July 12th, 2026
Generated reports are now stored and retrievable at any time. No need to regenerate a report you already produced: open the history, find it, download it.
Retention by plan: 90 days on Scale, 365 days on Enterprise.
VibeDefend's Action Guard no longer relies on pattern matching alone. Every tool call is now evaluated by a hybrid engine combining deterministic regex rules with LLM judgment.
Fewer false positives: legitimate actions are no longer blocked because they superficially resemble a dangerous pattern.
Broader coverage: complex or obfuscated dangerous actions performed by an AI agent, which no regex could reasonably catch, are now detected and blocked.
VibeDefend's fourth capability, fully integrated with Claude Code, Codex, Cursor, Copilot, Windsurf. On every file modification, the generated source code is analysed on the spot to surface security vulnerabilities introduced by the agent, in the session, before the code ever reaches a commit.
No context switch: the finding is raised where the code is written, not hours later in a scan report.
Covers what the agent just changed, not the whole repository, so feedback stays immediate.
Fixed "Autopilot proposals as you code" on Claude Code: business and logic rule mining is working again.
Various frontend fixes.
Please update VibeDefend to v1.3.0 to access these features.
June 25th, 2026
Configure a registry once and reuse it everywhere. Set up ECR, GCR, ACR, Docker Hub, Harbor, Quay, JFrog, GitLab, or Scaleway at the organization level and link it to as many projects as you need, with bulk application across projects.
Connect Amazon ECR using a cross-account IAM role in addition to static keys, with a step-by-step setup guide built directly into the interface.
Inspect a finding in full without ever leaving the list. The new side panel is resizable and expands to full screen, with smooth previous/next navigation from one vulnerability to the next.
Launch a fix and keep working. A live task tracker appears in the top right and notifies you the moment the fix is ready, with a direct link to the generated PR.
New filters on vulnerability lists: by language and by source path (SAST, IaC, CI/CD, Secrets). Search now also covers the path, the ecosystem, and the manifest file.
Consolidated report emails: a single summary email per organization instead of one per project, fully respecting your notification preferences.
Clearer, actionable container scan failure messages (registry authentication issue, image not found, and more) in place of a generic error.
Fresher and faster SCA / zero-day vulnerability detection, in under 10 minutes.
Faster loading on the organization overview dashboard.
More reliable report generation for large reports of 400+ pages.
Container findings can now be grouped by package for faster reading and triage.
Fixed unexpected disconnections when working across multiple tabs.
Fixed dark mode regressions across the dashboard.
Cancelling and relaunching a scan is now reliable; no more "Scan complete" while a scan is still running.
Fixed the "critical-risk projects" KPI that was incorrectly showing 0.
External links are now clickable in Cybe Chat.
Vulnerability evolution history is now retained after remediation.
A manual change to exploitability or priority is no longer attributed to the Cybe Agent.
Various display fixes (stray scrollbars, full-width AI-BOM, scroll-to-top on the vulnerability detail view).
June 5th, 2026
Live risk-based project ranking. Your project list is now sorted by CybeRisk score and updates in real-time, so what needs your attention is always at the top.
The speed of half of our API endpoints has been increased by an average of 30%.
Large GitHub & GitLab imports no longer get stuck; scanning is now reliable, from download to results.
Hardened Amazon ECR container scans, featuring clear and actionable errors.
Simplified status model and a few dashboard improvements.
SCA finding modifications now survive every re-scan: status, priority, and exploitability.
Every score now tracks the live CVSS 4.0 environmental score, eliminating any inconsistent counters.
The analysis engine has been improved and automatically scales to the workload for faster results during peak loads.
June 3rd, 2026
This first major release marks a fundamental turning point for the platform. It consolidates everything built since v0.3 and introduces the capabilities that define CybeDefend for the years ahead: securing the AI coding agent era.
The SAST and IaC rule catalog takes a significant leap forward with over 700 new rules covering the main cloud providers, orchestrators, and application languages.
Cloud and infrastructure rules: Azure, GCP, AWS, Kubernetes, Terraform, Dockerfile.
Application languages: Android, Python, JavaScript / TypeScript, Java, Go.
New dedicated Rust ruleset β the first of its kind in CybeDefend: SQLi on sqlx, diesel, rusqlite, and tokio-postgres; XSS; CORS; SSRF.
See the real path of untrusted data, from the entry point all the way to the vulnerability. No more guessing from a snippet around the faulty line.
Full flow trace: source, propagation, sink.
Instantly understand why a finding matters, not just where it is.
