Changelog April 4th, 2025

April 4, 2025
Return to Changelogs

AI Dashboard

A new AI Dashboard has been added, providing  a real-time overview to the organization's AI connections, offering insights into AI services, resources, logs, and token usage. It helps monitor and manage AI interactions across different providers.

Azure AI Discovery

The Azure integration now scans for AI resources. This will work with any existing Azure integrations. 

Azure AI services added:

  • Azure AI Service
  • Azure OpenAI Service

Reporting

New Reports Added:

  • OpenAI Resources Report
  • Github AI Resource Scanning Service Report
  • Gitlab AI Resource Scanning Service Report
  • AWS Bedrock AI Resources Report
  • Azure AI Service Report
  • Azure OpenAI Service Report

Categories have been added to the reporting feature for easier filtering.

Events

New event codes added:

  • PAAS_PROMPT:OBSERVED_TAGS_CHANGED
  • PAAS_LLM:OBSERVED_TAGS_CHANGED
  • PAAS_PROMPT:DISCOVERED
  • PAAS_PROMPT:DELETED

A new view has been added to the event page for when an organization is created or the subscription plan is changed. You can now view available quotas and click a button to access the subscription details.

Code Analysis

AI usage detection in code repositories using the OpenAI SDK for the following languages:

  • Java
  • JavaScript

Added Python requests support for AI model and prompt discovery in code.

Actions

  • 637 new CVE detections added, including:
    • CVE-2025-29927 - Detects the bypassing of authorization on NextJS Applications.
    • CVE-2025-1974 - NGINX Ingress Code injection.
  • 57 default login detections.
  • 103 data exposure vulnerabilities.
  • 12 SSL vulnerabilities.
  • 119 security vulnerabilities.
  • 1 new fuzzing vulnerability.

AWS Scanning

  • Additional permissions added to AWS scanning:
    • cloudwatch:ListMetrics
    • cloudwatch:GetMetricData
    • Amazon SageMaker 

Findings

An AI findings tab has been added to the platform. New AI findings have been introduced:

  • firetail:ai-output-tokens-elevated
  • firetail:ai-total-tokens-elevated
  • firetail:ai-latency-ms-elevated
  • firetail:ai-input-tokens-elevated
  • firetail:ai-output-tokens-reduced
  • firetail:ai-total-tokens-reduced
  • firetail:ai-latency-ms-reduced
  • firetail:ai-input-tokens-reduced
  • firetail:ai-majority-stop-reason-max-tokens
  • firetail:ai-majority-stop-reason-guardrail-intervened
  • firetail:insight-pii-detected-in-ai-logs
  • firetail:insight-aws-secrets-in-ai-logs
  • firetail:insight-facebook-secrets-in-ai-logs
  • firetail:insight-gitlab-secrets-in-ai-logs
  • firetail:insight-google-secrets-in-ai-logs
  • firetail:insight-mailgun-secrets-in-ai-log
  • firetail:insight-paypal-secrets-in-ai-logs
  • firetail:insight-sendgrid-secrets-in-ai-logs
  • firetail:insight-slack-secrets-in-ai-logs
  • firetail:insight-stripe-secrets-in-ai-logs
  • firetail:insight-twilio-secrets-in-ai-logs

Filters for findings

Additional filters have been added to findings:

  • CVE ID
  • CWE ID
  • CVSS Score
  • Tags

UI Enhancements

  • New filter operators added:
    • is-one-of-prefix
    • Is-not-one-of-prefix
  • Added history to all scanning integrations.
  • Tags have been added to AI logs.

Bug Fixes

General bug fixes and improvements made throughout the FireTail platform.