December 1st, 2025
⚙️ Stability, Precision, Reporting, and IaC Intelligence Release
This version enhances the accuracy of all analysis engines, improves overall platform robustness, and introduces new configuration capabilities for more consistent and predictable scans. It also brings powerful new reporting features across organizations, teams, and multi project scopes, along with a comprehensive organization level overview delivering deep, consolidated security insights.
Advanced reports can now be generated not only from a single project, but also from:
An entire organization.
A custom selection of teams.
A selection of multiple projects.
The available formats remain the same: JSON, HTML, PDF.
The reports include:
CWE Top 25 Report.
OWASP Top 10 Report.
This evolution finally enables cross scope reporting for internal audits, compliance needs, board level reporting, and partner communication.
A new Overview page has been added at the organization level, providing a comprehensive dashboard with a large set of consolidated statistics.
Examples of available metrics:
Total number of projects and teams.
Open and resolved issues.
New findings over the last 7 days.
Severity distribution.
State distribution.
Vulnerabilities over time.
Analysis type distribution (SAST, SCA, IaC, Container).
Consolidated risk scoring with high, medium, and low risk breakdown.
Weekly activity.
Top most vulnerable projects.
Team summaries with their associated projects.
This new Overview provides a strategic vision of the organization’s application security posture and gives an immediate understanding of the global software risk level.
Cybe Analysis now supports intelligent false positive reduction for Infrastructure as Code, with advanced IaC rule correlation to filter out non exploitable patterns.
Semantic analysis has also been improved for Terraform, Kubernetes manifests, and CloudFormation.
A new .cybedefend configuration file can be added at the root of your repository to precisely control analysis behavior.
Exclusion rules targeting files, directories, and patterns.
Unified configuration for SAST, SCA, IaC, and Container Analysis.
The agentic parsing subsystem and the supervision layer have been reinforced.
Reduced risks of agent desynchronization.
Improved stability for large scale analyses.
Major optimizations enhance platform responsiveness and interface consistency.
Reduced loading time for the issues list through optimized API queries.
Smoother navigation across vulnerability segments.
Several issues that could cause unexpected scan termination have been resolved.
A fix has been applied for a bug affecting organization switching.
Proper context isolation when switching between organizations.
Consistent workspace rehydration and correct resource scoping.