Smithy Changelog
See what's new in each version of Smithy.
UX polish, improved ZAP support, Linear and Discord integrations
Workflow graph is easier to use, findings summary page shows and filters by individual triage annotation. A couple more integrations
Automated Triaging and more integrations
Smithy can now remove even more noise. Several new integrations
UI Improvements
Smithy UI is significantly less cluttered as experiments are removed
Exploitability, rich finding info and lots of UX changes
Smithy reports if an exploit exists for a CVE. Every finding has a ton of info on how to fix and where it was found and the UI looks more like the website
Findings Management and a Jira integration
Users can dismiss or silence findings in Smithy. Dismissed finding get re-opened if found again, silenced findings get silenced until they are un-silenced. There is a Jira integration
Users can see found vulnerabilities by Repository and Image, Smithy reports on Github PRs
Users of Smithy SaaS can see found issues by repo or image they were found in. There is a Github reporter component. Smithy runs automatically for private repos and can also monitor private images in registries.
Dast, unified Snyk, Semgrep, SBOMS
Smithy can do DAST scans and generate SBOMS
SaaS uses V1 components
Smithy SaaS runs V1 components. There are now dashboards that show reprioritised findings.
Smithy V1 components
Smithy V1 components released. Support for authenticated DAST. Several orchestrator fixes to enable rapid development.
Operator Improvements to better support on-premise deployments
Smithy SaaS runs on local clusters with support for networked filesystems.
OCSF support
Smithy OSS now speaks OCSF
GitHub triggers
Trigger a workflow automatically when your repository is updated