Resources/Changelog
CHANGELOG

Product Updates

Latest features, improvements, and bug fixes for the TigerGate security platform

Latest

v2.7.0

June 10, 2026

New Features

IDE Support for Code Security
Real-time SAST, SCA, and secrets scanning directly in VS Code and JetBrains IDEs. Get inline vulnerability highlights, fix suggestions, and scan-on-save with zero context switching.
IDE Security Dashboard Panel
Dedicated security panel inside the IDE showing findings summary, severity breakdown, and one-click remediation for detected vulnerabilities.
IDE-to-Platform Sync
Findings detected in the IDE automatically sync to the TigerGate dashboard. Suppress false positives once and the suppression applies across IDE, CI/CD, and dashboard.

Improvements

  • VS Code extension supports workspaces with multiple repositories
  • JetBrains plugin supports IntelliJ IDEA, WebStorm, PyCharm, GoLand, and Rider
  • IDE scans run incrementally on changed files for sub-second feedback
  • Added quick-fix code actions for common vulnerability patterns (SQL injection, XSS, hardcoded secrets)

Bug Fixes

  • Fixed IDE extension failing to activate in remote SSH and Dev Container environments
  • Resolved duplicate findings when scanning files open in multiple editor tabs

v2.6.0

May 12, 2026

New Features

DAST 2.0: Authenticated Scanning
Full authenticated DAST with browser-based crawling, login sequence recording, and session token management. Scans behind authentication walls for complete web app coverage.
DAST API Discovery
Automatic API endpoint discovery from web applications during DAST scans. Identifies hidden APIs, undocumented endpoints, and shadow APIs exposed by SPAs.
DAST Scan Scheduling & Recurring Scans
Schedule DAST scans on a recurring basis with configurable frequency, scan windows, and automatic comparison against previous scan baselines.

Improvements

  • DAST scan speed improved by 60% with parallel crawling and request deduplication
  • Added support for scanning WebSocket and gRPC-Web endpoints
  • DAST findings now include proof-of-concept request/response pairs for faster validation
  • Nuclei template library updated to 8,500+ templates covering latest CVEs

Bug Fixes

  • Fixed DAST scanner hanging on sites with infinite redirect loops
  • Resolved false positives in CORS misconfiguration detection for CDN-hosted assets

v2.5.0

March 28, 2026

New Features

CSPM Drift Detection & Auto-Remediation
Real-time detection of cloud configuration drift from IaC-defined state. Auto-remediation engine reverts unauthorized changes with approval workflows and dry-run mode.
Container Security: Runtime Image Integrity
Continuous verification that running container images match their signed and scanned versions. Detects image tampering, unauthorized replacements, and drift from approved image policies.
Container Security: Kubernetes Admission Policies v2
Policy-as-code admission controller with OPA/Rego support. Block deployments based on image scan results, SBOM requirements, signature verification, and custom organizational policies.
CSPM Multi-Account Dashboards
Unified security posture view across AWS Organizations, GCP Organization, and Azure Management Groups with account-level drill-down and cross-account trend analysis.

Improvements

  • CSPM scan coverage expanded to 950+ checks across AWS, GCP, Azure, Oracle Cloud, and Kubernetes
  • Container scanner now generates SBOM in SPDX 2.3 and CycloneDX 1.5 formats
  • Added container image allow-listing and block-listing by registry, tag pattern, and signature
  • CSPM compliance reports now exportable as PDF with executive summary and remediation timeline

Bug Fixes

  • Fixed CSPM false positive for S3 buckets using bucket policies instead of ACLs for access control
  • Resolved container scanner timeout when scanning images larger than 5GB
  • Fixed incorrect severity mapping for Azure NSG rules with service tags

v2.4.0

February 3, 2026

New Features

Real-time Threat Intelligence Feed
Live threat intelligence integration with automated IOC matching and alerting for runtime events.
Custom Compliance Frameworks
Build custom compliance frameworks by combining controls from existing standards or creating your own.
Slack Bot Integration
Interactive Slack bot for triggering scans, viewing findings, and managing alerts directly from Slack.

