Release 4.18
Release date: October 24th, 2025
Key Benefitsβ
- Threat Modeling Agent (AI-Powered);
- Performance Optimization;
- Enhanced PDF Reports;
- Executive Reports;
- Multilingual Platform & Reports;
- AI Agent β Contextual Fix Suggestions;
- AI Agent β Vulnerability Lookup by ID;
- Retest Project Improvements;
- Filter System Redesign;
- DAST β False Positive Reduction (ML-Based);
Introductionβ
This release brings multiple AI-powered capabilities, language flexibility, and major usability upgrades.
Highlights include multilingual reports, contextual AI fixes, enhanced retest workflows, and expanded threat modeling intelligence.
These updates aim to make the Conviso Platform faster, more intuitive, and even more powerful for global security teams.
New Feature
Threat Modeling Agent (AI-Powered)β
- New AI-driven threat modeling agent available in the Threat Modeling module.
- The AI agent supports this input formats for modeling:
- Images: PNG, JPEG, and PDF architectural diagrams.
- User Stories: Markdown (
.md) or plain text (.txt) files.
- Automatically recognizes and models assets from both visual and textual sources.
- The agent parses the file, identifies components, and generates CAPEC-based security requirements automatically.
- Examples include disabling GraphQL introspection, enforcing rate limiting, and query cost analysis.
- Helps standardize and accelerate threat modeling with minimal manual input.
Improvements
Performance Optimizationβ
- Reduced initial load time from ~9 seconds to under 100ms.
- The platform now delivers faster page rendering and improved responsiveness.
New Feature
Enhanced PDF Reportsβ
- Technical and executive reports now support inline image rendering.
- Key updates include:
- Display of assets associated with each project.
- Inclusion of the full project timeline and individual requirement timelines.
- Inline images for vulnerabilities and requirements.
- Non-image attachments automatically bundled in a
.zipfile.
- Result: richer, clearer, and more contextualized reports for both technical and managerial use.
New Feature
Executive Reportsβ
- New Executive Report type designed for decision makers.
- Provides concise, result-oriented summaries without deep technical detail.
- Keeps customizable text fields for contextual information.
- Removes complexity filters and focuses on key project outcomes.
- Simplifies reporting processes and ensures consistent communication across stakeholders.
New Feature
Multilingual Platform & Reportsβ
- Added language selection in the user profile, allowing interface translation between English and Portuguese.
- Reports (Technical, Executive, and DAST) can now be generated in multiple languages.
- Improves accessibility for international users and enhances comfort for non-English speakers.
- Users can report translation feedback directly to the team for quick improvement.
New Feature
AI Agent β Contextual Fix Suggestionsβ
- The AppSec AI Agent now provides step-by-step fix recommendations directly from the vulnerability view.
- New βagent-aiβ icon under Solution opens a chat pre-filled with the vulnerability context.
- The agent explains and guides remediation automatically.
- Reduces friction and accelerates vulnerability remediation processes.
New Feature
AI Agent β Vulnerability Lookup by IDβ
- The AI chat now supports commands such as βhow to fix vulnerability #12345β.
- Allows direct retrieval of vulnerability details from the MCP Server by ID.
- Enables smarter contextual assistance inside the AppSec AI Agent chat.
- Improves demos and client visibility during vulnerability review sessions.
Improvements
Retest Project Improvementsβ
- Added new functionality to associate vulnerabilities more easily with retest projects.
- Vulnerabilities can be linked by:
- Asset, Project, Scan ID, or Vulnerability ID.
- Simplifies retest creation and improves overall efficiency in validation workflows.
Improvements
Filter System Redesignβ
- Introduced redesigned filter management system across key modules.
- Filters are now persistent, shareable, and URL-based, maintaining state across sessions.
- Improves navigation and usability across Assets, Projects, Vulnerabilities, and Scans.
Improvements
DAST β False Positive Reduction (ML-Based)β
- The DAST scanner now uses machine learning to detect and exclude generic error pages automatically.
- Reduces the number of false positives reported in dynamic application tests.
- Delivers cleaner, more accurate vulnerability reports.
π Access the Conviso Platform to explore these updates in action.