Security teams don’t need another dashboard screaming about low-priority bugs. They need to know what’s important, what’s already fixed, and what’s still a ticking time bomb.
That’s where we’re headed at Astra.
This summer, we’ve made several updates that do exactly that. Delta scans that stop pointing at the same issues. MFA protection where it actually matters. Cloud rescans that are faster and smarter. Reports that don’t require a Sunday afternoon to clean up.
Everything is designed to save time, reduce noise, and help you move quickly without breaking things.
We’re building security that works with your workflow, not against it. And this is just the start.
Let’s walk you through what’s new.
1. Incremental (Delta) Scanning for Web Apps and API
The Problem
Full scans were too slow. Lightning scans were fast but lacked depth. There was no middle ground for teams that just wanted to test what changed
The Solution
We introduced Delta Scanning. Astra now detects new or modified endpoints and runs full test coverage only on those parts of your app or API.
The Impact
- Scan times are reduced up to 80%
- You still get the depth of a full scan where it matters
- Ideal for agile CI/CD pipelines
2. JSON Export for Vulnerability Reports
The Problem
Teams wanted more than a PDF. They needed vulnerability data in a machine-readable format that could plug into their own systems, dashboards, or workflows.
The Solution
You can now export vulnerability reports in JSON format directly from the Astra platform. It’s structured, clean, and ready to be used wherever you need it.
The Impact
- You can integrate scan data into SIEM tools, ticketing systems, or internal dashboards.
- Enterprise workflows can automate triage and reporting more easily.
- Your team gets full flexibility in how vulnerability data is consumed and acted on.
3. Unique Vulnerabilities in Pentest Reports
The Problem
Reports were cluttered with duplicate vulnerabilities across scans. This made it harder to focus on what truly mattered and often led to wasted effort during triage.
The Solution
You can now toggle “Show only unique vulnerabilities” when generating Full or Management reports. This filters out repetition and gives you a streamlined view of the real issues.
The Impact
- Reports are cleaner and easier to digest.
- You’ll see around a 20 percent reduction in report size.
- It becomes simpler to focus on root causes rather than repeated symptoms.
- 20% reduction in report size
- Better visibility into root issues
4. MFA Support for Web App Scanning
The Problem
Apps with mandatory two-factor authentication (like TOTP-based 2FA) couldn’t be scanned end-to-end without manual workarounds. That meant important sections were left untested.
The Solution
Astra now supports scanning of TOTP-protected web apps. You can provide MFA secrets and login recordings during setup, allowing secure and automated access throughout the scan.
The Impact
- You get full scanning coverage for 2FA-enabled targets.
- Access is handled securely and stays under your control.
- Your team is better prepared for compliance checks and audit requirements.
5. Findings Response Body in UI
The Problem
ome vulnerabilities were hard to interpret without seeing the full picture. Without the actual HTTP response that triggered the issue, teams had to guess what went wrong or replicate it manually.
The Solution
Each vulnerability now includes a “Response” section in the UI. It shows the full response headers and body from the triggering HTTP request, giving you complete visibility right where you need it.
The Impact
- Easier root cause analysis
- More transparent and informative findings
- Findings are clearer and more actionable.
- Your team can make faster decisions during triage and remediation.
6. Support for Larger Mobile Uploads (APK/IPA)
The Problem
Uploads for mobile app files were capped at 100MB. That limit, set by a third-party tool, forced users to rely on workarounds or share files externally, not ideal for security or speed.
The Solution
Users can now upload files up to 300MB directly within the platform.
The Impact
- Seamless onboarding for mobile assets
- Elimination of upload-related friction
- Faster test setup for mobile app pentests
7. Scanner Agency Plan for MSSPs
The Problem
Agencies and MSSPs often struggled with rigid licensing. Managing scans across multiple clients meant buying a separate license for each one, even when only a few were active at a time.
The Solution
The new Scanner Agency Plan solves that. You get a flexible pool of targets, for example, 5 at a time, and can rotate them across clients after a 30-day cooldown. It’s built for how agencies actually work.
The Impact
- You get cost-effective coverage across multiple clients.
- Target rotation gives you flexibility without extra licenses.
- License management becomes simpler and more predictable.
8. Trust Center Redesign
The Problem
The earlier Trust Center took too much manual effort to set up. Customizing it for different stakeholders was clunky, and publishing updates felt more like a chore than a win.
The Solution
The new Trust Center is faster, smarter, and built for scale. You get AI-powered content suggestions, a drag-and-drop editor, and a clean layout that’s ready for customers out of the box.
The Impact
- You can launch a trust portal in just a few minutes.
- Sharing your security posture with customers is now effortless.
- You build credibility without getting stuck in the weeds.
9. Platform-Wide Improvements
Beyond the major features, we’ve implemented several quality-of-life enhancements across the platform. These are the small but mighty changes that make security work feel less like work.
- Test Connectivity Before Scan Launch
Now you can check if a target is reachable before starting a scan. No more surprises from misconfigured endpoints. - Delta Scan Toggle for All Users
You can now choose between Full or Incremental scans depending on your scope and urgency. More control, less waiting. - Revamped Tables
API, Subscription, Target, and Compliance tables have been redesigned for faster load times and better visibility. - Session Duration Control
Authenticated session durations can now be extended up to 48 hours. Perfect for scanning apps with complex login flows. - Improved Vulnerability Navigation
Keyboard shortcuts, bulk actions, and advanced filters make triage faster and smoother.
- More Accurate Reporting
Scan states, risk scores, and vulnerability data are now more consistent across the platform and in downloaded reports.
What’s Next at Astra: The Future Is Closer Than You Think
What’s Coming Next: The Future of AppSec at Astra
This summer, we focused on making security faster, smarter, and easier to work with. But we’re just getting started.
In DAST, we’re pushing for deeper API coverage and smarter scans that adapt to your app’s architecture. Threat model testing is becoming more precise with test cases tailored to the specific structure of your application. A redesigned dashboard is also on the way, built to quickly surface the right insights, allowing your team to take action faster.
In API Security, self-serve onboarding is coming soon, so you can activate protection in minutes without waiting for manual setup. Detection for critical risks, such as broken access control, is being upgraded, and new compliance mappings are on the way, including PCI, DORA, and NIST 2. These will help you align your APIs with evolving regulations.
For Pentesting and Compliance, we’re streamlining everything from planning to reporting. Expect compliance-ready reports for SOC 2, HIPAA, and ISO 27001, along with broader vulnerability mappings, to help you close audits faster and with less friction.
And then there’s our AI roadmap. Soon, AI-powered suggestions will help developers fix issues directly inside their IDEs. AI agents will simulate complex attack paths to uncover deeper flaws. You’ll also see smarter crawling, issue enrichment, and logic-aware detection to catch vulnerabilities that used to fly under the radar.
At every step, the goal remains the same: to build security that fits your stack, integrates seamlessly into your workflow, and grows with you.
The next version of Astra is already in motion. You’ll be seeing it soon.
Lock down your security with our 10,000+ AI-powered test cases.
Discuss your security needs
& get started today!
