Added a new filter to the GET /api/findings endpoint to differentiate between vulnerabilities manually found in a Business Logic Assessment (BLA) and vulnerabilities found by the scanner. The new filter parameter is named manuallyDiscovered and its valid values are true and false.

Improved the description of the POST body in the /api/updateAssetSchedules endpoint to explain where the value of the assetID parameter comes from.

The functionality of API endpoints has changed:

New functionality has been added to the Findings API endpoint:

The customAssetID field was added to the response data for the following API requests:

An improvement has been made to Continuous Dynamic AutoAPI. When adding endpoints for an API asset, all endpoints are now enabled for scanning by default. Previously, endpoints with POST, PUT, PATCH, or DELETE HTTP methods had to be enabled individually. This change applies when uploading an API specification document or adding endpoints individually.

The following legacy API endpoints have been deprecated:

New functionality to list all the roles associated with a given user has been added to the following API endpoints:

The IP address ranges for WhiteHat Dynamic scanning services have been updated. The following IP addresses are no longer required:

The WhiteHat Dynamic scanning services IP address ranges have been updated. The following IP addresses are no longer required: