BlogOpen a Ticket
Changelog
Start typing to search…
Back to All

Kondukto Release v1.102 12th May, 2025

about 1 month ago by Koray AGAYA

Kondukto v1.102 released!

New Features

  • Added a new comparison report that allows using customizable templates to compare projects, products, business units, and teams.
  • Added Global Vulnerability Filter to apply a pre-defined filter across all projects and products for AppSec and Infra findings.
  • Added "Fixed Packages is not empty" as a new filter for Issue Assignment Automation Rules, allowing tickets to be created only for vulnerabilities that have known fixes.
  • Added support for creating, editing, and deleting custom email notification templates for Enterprise customers. Default templates are now editable and reusable in automation rules.
  • Added Coverity On-Prem integration as a new SAST scanner, including project listing, scan configuration, and connection testing support.
  • Added two new permissions for custom roles: Edit User Roles and Sync ALM Projects/Branches.
  • Added support for mapping SCA and Container Security findings with CNAPP tools (Sysdig) data to detect deployed vulnerabilities and trigger automation rules.
  • Added Select All option on the Assets Management page to apply actions across all pages, including support for exclusions.
  • Added Cycurfuzz support under the new Fuzzing category with KDT-based JSON/HTML report import capability.
  • Added Crowdstrike CS integration as a new Container Security (CS) scanner, including image binding, scan configuration, and test connection support.
  • Added option to run scheduled scans on default branches of multiple projects from the Assets Management page.
  • Added a scheduled service to automatically close issues in the issue manager if the corresponding vulnerabilities are marked as Closed in Kondukto.

Improvements

  • Improved AKTO integration to prioritize scan results over Swagger imports.
  • Made columns on the Assets Management page resizable for better usability.
  • Vulnerabilities from DAST, API Security, and Pentest scans are now auto-mapped to updated endpoints. Clicking counts redirects to the related vulnerability list.
  • Added Code Flow section for CodeQL findings in the vulnerability details view.
  • Selected item count is now shown on vulnerability tables, similar to the asset management page.
  • Updated SonarQube integration to allow manual selection of the system edition (Community, Developer, Enterprise) during scanner setup.

Bug Fixes

  • Fixed an issue where the Teams tab was not visible on the user screen for roles without the appropriate permission.
  • Fixed an issue where the ALM sync button was visible to users without proper sync permissions.
  • Addressed permission issues in SonarQube integration by reintroducing required admin-level access for branch scanning support.
  • Fixed an issue preventing Tenable.sc scans from being triggered in newly created projects.
  • Fixed an issue with directory creation for the comparison report template.