Improvements

  • Reduced agent memory footprint by 35% through optimized eBPF map usage
  • Added support for ARM64 architecture in all scanner services
  • Improved dashboard load time by 50% with lazy loading and caching

Bug Fixes

  • Fixed false positives in secrets detection for test files
  • Resolved timeout issues in large repository scans

v2.3.0

January 15, 2026

New Features

NATS JetStream Workflow Engine
Replaced orchestrator with NATS JetStream for distributed workflow orchestration with at-least-once delivery guarantees.
Multi-Region Scanning
Deploy scanners across multiple regions for faster scans and data residency compliance.
GitHub Advanced Security Integration
Native integration with GitHub Advanced Security for SARIF upload and code scanning alerts.

Improvements

  • Parallel workflow execution now supports up to 50 concurrent scan tasks
  • Enhanced Cloud Scanner with 900+ checks across all cloud providers
  • Added automatic retry logic with exponential backoff for failed scans

Bug Fixes

  • Fixed race condition in policy sync causing stale policies on agents
  • Resolved memory leak in long-running telemetry collector instances

v2.2.0

December 8, 2025

New Features

AI Scanner with Agentic Radar
Comprehensive AI/LLM security scanning for prompt injection, PII leakage, and harmful content detection in AI applications.
Oracle Cloud Support
Full Oracle Cloud Infrastructure support with 51+ CIS benchmark checks for OCI resources.
Auto-Remediation Engine
Automated remediation for common misconfigurations with dry-run mode and approval workflows.

Improvements

  • Improved scan performance by 40% with optimized parallel execution
  • Added drift detection for cloud infrastructure changes
  • Enhanced SBOM generation with SPDX and CycloneDX format support

Bug Fixes

  • Fixed Azure credential rotation handling in cloud scanner
  • Resolved incorrect severity mapping for some CVEs

v2.1.0

November 12, 2025

New Features

Vanta & Drata Integration
Native integration for automated compliance evidence collection supporting SOC 2, ISO 27001, PCI-DSS, and HIPAA.
Container Admission Controller
Kubernetes admission controller for blocking vulnerable or non-compliant container deployments.
Attack Path Analysis
Visualize potential attack paths across cloud resources with risk-based prioritization.

Improvements

  • Added support for GitLab CI/CD native integration
  • Enhanced API Scanner with GraphQL introspection testing
  • Improved finding deduplication across scan types

Bug Fixes

  • Fixed webhook delivery failures during high-volume scan periods
  • Resolved timezone handling in scheduled scan configurations

v2.0.0

October 5, 2025

New Features

Site Scanner Service
Website security audits with DAST, performance testing (Lighthouse), SEO analysis, and WCAG accessibility compliance.
API Scanner Service
Dedicated REST, GraphQL, and SOAP API security testing with authentication, authorization, and injection detection.
Kubernetes CIS Benchmarks
83+ CIS Kubernetes Benchmark v1.8.0 checks for pod security, RBAC, network policies, and admission controllers.

Improvements

  • Expanded cloud coverage to 576+ checks across AWS, GCP, and Azure
  • Added platform auto-detection for Kubernetes, ECS, and Docker in agent
  • Improved compliance dashboard with framework-specific views

Bug Fixes

  • Fixed memory leak in telemetry collector with high-volume events
  • Resolved scan failures in monorepo configurations

v1.5.0

August 20, 2025

New Features

Container Scanner
Image vulnerability scanning with Trivy integration, CVE detection, malware scanning, and SBOM generation.
Attack Scanner (DAST)
Dynamic application security testing with Nuclei templates and AI-powered penetration testing.

Improvements

  • Migrated all scanners to multi-tenant HTTP API architecture
  • Added ClickHouse for high-performance time-series event storage
  • Enhanced secrets detection with 50+ new patterns

Bug Fixes

  • Fixed inconsistent scan status reporting in dashboard
  • Resolved API rate limiting issues with GitHub integration

v1.0.0

May 15, 2025

New Features

eBPF Runtime Agent
Kernel-level monitoring with eBPF probes for execve, file operations, network connections, and privilege escalation.
Code Scanner
SAST with Semgrep, SCA with OSV database, secrets detection, and IaC scanning with Checkov.
Cloud Scanner (CSPM)
Cloud security posture management for AWS, GCP, and Azure with CIS benchmark compliance.
Policy Engine
ESR model for compliance control evaluation across SOC 2, ISO 27001, PCI-DSS, and GDPR frameworks.
Security Dashboard
React-based dashboard with real-time metrics, compliance status, and vulnerability tracking.

Stay Updated

Get notified about new releases and security updates