Highlights

• Single Vulnerability Assessment (SVA) (new)
• Dig Deeper granular investigation tools (new)
• On-Premise Scanning Production Readiness (new)
• Scanner Fleet Expansion & Whitelisting (new)
• Live Attack Scenario Risk & Status Tracking (new)
• Scan Report PDF Design Improvement (new)
• Advanced Attack Scenarios & Testing Assurance (new)
• Comprehensive Multilanguage Support & Localization (new)

---

1. Single Vulnerability Assessment (SVA)

Single Vulnerability Assessment (SVA) is a targeted new scanning profile designed to let security teams validate and assess individual vulnerabilities without requiring a full-scope platform scan. SVA allows teams to rapidly verify if a specific vulnerability exists or confirm if a recent patch was successful, saving critical time and reducing cloud compute overhead.

• Targeted Validation: Ships with dedicated, lightweight SVA scanning profiles and configurations for Network, iOS, Android, and Web targets to address cases like bug bounty validation and fix validation.
• Immediate Execution: SVA instances run on highly optimized cloud infrastructure to ensure immediate start times and ultra-fast, zero-overhead scan execution.

2. Dig Deeper

To give users more context and control over their security findings, we have launched the Dig Deeper feature set. Users can now explore findings with much greater granularity directly from the reporting interface. For example, if you found a bug but it's not clear what the impact is, if it still exists, or if it's a false positive, Dig Deeper allows you to investigate it further and perform custom actions like finding variants.

• Web Interface Integration: Integrated directly into our Web interface and reporting engine dashboard.
• Updated Scan Profiles: Sourced and updated documentation with a new supported scan profiles overview page, making it easy for customers to select the right scanning strategy.
• Localized Context: Includes localized context support, so global teams can investigate issues in their preferred language.

3. On-Premise Scanning Production Readiness

We have heavily invested in our self-hosted architecture to bring full cloud parity and enterprise-grade scalability to our on-premise deployment model. This update officially graduates our local scanning engine out of beta into a production-ready framework.

• Robust: Built with reliability and resilience in mind.
• More scalable: Effortlessly scale scanning capacity horizontally.
• Faster: Optimized for rapid execution and processing.
• Better visibility: Comprehensive dashboards for absolute visibility.
• Improved control: Tightly encrypted, audited, and controlled environments.

More to come.

4. Scanner Fleet Expansion & Whitelisting

To support our newly expanded scanning targets and ensure uninterrupted scan coverage, we have expanded our active scanner fleet and added 10 new scanner IP addresses.

Addresses

• Whitelisted IPs: 213.136.70.246, 176.126.87.16, 213.136.68.157, 213.136.71.67, 161.97.148.17, 161.97.70.189, 161.97.73.195, 161.97.72.88, 213.136.74.246, 161.97.67.198

Note: Our full, up-to-date list of scanner IPs is always available at docs.ostorlab.co/security/network_ips.html.

5. Live Attack Scenario Risk & Status Tracking

To provide complete transparency into our autonomous AI testing sequences, we have introduced a brand-new Risk and Execution Status dashboard view. Instead of treating autonomous security testing as a black box, users can now track individual attack scenarios, their severity levels, and their exact completion state in real time.

• Granular Attack Path Tracking: Monitor the specific execution state (Not Started, In Progress, Done, or Error) of complex attack vectors—such as Signal database forensic extractions, SQLCipher decryption bypasses, or Bluetooth/BLE pairing vulnerabilities—as the AI handles them.
• Scenario-Level Risk Prioritization: Every potential threat vector tested by the AI is explicitly mapped alongside its risk rating (Critical, High), allowing security teams to see instantly where the autonomous engine concentrated its deepest exploitation paths.
• Task, Tool, and Finding Telemetry: Gain a macro view of the entire testing footprint with interactive counter chips displaying the exact number of sub-tasks initiated, specific tools deployed, and unique findings discovered per attack scenario.

6. Scan Report PDF Design Improvement

The reporting engine has been upgraded to deliver publication-ready, interactive PDF security reports designed for modern engineering and compliance workflows.

• Instant Vulnerability Navigation: By integrating an interactive finding index and native PDF bookmark sidebars, engineering and compliance teams can bypass manual scrolling. Team members can jump directly to specific vulnerabilities with a single click, significantly reducing the time spent reviewing reports and speeding up the remediation lifecycle.

• Jargon-Free Reporting: Internal developer metrics and system codes have been replaced with clear, human-readable status summaries. This ensures reports are instantly ready to hand off to C-level executives, clients, or external compliance auditors without requiring technical translation from engineering teams.

• Native Multi-Language Support: The reporting engine now natively supports seamless localization for international markets, specifically Japanese and Chinese. This allows global enterprises to deploy the solution across distributed international teams, ensuring everyone can review critical security findings in their native language.

7. Agentic Deep Scan & Auto-Exploit Expansions

Agentic Deep Scan's autonomous exploitation capabilities have been significantly expanded with new targeted planners and evasion techniques, allowing our AI engine to navigate complex environments and provide higher-fidelity security findings.

• Advanced Attack Planners: Added specialized analysis planners targeting iOS inter-process communication (XPC) and complex Android runtime environments to ensure more thorough mobile assessments.
• Testing Shielded Applications: Enhanced support for testing heavily obfuscated or shielded mobile applications, enabling the AI scanner to perform accurate assessments even on apps with anti-tampering active.
• Proof-of-Testing Reports: The engine now generates clear, step-by-step reasoning on why a vulnerability was or was not validated, generating a "Secure" status finding when no exploitable issues are identified.

8. Comprehensive Multilanguage Support

The Reporting Engine and web dashboard have received a massive localization update, ensuring that security findings, reports, and platform interfaces are fully accessible to global teams.

• Platform-Wide Translation: Integrated translations directly into our automated reporting pipelines, supporting localized dynamic findings in both web reports and PDF formats.
• Localized Reporting & Threat Center: Generate fully translated PDF reports and navigate the Threat Center UI in your preferred language.
• User Journeys & Frontend: Questionnaires and email notification flows now dynamically match the user's preferred language through standardized language detection.

9. UI/UX & Performance Improvements

Numerous layout, performance, and automation improvements have been implemented across the application to deliver a smoother, more responsive user experience.