Reduces triage time by giving developers the context they need to fix the right place.
VibeDefend distributes CybeDefend's business security rules directly to AI coding agents (Claude Code, Cursor, VS Code Copilot, Windsurf, Codex), injecting them into their plan and context before every code write.
Automatic business rule extraction: a mining engine analyses the existing codebase to build the initial ruleset without any manual authoring.
Real-time consultation: on every edit, the agent consults the rules that apply to the project β forbidden patterns (no eval, no child_process.exec, no plain SQL), pre-approved dependencies only, and a "no plaintext secrets" rule.
allow / deny / warn status: before every write operation, Cursor or Claude Code receives a verdict on the action it is currently performing.
End-of-session gap analysis: missing rules are surfaced to the user for validation.
Autopilot mode: learns from each Claude Code session over time, proposing new rules as usage patterns emerge.
One-command install on Linux, macOS, and Windows.
The Risk Score system now integrates new key criteria to accurately reflect the reality of each project.
Enriched criteria: identified findings, reachability, business sensitivity, and exposure level.
Cybe Chat can now execute actions directly in CybeDefend by interacting with the API, in addition to answering security questions.
Available actions: update a vulnerability status, analyze a finding, advise on next steps to take, summarize a project's security statistics.
Directly connected to the CybeDefend documentation to answer any question about the platform.
Retains full awareness of the codebase and open vulnerabilities for contextual, actionable responses.
A brand-new scanner family that builds a complete AI Bill of Materials for your codebase and measures it against the EU AI Act. Know exactly which models, datasets, and AI frameworks ship inside your software and what your regulatory obligations are.
Full AI component inventory (CycloneDX 1.6 ML-BOM): every machine-learning model, training dataset, AI library, framework, and runtime is detected and catalogued, with version, origin (PURL), licenses, hashes, and the exact location where each one is used.
EU AI Act risk classification (Regulation (EU) 2024/1689): every component is mapped to its risk tier, prohibited, high, limited, or minimal and GPAI models and systemic-risk components are flagged on sight.
Obligation & legal-article mapping: each component is tied to the concrete obligations it triggers β technical documentation, copyright policy, transparency, model evaluation with direct references to the relevant AI Act articles and Annex IV.
Audit-ready EU AI Act report: a one-click PDF structured on the AI Act's Annex IV technical-documentation requirements, executive risk summary, component inventory, training datasets, GPAI & systemic-risk breakdown, applicable obligations, and full legal references.
Dashboard load time significantly reduced.
Improved response time on the organization overview, grouped and detailed vulnerability list, and project branch list endpoints.
Fixed a scan crash occurring on certain large projects.
Improved file ingestion reliability during scan uploads.
Fixed a false positive rate issue in secret detection.
Improved SAST scan speed.
Fixed PDF and HTML report generation for large-scale outputs.
Improved real-time UI responsiveness: new vulnerabilities, scan status updates, and project additions now reflect instantly without requiring a page refresh.
May 9th, 2026
This minor release marks the most significant turning point since the platform launched. It introduces a new pricing model built for the agent era, the global rollout of the Cybe MCP Server, a complete overhaul of the vulnerability priority engine with EPSS and CVSS 4.0 support, and lays the groundwork for v1.0.0 with the preview release of VibeSec.
CybeDefend moves to a new set of plans aligned with the reality of teams shipping with AI coding agents.
Four plans are now available:
Developer ($19/month billed annually): 3 repositories, 1 seat, 100 AI credits/month. Includes IDE plugins, MCP server, and GitHub & GitLab integrations. Built for solo developers shipping with an agent.
Team ($164/month billed annually): 10 repositories (up to 20, +$10/mo each), 5 seats (up to 10, +$20/mo each), 1,500 AI credits/month. Adds container scanning, supply-chain checks, CI/CD integrations, REST API, and task management (Jira, Linear).
Scale ($641/month billed annually): 25 repositories (up to 50), 15 seats (up to 25), 5,000 AI credits/month. Includes early access to BLSA (business-logic security analysis), the advanced business-context engine, a 99.5% uptime SLA, dedicated Slack support, and an onboarding workshop.
Enterprise (custom): unlimited repositories and seats, private VPC or on-premise deployment, SSO / SAML / SCIM, advanced audit logs, 24/7 priority support, and a dedicated account manager.
Static scans (SAST, SCA, IaC, Secrets) remain unlimited and free on every plan. Every account starts with 50 AI credits, no credit card required, no time limit.
