Security teams need clear signals, fast investigations and automation that fits into existing workflows. The latest CyCognito updates focus on streamlining asset operations, speeding up review of context and expanding what you can manage through the API.
Recent enhancements include new asset management permissions, Asset List productivity improvements and additional API capabilities for realm freshness and issue lifecycle control.
Analyst Permissions for Asset Management
Users with the Analyst role can now tag assets, add comments and change investigation status. This reduces handoffs and helps teams triage faster without waiting for higher-privileged users. These actions are available in both the Asset List and the Asset Details views.
Inline Multiple Comments in Asset List
You can now expand and read multiple comments directly from the Asset List. This makes it easier and quicker to review history and context across assets without opening the Asset Details page, which saves valuable time and accelerates critical decisions during investigations.
Realm Daily Update Metadata via API
Realm daily update signals are now exposed through the API. Fields such as last_daily_update and assets_added_in_latest_baseline_update provide programmatic visibility into data freshness and recent activity. Use the /v1/realm endpoint to bring these signals into governance dashboards, monitoring jobs or reporting workflows.
Snooze Issues via API
Issues can now be snoozed programmatically to match remediation windows and reduce noise during planned work. Snoozing preserves full issue context while temporarily pausing notifications. Use the Issues API to snooze and manage issue lifecycle from scripts, SOAR playbooks or other automation.
Other Brief Updates
- Added a “Hide inactive keys” toggle in API Key management. The platform remembers your preference.
- Improved transitions between Filter and Search and Advanced Search for a smoother experience when refining queries.
Recent Emerging Threat Research
October saw a high number of critical vulnerabilities across widely used platforms and services, all of which were rapidly addressed by the CyCognito team. Below is a list of some of the highest-priority threats identified and handled during the month:
- Django ORM SQL injection (CVE-2025-64459)
- DNN Platform unauthenticated file upload (CVE-2025-64095)
- Apache Tomcat URL rewrite path traversal (CVE-2025-55752)
- Redis Lua remote code execution (CVE-2025-49844)
- Oracle E-Business Suite pre-auth remote code execution (CVE-2025-61882)
- Cisco ASA, FTD and IOS web services issues (CVE-2025-20333, CVE-2025-20362, CVE-2025-20363)
- Fortra GoAnywhere MFT vulnerability (CVE-2025-10035)
