May deepens Levo's AI security stack: a redesigned Policy Hub with identity-aware policies, a next-generation AI traffic tagger that attributes traffic to individual agents and sessions, and a full Agent Detail view. We also added Streamable HTTP transport for the MCP server, deeper API discovery from source code, and broad reliability and performance gains across the platform.

Highlights​

• Policy Hub with identity-aware AI policies — The AI Policies page is now a redesigned Policy Hub with inline Monitor/Enforce toggles, server-side pagination, and a new Identity Policy type that matches principals across clouds. Default policies expanded from 16 to 36.
• AI Agent Detail and per-agent attribution — A new Agent Detail page (Models, MCP, Tools, Findings, Traces) backed by a next-generation AI traffic tagger that attributes traffic to individual agents and reconstructs sessions, including AWS Bedrock AgentCore.
• MCP server Streamable HTTP transport — The Levo MCP server adds Streamable HTTP transport with header-based auth and new tools, including full vulnerability detail with HTTP traces.
• Enforced AI guardrails — The AI Gateway wires rate-limit policy actions to token-bucket enforcement, scans LLM response bodies, and enriches guardrail alerts with caller identity and policy lineage.
• Faster, more reliable platform — Up to 7x faster app and endpoint listing, plus extensive hardening against stalls, deadlocks, and trace drops.
• Discover more APIs from source — Source-code scanning now runs in parallel across entire GitHub organizations, with offline spec generation and large-repo controls, to surface APIs that may never appear in live traffic.

What's new at a glance. A one-page map of where May's additions land across the Levo API and AI security platform.

Legend for the bullets below: 🆕 new · ⚡ enhancement · 🐞 fix

API Discovery & Cataloging​

• 🆕 Force-refresh OpenAPI spec — Manually force a refresh of an application's OpenAPI spec from the org details page.
• 🆕 Discover APIs from source at scale — Source-code scanning now runs in parallel across entire GitHub organizations, with include/exclude directory controls for large repositories and an offline spec-generation mode, surfacing APIs that may never appear in live traffic.
• ⚡ Endpoint and application reports now include tags, and applications show all source types when they have both observed traffic and imported endpoints.
• ⚡ Source-code scanning skips unsupported languages, classifies empty-spec outcomes, and ignores node_modules and build directories.
• 🐞 Fixed silent endpoint-rename failures, environment filtering for application listing, and reliable revival of soft-deleted environments.
• 🐞 Resolved storage-version mismatches and dependency errors in the .NET source-analysis path.

API Security Testing​

• 🆕 AI-authored tests (early access) — New scaffolding and validation APIs for AI-authored tests, with a persisted plan and approval state machine, and test execution gated behind approval status.
• ⚡ Exported test plans now produce a runnable zip, and test results are richer with real-time streaming.
• 🐞 False-positive suppression and detection hardening for OS command injection and input validation, plus a fix for LFI handling of empty response bodies.

Web Application Scanning (DAST)​

• 🆕 Advanced authentication strategies — DAST scans add opt-in multi-step DOM-driven login, session-transplant and storage-state strategies, and static MFA pass-through, plus an iframe-aware login resolver for Keycloak, Auth0, and Okta SSO.
• 🆕 Redesigned Create DAST Scan modal — A cleaner scan-creation experience, with the option to run scans on Levo Cloud or on-prem.
• ⚡ Time-based SQLi detection with N-sample confirmation, broad passive and active false-positive reduction (up to ~75% on some paths), and improved crawler diversity.
• 🐞 DAST scan creation is now correctly blocked when the feature flag is disabled.