The CybeDefend MCP Server is now available across two independent regions, with no local installation required:
EU: https://mcp-eu.cybedefend.com/mcp
US: https://mcp-us.cybedefend.com/mcp
Integration takes a single command in Claude Code, Cursor, Windsurf, VS Code, or any MCP-compatible agent. Full documentation is available at docs.cybedefend.com.
The vulnerability scoring system has been completely rethought to move beyond the limitations of static CVSS 3.1.
Dynamic CVSS 4.0: the frozen CVSS 3.1 score is replaced by a dynamically computed CVSS 4.0 score combining the base score and the environmental score per detection, accurately reflecting the real context of each project.
EPSS support: the Exploit Prediction Scoring System is now integrated as a priority signal, weighting the likelihood of active exploitation for each vulnerability.
Top 5 Focus: beyond dynamic sorting, an AI agent analyses all findings across every scanner and recommends the 5 vulnerabilities to address urgently. This focus strengthens CybeDefend's agentic ASPM capabilities by directing attention where the impact is highest.
Natural language scoring: technical CVSS strings (e.g. AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) are now translated into plain-language explanations, available in both English and French.
It is now possible to define a dedicated security context for each project. This context enriches agent-driven analysis and allows priority and detection rules to be tuned against the specific business and infrastructure characteristics of each repository.
Every vulnerability now carries an explicit exploitability field with three states: not_exploitable, theoretical, and proven. This field complements the existing Exploitable Path and enables more precise triage workflows, particularly for security policy enforcement and compliance exports.
This release lays the foundation for VibeSec, the flagship feature of v1.0.0. VibeSec analyses the Security Code Knowledge Graph of a project to automatically detect the business rules already enforced in the codebase: multi-tenant isolation, payment ceilings, separation of duties, idempotency, and more. These rules are then injected into the context of AI coding agents (Claude Code, Cursor, Windsurf, and others) to ensure that generated code respects them from the very first suggestion, before the PR even exists. The MCP Server reinforcement included in this release directly prepares the infrastructure required for VibeSec.
v1.0.0 will also introduce a full redesign of the Cybe Security Champion. It will be able to answer any security question while connected to the CybeDefend documentation, and to take actions directly on the platform: update a vulnerability status, summarize a project's security posture, and advise on the next steps to take. The foundations of this redesign are integrated into v0.10.0.
April 23rd, 2026
Cette patch release apporte une refonte majeure du moteur de dΓ©tection de secrets, une accΓ©lΓ©ration spectaculaire du parsing IA, et plusieurs amΓ©liorations ciblΓ©es sur l'expΓ©rience utilisateur et l'onboarding.
I. Secrets Detection β 150 New Rules & Commit History Scanning The secrets scanner has been significantly expanded with 150 additional detection rules, broadening coverage across cloud providers, SaaS APIs, private keys, and internal token formats. Detection now extends beyond the current state of the codebase to include the full commit history, surfacing credentials that were introduced and later removed but remain exploitable.
II. AI Parsing β 3x Faster Initial Parse, 95% Faster Incremental Updates A complete overhaul of the AI project parsing pipeline delivers dramatic performance gains. Initial project parse time is reduced by a factor of 3. Subsequent incremental parses, which occur after the baseline is established, are now up to 95% faster thanks to a new caching layer that reuses prior parsing results and only processes diffs. At scale, this transforms the responsiveness of the platform for large, frequently updated codebases.
III. User Role Clarity on Member Invite The member invitation flow now includes clearer explanations of what each user role entails. Permissions and access levels are displayed inline when selecting a role, reducing confusion and mis-assignments during onboarding.
IV. Invited User Onboarding Improvements Several improvements have been made to the onboarding experience for users joining an existing organization via invitation, covering clarity of the activation flow, contextual guidance, and edge case handling.
April 14th, 2026
This patch release builds on the foundations of V0.9 with two major third-party integrations, a new code visualization capability, key UX improvements, and several targeted bug fixes. It also includes frontend groundwork preparing the upcoming V0.10, which will introduce full agentic ASPM capabilities.
I. Slack Integration CybeDefend can now connect directly to your Slack workspace. Receive real-time notifications on scan completions, new critical findings, and security posture changes β keeping your team informed without leaving their primary communication tool.
II. Jira Integration Bridge the gap between security and engineering. CybeDefend now integrates natively with Jira, allowing you to create and track tickets for vulnerabilities directly from your findings, ensuring security issues flow seamlessly into your existing development workflows.
III. Code Graph Visualization You can now visualize your project's code graph directly from the CybeDefend interface. This dependency and call graph view provides a deeper understanding of your codebase structure and helps contextualize how vulnerabilities propagate through your application.
