Improved GitHub scanning workflows
GitHub-backed scan setup is smoother for teams moving between connected repositories, public targets, and branch-specific scans.
- Improved branch discovery for connected GitHub repositories and public repository URLs.
- Refined repository-picker states when a GitHub App installation is missing, revoked, or out of date.
- Made code scanning, web exposure scanning, and configuration audits easier to launch from project workflows.
Expanded risk reporting and prioritization
Reports now focus more clearly on the findings that create the most operational risk for a team.
- Improved A-F security grade presentation for project and workspace reporting.
- Added clearer blast-radius context so teams can see what a leaked secret or exposed asset can affect.
- Refined report history views to make risk trends easier to compare over time.
Security configuration audit coverage
Configuration audits continue to expand beyond secret detection so teams can catch risky repository settings earlier.
- Added checks for missing branch protection and risky repository administration patterns.
- Improved prioritization for findings with known, partial, or unknown operational impact.
- Updated digest and report language to be easier for engineering and business stakeholders to read.