AI Security​

• 🆕 Policy Hub with Identity Policies — The AI Policies page is redesigned as a Policy Hub with an Identity Policy editor, inline Monitor/Enforce toggles, and server-side pagination. A new Identity Policy type matches principals across clouds, and default policies expanded from 16 to 36, seeded automatically for new environments.
• 🆕 Enforced guardrails and rate limiting — The AI Gateway wires rate-limit policy actions to token-bucket enforcement, scans LLM response bodies for output policies, and supports hot-reload policy enforcement via a new control plane.
• ⚡ Richer guardrail alerts — Alerts now carry caller identity (source address, IAM principal, user agent, model, upstream), policy lineage, real scanner names, and gateway-supplied titles, with enforcement mode following the originating policy.
• ⚡ Azure OpenAI native passthrough for transparent API-key forwarding, plus guardrail model cache pre-warming and reduced gateway memory usage.
• 🐞 Guardrail alerts now write to a dedicated alerts table, and duplicate scanner fires were eliminated.

AI Discovery​

• 🆕 Next-generation AI traffic tagging — A new AI Traffic Tagger attributes traffic to individual agents and sessions, recognizes AWS Bedrock AgentCore runtime callers, and adds A2A discovery and comprehensive AI-provider parsers.
• 🆕 Function-calling tools and AgentCore identity — Discover function-calling tools alongside MCP tools, with per-agent identity from AgentCore, and support for server-less MCP tool rows.
• ⚡ AI and MCP trace ingestion and querying via a trace-type filter, with a Trace Type switch on the Traces page and PII type names shown inline in the Findings table.
• 🐞 Reliable MCP entity modeling when captured at the proxy or gateway, correct per-agent attribution, and stable agent identifiers across batches.

Vulnerabilities & Findings​

• ⚡ Persistent filters — Vulnerability filters are retained across list and detail views.
• ⚡ Auto-closing a vulnerability on a flagged endpoint now includes your comment, and bulk vulnerability updates are processed reliably.

Sensitive Data​

• 🆕 Sensitive data findings for AI workloads — New sensitive-data finding services with entity-type awareness, and PII data pivoted to AI-aware entities so findings cover AI agents and sessions.
• ⚡ Entity type is now included across all sensitive-data APIs.

Runtime Protection​

• ⚡ Protection module health check is now enabled by default.

Sensors & Deployment​

• 🆕 Java agent published to a public container registry — The Java agent is now available as a published container image.
• ⚡ Higher-throughput, self-diagnosing capture — The Java agent adds an async dispatcher with sampling, connection-level sticky sampling, host/port filters, TCP 5-tuple recovery across Tomcat, Jetty, Netty, and Vert.x, per-endpoint rate limiting (dark-launch), and self-diagnosing capture for third-party APIs.
• ⚡ The eBPF sensor adds richer socket-info capture and preserves in-progress request data, with noisy health probes suppressed at the capture layer.
• 🐞 Fixed Java 8 silent capture-loss and over-capture bugs for more reliable instrumentation.

Integrations​

• 🆕 Slack notifications — Levo can now send notifications to Slack.
• 🐞 Fixed user organization invitations and disabled unaccepted org invites in the org picker.

Reporting & Compliance​

• ⚡ New reports added and page-size handling improved, with a wider Actions column to fit Preview and Download buttons.
• 🐞 Fixed report pagination and download issues.

MCP Server​

• 🆕 Streamable HTTP transport — The Levo MCP server adds Streamable HTTP transport at /mcp with header-based authentication.
• 🆕 Full vulnerability detail tool — A new MCP tool returns full vulnerability details including the complete HTTP trace, alongside additional test-authoring tools.

Platform, Administration & Access​

• 🆕 Polished on-prem sensor management — The Sensors page adds status pills, a Type column, search, compact layout, and contextual empty states, plus a Deployments and Configuration tab.
• ⚡ Faster listings — App and endpoint listing is up to 7x faster thanks to new indexes, with broad hardening against stalls, deadlocks, and trace drops for a more reliable experience.
• ⚡ Graceful handling of expired sessions with one-shot token refresh, and reduced noise from benign auth-page network errors.
• 🐞 Application name changes now reflect in filter dropdowns across modules, and stale JavaScript chunks no longer cause load failures.

April brings AI security front and center: discovery of AI agents, models, and MCP tools from cloud providers, the first AI Policies and guardrail alerting, and a major step forward for web application scanning (DAST) with AI-driven authentication. We also expanded reporting, hardened sensors, and shipped new deployment options.

