Kondukto Release v1.102 12th May, 2025
about 1 month ago by Koray AGAYA
Kondukto v1.102 released!
New Features
- Added a new comparison report that allows using customizable templates to compare projects, products, business units, and teams.
- Added Global Vulnerability Filter to apply a pre-defined filter across all projects and products for AppSec and Infra findings.
- Added "Fixed Packages is not empty" as a new filter for Issue Assignment Automation Rules, allowing tickets to be created only for vulnerabilities that have known fixes.
- Added support for creating, editing, and deleting custom email notification templates for Enterprise customers. Default templates are now editable and reusable in automation rules.
- Added Coverity On-Prem integration as a new SAST scanner, including project listing, scan configuration, and connection testing support.
- Added two new permissions for custom roles: Edit User Roles and Sync ALM Projects/Branches.
- Added support for mapping SCA and Container Security findings with CNAPP tools (Sysdig) data to detect deployed vulnerabilities and trigger automation rules.
- Added Select All option on the Assets Management page to apply actions across all pages, including support for exclusions.
- Added Cycurfuzz support under the new Fuzzing category with KDT-based JSON/HTML report import capability.
- Added Crowdstrike CS integration as a new Container Security (CS) scanner, including image binding, scan configuration, and test connection support.
- Added option to run scheduled scans on default branches of multiple projects from the Assets Management page.
- Added a scheduled service to automatically close issues in the issue manager if the corresponding vulnerabilities are marked as Closed in Kondukto.
Improvements
- Improved AKTO integration to prioritize scan results over Swagger imports.
- Made columns on the Assets Management page resizable for better usability.
- Vulnerabilities from DAST, API Security, and Pentest scans are now auto-mapped to updated endpoints. Clicking counts redirects to the related vulnerability list.
- Added Code Flow section for CodeQL findings in the vulnerability details view.
- Selected item count is now shown on vulnerability tables, similar to the asset management page.
- Updated SonarQube integration to allow manual selection of the system edition (Community, Developer, Enterprise) during scanner setup.
Bug Fixes
- Fixed an issue where the Teams tab was not visible on the user screen for roles without the appropriate permission.
- Fixed an issue where the ALM sync button was visible to users without proper sync permissions.
- Addressed permission issues in SonarQube integration by reintroducing required admin-level access for branch scanning support.
- Fixed an issue preventing Tenable.sc scans from being triggered in newly created projects.
- Fixed an issue with directory creation for the comparison report template.