Risk Focus Assessment now includes the following new capabilities:
Takumi's features are now available through a public HTTP API, without going through the Web UI or Slack. You can integrate Takumi directly into CI/CD pipelines, ticket management systems, or your own vulnerability management workflows—making Takumi a more seamless part of your development lifecycle.
Currently, the API supports the "Full Assessment" mode for both whitebox and blackbox assessments. Support for "Scoped Assessment" mode and Autofix will be added in future updates.
Multi-factor authentication is now available to all Shisho Cloud byGMO users.
Previously available to select organizations only, all users can now use this feature. Organization admins can also require multi-factor authentication to access organization resources.
Takumi Guard is an npm registry proxy that strengthens supply chain security.
Add a single registry URL to your .npmrc and malicious package blocking plus post-install tracking and breach notifications are enabled automatically.
Takumi Runner is a secure runner service for GitHub Actions workflows.
Change one line in your workflow file — runs-on: takumi-runner — and eBPF tracing of processes, network connections, and file operations is enabled automatically.
Takumi Blackbox Assessment now supports "Risk Focus Assessment" mode.
You can set priorities for each feature-perspective combination and run assessments incrementally within a credit threshold.
Takumi blackbox assessment reports have been improved.
Reports are now more readable and actionable, with clearer reproduction steps, more specific remediation guidance, and consistent formatting throughout.
We've released the Takumi Autofix feature. This feature automatically generates fix patches for vulnerabilities detected in security assessments and creates Pull Requests.
We've introduced improvements to enhance both recall and precision rate of the Takumi Blackbox Engine.
Takumi Whitebox Assessment is now available directly from the Web Console.
Previously only available via Slack chat or Web chat, you can now run whitebox assessments from the Web Console, just like blackbox assessments. Provide your source code via GitHub repository integration or file upload, and Takumi will analyze the code to detect vulnerabilities.