We are thrilled to announce the biggest update yet to the Wallarm API Attack Surface Management (AASM) platform, along with the General Availability of our API Vulnerability Scanner! 

Enhanced Vulnerability Detection

AASM now detects approximately 2,500 of the most widespread vulnerabilities affecting APIs, and it now scans for outdated versions of software across web servers, frameworks, libraries, CMS platforms, plugins, programming languages, network services, and API gateways. Users can see the expanded set of vulnerabilities discovered in the Security Issues section of AASM.

Vulnerability Intelligence Enrichment

We’ve integrated powerful Vulnerability Intelligence sources to provide deeper insights into detected vulnerabilities, including:

• Public exploit availability 🛠️
• In-the-wild exploitation 🌍
• Use in ransomware campaigns ☠️
• Exploit Prediction Scoring System (EPSS) ranking 🎯

AI-Powered CVE Classification

AASM now leverages AI and OpenAI's LLM to automatically classify detected CVEs, helping security teams prioritize and respond more effectively.

New Charts, New Security Insights

Understanding vulnerability trends over time is critical. AASM now provides two dynamic charts to enhance your security analysis:

• Historical Risk Analysis: Tracks monthly vulnerability trends based on risk levels, helping teams measure progress.
• Resolution Risk Analysis: Evaluates the efficiency of vulnerability management by visualizing how quickly issues are resolved over time.

Improved Reporting with CSV/JSON Export

Users can now download detailed security reports in CSV or JSON formats, choosing to export all issues or only filtered ones. 

Additional Enhancements Released in Jan-Feb:

• Upgraded from a 3-level to a 5-level risk model for better prioritization.
• Multi-select filters on AASM and Security Issues pages.
• Auto-reopening vulnerabilities if they are detected again.
• Security Posture widget updates with enhanced vulnerability statistics.

For more details, visit our documentation.