A new API Risk Scoring system has been added to the FireTail platform, which evaluates APIs based on open findings and their severity, assigning a risk score to each API. Scores are divided into four bands: critical (80-100), high (60-80), medium (40-60), and low (below 40). A log based scale ensures that higher-severity findings have a significantly greater impact on the overall risk score.
New CSPM (Cloud Security Posture Management) findings have been added to the platform, allowing for the discovery of potential security issues related to AWS AppSync and AWS API Gateway. The following findings are now available:
Additional details added to AWS API items. Details now include information such as:
New event codes have been added. These have also been added to the actions system:
AWS_API_GATEWAY_V1:STAGES_WAF_CHANGEDAWS_APPSYNC_API:RESOLVER_COUNT_LIMIT_CHANGEDAWS_APPSYNC_API:QUERY_DEPTH_LIMIT_CHANGEDAWS_APPSYNC_API:INTROSPECTION_CONFIG_CHANGEDAWS_APPSYNC_API:ADDITIONAL_AUTH_TYPES_CHANGEDSupport added for Kubernetes ingress controllers that use Nginx.
Added support for Java using the LLM to build complete OpenAPI definitions.
General bug fixes made throughout the FireTail platform.