IV. Cancel Scan Button A new cancel action is now available for scans in a waiting for file or queued state, giving teams more control over their scan pipeline and reducing unnecessary queue blocking.
V. Improved Project List View The project list has been redesigned to be more consistent and user-friendly, improving navigation and readability across organizations with a large number of projects.
VI. Frontend Improvements β Preparing V0.10 (Agentic ASPM) Significant frontend improvements have been made to the Cybe integration layer in preparation for the upcoming V0.10 major release, which will bring full agentic AI-powered ASPM capabilities to the platform.
VII. Yarn Dependency Scan Fix Resolved an issue that caused dependency scanning to fail or produce incorrect results on projects using Yarn as their package manager.
VIII. Exploitable Path β Import Comment Handling Fixed a bug in the Exploitable Path engine where import paths containing inline comments were not correctly resolved, leading to inaccurate reachability analysis.
IX. Large Codebase Parsing Fix Resolved a crash occurring during the parsing of very large codebases exceeding 200,000 lines of code, ensuring stable and complete analysis at scale.
March 19th, 2026
Version 0.9 marks a major milestone in the evolution of CybeDefend, transforming the platform into an omnipresent development companion. This release introduces our new official IDE extensions, a revolutionary way to manage SCA vulnerability relevance via Exploitable Path, and a complete overhaul of our Command Line Interface (CLI) for enterprise-grade DevSecOps integration.
Security is moving out of the dashboard and directly into your workspace. CybeDefend extensions bring the power of scanning and AI to VS Code and the JetBrains suite (IntelliJ, WebStorm, PyCharm, etc.).
Multimodal Scanning: Run SAST, SCA, IaC, Secrets, and CI/CD audits in a single click.
Native Visualization: Severity gutter icons, diagnostic underlines, and a dedicated results panel.
CybeAgent (AI-Powered Fix): Donβt just detectβrepair. The AI agent analyzes context (CWE, data flow) and proposes a precise patch you can apply instantly.
Integrated DeepFix: Automatically update vulnerable dependencies across 10 ecosystems without leaving your editor.
Cut through the noise. Exploitable Path determines if an SCA vulnerability is actually exploitable by analyzing whether your code effectively calls the vulnerable function or package.
Reachability Detection: Identifies if a dependency is Used, Unused, or Potentially Used.
Priority Adjustment: Automatically boosts the severity of used packages and lowers unused ones to "Very Low."
Auto-Ignore: Automatically hide vulnerabilities that cannot be exploited because the code is never called.
Import Tracking: See exactly which line and file a high-risk dependency is imported in.
A total redesign of our command-line tool to meet the strictest security requirements.
OAuth & PAT: Moving away from static API keys in favor of Personal Access Tokens (PAT) and OAuth (PKCE) flows with secure storage (chmod 0600).
Persistent Login: No need to pass credentials with every command thanks to seamless token management.
Enterprise Support: SSO & SAML authentication integration for smooth organization-wide deployment.
Advanced Reporting: Generate multi-format reports (JSON, HTML, PDF, Markdown) and automatically aggregate all scan types.
To simplify resource management, we are unifying Security Champion, Autofix, and Analysis quotas into a single metric: the Cybe Quota.
Developer Plan: The quota has been increased to 100 Cybes (a 25 Cybe boost).
Granular Control: You can now manage and assign quota limits per user or for Cybe analysis directly from the new "Usage & Entitlements" page.
The SCA scanner now identifies legal risks related to your dependency licenses (Copyleft, non-compliant licenses, etc.) in addition to traditional security flaws.
We are expanding our Cloud coverage with native support for Scaleway container registries, enabling seamless vulnerability scanning for your Docker images.
SARIF Stability: Improved integrity of SARIF exports for better compatibility with GitHub Advanced Security.
SCA Performance: Optimized analysis of complex dependency graphs for large Maven and NPM projects.
February 7th, 2026
This release introduces Policy Management, a foundational security governance layer for CybeDefend. Version 0.8.0 enables organizations to define security requirements as code, automatically evaluate scans against those policies, and track compliance over time at both organization and project levels.
In parallel, we delivered major stability improvements across all scanners, more realistic scan progress tracking, and significant UX enhancements for vulnerability management.
CybeDefend now provides a full Policy as Code engine to enforce security standards consistently across organizations, teams, and projects.
Key capabilities include:
Hierarchical policies with strict precedence:
Organization β Team β Project
Higher-level policies cannot be weakened by lower levels.
