling with detailed validation messages. [Trust]
  • Improved file size limits and error messages for avatars. [Trust]
4 months ago
  • Fixed mobile navigation scroll behavior and Trust component redirect. [Activation]
  • Configured Railway to use npm instead of pnpm for faster builds. [Velocity]
4 months ago
  • Added Microsoft Clarity analytics alongside Google Analytics. [Revenue]
  • Enhanced Trust section with SOC 2 compliance front and center. [Trust][Revenue]
4 months ago
  • Added headers to scan results donut charts for clarity. [Activation]
  • Fixed asset switching with smooth transitions. [Retention]
4 months ago
  • Fixed duplicate scan bug: only scan assets that haven't been scanned. [Retention]
  • Sorted assets table with active assets first for better visibility. [Activation]
4 months ago
  • Fixed duplicate scan creation issue in API. [Retention]
  • Added toast notifications for scan status updates. [Activation]
4 months ago
  • Added Active only filter to assets page. [Activation]
  • Added Sonner toast notifications for scan triggers. [Activation]
4 months ago
  • Implemented repository picker with real GitHub data integration. [Activation]
  • Added welcome email after first successful login to guide setup. [Activation][Trust]
4 months ago
  • Added favicon files and updated middleware for better branding. [Trust]
4 months ago
  • Added navigation arrows and improved subissues tab in scan results. [Retention]
  • Updated scan results with comprehensive UI improvements. [Retention]
4 months ago
  • Major refactor of scan results page for better performance. [Retention][Velocity]
5 months ago
  • Fixed build process optimization for Railway deployment. [Velocity]
  • Resolved webpack module resolution errors. [Retention]
5 months ago
  • Improved mobile navigation visibility and styling. [Activation]
  • Implemented Google Analytics following supastarter standard. [Revenue]
5 months ago
  • Completed major scan results page refactor. [Retention]
  • Updated Supabase diagnostics and UI improvements. [Trust]
5 months ago
  • Completed admin assets page refactoring. [Retention][Velocity]
  • Completed scans page refactoring for better organization. [Retention]
5 months ago
  • Completed brand integration and major UI/UX improvements. [Activation]
  • Optimized logout performance by removing expensive cache clearing. [Velocity]
6 months ago
  • Restored original Supastarter dashboard design and theme. [Trust]
6 months ago
  • Implemented proper theme system: light dashboard, dark landing page. [Activation]
  • Updated CTAs to Shadcn Button components for consistency. [Trust]
CyBox Security - Your Virtual Security Team for the AI-Era