Traceable On-prem Release Note

1.14.1 — 24^th October

Catalog

Inventory Enhancements

• Enhanced usability for API Catalog UI with a reorganized left navigation menu.

• Added dedicated tabs on the Inventory page, organizing information by API endpoints, domains, services, and backends.

• Enhanced the Sensitive Data page to enable quicker access to information on sensitive data types detected within API endpoints.

API Documentation

• Multi-Spec Uploads — Supports uploading multiple specifications with options for cross-referencing and executing API discovery, naming, and inspection.

• API Inspector — Analyzes API documentation for security, format, and data validation, identifying potential compliance and vulnerability issues.

AST

Custom Plugins

• A new UI feature allows creating, testing, and deploying custom plugins to enforce specific security rules or logic.

Mutation and Assertion Override

• Configure overrides for out-of-the-box mutations and assertions, adapting them to specific use cases.

gRPC API Testing Support

• Enhanced API Security Testing with support for gRPC APIs through Live and Replay testing mechanisms.

Integrations

• Armorcode Integration — Allows importing vulnerabilities from Traceable AST into Armorcode for prioritization and remediation.

Protection

WAF Integrations

• Akamai WAF Integration — Seamlessly integrate Akamai WAF for added security.

• Fortinet WAF Integration — Fortinet WAF is now supported, enabling robust protection for APIs.

Custom Detector

• New support for custom security rules using custom signature policies.