YAML-based policy definitions with full version control support.
Async policy evaluation using a dedicated worker to avoid blocking scan workflows.
Support for simple and composite rules:
Severity, CVSS, CWE, OWASP, scanner type, branch, vulnerability age, and more.
AND / OR logic for advanced conditions.
Flexible exclusions with glob patterns, justification, and optional expiration dates.
Violation tracking and audit trail for compliance and reporting.
CI/CD enforcement with deterministic exit codes for warn vs block actions.
Policies are evaluated automatically after scans, ignoring vulnerabilities that are already resolved, ignored, or marked as not exploitable, ensuring focus on real, active risk.
This feature enables security teams to move from passive detection to enforced security governance.
To make policy enforcement visible and actionable, CybeDefend now includes Compliance Overview dashboards:
Organization-level compliance view
Global security posture across all projects.
Policy violations summary and trends.
Project-level compliance view
Effective merged policy visualization.
Historical compliance tracking per scan.
Clear identification of blocking vs warning violations.
This provides a continuous, auditable view of security compliance over time.
You can now update multiple vulnerabilities at once directly from the Detailed view:
Select vulnerabilities using checkboxes.
Apply status changes (ignore, accept risk, etc.) in bulk.
Greatly improves triage efficiency on large scans.
Scan progress estimation has been reworked to better reflect real execution stages:
Reduced misleading βstuck at X%β behavior.
Progress now correlates more closely with actual scan phases.
Improved user confidence during long or complex scans.
Significant work has been done to harden the scanning pipeline:
Improved stability for GitHub and GitLab scans.
Global reduction of scan crashes across all scanners.
Better error handling and recovery for edge cases.
These changes reduce unexpected failures and improve overall scan reliability, especially on large repositories.
Fixed an issue affecting public container image scans that could cause incorrect failures.
To prepare the upcoming authentication system overhaul:
API keys are now officially deprecated.
They will be fully replaced by Personal Access Tokens (PAT) in v0.9.0.
Upcoming authentication flow:
A PAT will be exchanged for an OAuth access_token using a token exchange endpoint (grant_type=token-exchange).
All API calls will then use:
Authorization: Bearer <access_token> This change is required to support fine-grained scopes, better rotation, and improved security guarantees.
We strongly recommend starting to plan this migration ahead of v0.9.0.
January 12th, 2026
This release introduces a major evolution of the CybeDefend user experience and remediation capabilities. Version 0.7.0 delivers a fully redesigned web dashboard, a next-generation Autofix engine with bulk remediation via pull requests, and a breakthrough approach to fixing SCA vulnerabilities, even deep within transitive dependencies. We also significantly expanded our IaC detection coverage and improved result readability with advanced vulnerability grouping.
The CybeDefend web dashboard has undergone a complete overhaul to provide a more modern, intuitive, and efficient user experience.
Cleaner and more structured layouts for faster navigation.
Improved readability of scan results and security insights.
Optimized workflows for triage, remediation, and reporting.
Designed to scale better with large projects and high vulnerability volumes.
This redesign significantly reduces cognitive load for both developers and security teams.
We introduced a brand-new Autofix engine, designed to be faster, smarter, and more scalable.
Select multiple vulnerabilities across files and categories.
Generate a single grouped Autofix Pull Request.
Consistent, secure, and idiomatic fixes aligned with your codebase and framework.
Improved fix accuracy thanks to deeper contextual analysis.
This enables teams to remediate large sets of vulnerabilities in minutes instead of hours.
CybeDefend now supports Autofix for Software Composition Analysis (SCA), powered by DeepFix, a new proprietary resolution engine.
DeepFix is capable of fixing vulnerabilities even when they originate from transitive dependencies:
Analyzes complex dependency graphs with multiple transitive import paths.
Identifies valid remediation paths among competing dependency trees.
Recommends safe upgrades of parent dependencies to eliminate vulnerable child libraries.
Avoids breaking changes whenever possible by selecting the most compatible fix path.
This brings true, actionable remediation to SCA, where traditional tools often stop at detection.
To improve result readability and prioritization, vulnerabilities can now be visualized in a grouped mode.
Vulnerabilities of the same type are merged into a single logical occurrence.
Grouping applies even when findings span multiple files or locations.
Quickly assess impact without being overwhelmed by repetitive detections.
Ideal for large repositories and refactoring-oriented workflows.
You can still drill down into each individual occurrence when needed.
We have added more than 1,000 new Infrastructure as Code detection rules, significantly expanding coverage across cloud providers and configuration patterns.