We've released the Takumi Autofix feature. This feature automatically generates fix patches for vulnerabilities detected in security assessments and creates Pull Requests.

We've introduced improvements to enhance both recall and precision rate of the Takumi Blackbox Engine.

Takumi Whitebox Assessment is now available directly from the Web Console.

Previously only available via Slack chat or Web chat, you can now run whitebox assessments from the Web Console, just like blackbox assessments. Provide your source code via GitHub repository integration or file upload, and Takumi will analyze the code to detect vulnerabilities.

In the web version of Takumi, you can now select GitHub repositories through Takumi Workplace. Additionally, with this change, existing scope definitions have been migrated to the Takumi Workplace default.

We have updated the permissions for the Write GitHub Apps.

Repository permissions for Contents has been changed from Read-only to Read and write.

We've made some improvements to the Takumi Blackbox Assessment engine.

Takumi New Feature Release

Dependabot AI Triage is now available on the web console.

View and manage all your Dependabot triage results directly from your browser - no Slack required.

Takumi Blackbox Assessment now supports per-target ownership verification.

Users can now verify ownership of individual target applications and use features involving dynamic network connections against them, without requiring organization-level authentication.

We've released a feature that automatically assigns organization-level roles when inviting new users via Shisho Cloud projects.

This feature enables administrators to flexibly configure permissions so that project members can access certain organization-level features (such as viewing/modifying integration settings, browsing user lists, etc.).

We've released a feature that periodically sends security status reports for Shisho Cloud projects as notifications.　

With this release, you can receive Security Status Reports by Resource Kind within your projects via Slack or email. This makes it easier to continuously monitor security status and share information with stakeholders.