Highlights​

• AI discovery for agents, models, and MCP — Levo now automatically discovers AI agents, models, and MCP servers and tools from your traffic, including AWS Bedrock and Gemini, so your AI footprint is cataloged alongside your APIs.
• AI Policies and guardrail alerting (beta) — A new AI Gateway policy framework with guardrail alerts that capture prompt snippets, detection scores, model name, and MCP context, giving you visibility and control over AI usage.
• DAST gets smarter authentication — Web app scans now support AI-driven login and flexible auth strategies, with deployable scan runners and improved scan depth and fidelity to reduce false positives.
• Proof-based injection testing — New semantic, proof-based SQL and NoSQL injection detection delivers high-confidence findings with dramatically lower false positives.
• AWS ECS Fargate deployment — One-click deploy and enhanced installation scripts for running the Satellite and PCAP sensor on AWS ECS Fargate.
• Redesigned sign-in and dark mode — A refreshed authentication experience plus a new dark mode in the admin portal.

What's new at a glance. A one-page map of where April's additions land across the Levo API and AI security platform.

Legend for the bullets below: 🆕 new · ⚡ enhancement · 🐞 fix

API Discovery & Cataloging​

• 🆕 Large and bulk Postman imports — Import large Postman collections in bulk, with normalized path segments to prevent duplicate endpoints.
• 🆕 Discover APIs from .NET and C# source — Source-code scanning that surfaces APIs into your inventory now supports .NET and C#, finding endpoints that may not appear in live traffic.
• ⚡ Filter endpoints by the time of the last trace received, and apply a global quick filter for all, external, or internal endpoints on the Auth Schemes view.
• ⚡ Endpoint exports now cover zombie and inactive endpoints, with sensor export pagination.
• 🐞 Trace-to-endpoint race conditions and duplicate endpoints from imports are now handled reliably.

API Security Testing​

• 🆕 Proof-based SQL and NoSQL injection detection — New semantic, evidence-driven detection for SQLi and NoSQLi with very low false-positive rates.
• ⚡ Improved assertions for CORS and injection attacks, and aggregated sub-technique assertions for mass-assignment testing.
• 🐞 Suppressed a SQLi union-canary false positive triggered by server input echo, and fixed a URL-parsing error.

Web Application Scanning (DAST)​

• 🆕 AI-driven authentication for scans — Web app scans support AI-assisted login, including extra steps for AI/LLM keys and advanced header fields; the feature is now out of beta.
• 🆕 Deployable DAST scan runners — Run web app scans from deployable runners, with re-run and configurable scan depth.
• ⚡ Endpoints are now segregated by source, with a "URLs by Source" tab, live scan metrics, and visibility into URLs pending in the queue.
• ⚡ Smarter scanning that is tech-stack aware, plus improved detection for command injection, file upload, and stored XSS.
• ⚡ "WebAppScan" is now consistently named "DAST Scan" across the product.
• 🐞 Significant false-positive reduction and signal-quality hardening, with graceful handling of scan timeouts so they are no longer reported as cancelled.

AI Security​

• 🆕 AI Policies and AI Gateway policies (beta) — A new policy framework for governing AI usage, with expanded MCP governance policies. The feature is disabled by default while in beta.
• 🆕 AI guardrail alerts — Guardrail alerts capture prompt snippets, detection scores, model name, and MCP context, with an alert detail drawer, export, and multi-select in the dashboard.
• 🆕 Transparent TLS interception and MCP sidecar — The AI Gateway adds transparent TLS interception, sidecar injection (including Java sidecar support with TLS trust-store injection), and auto-configuration of TLS interception, enabling inline inspection of AI traffic.
• ⚡ The gateway now buffers request bodies for man-in-the-middle inspection and adds a configuration to suppress noisy HTTP methods.
• 🐞 Tenant isolation for guardrail alerts, plus fixes to prevent guardrail-related crash loops and alert truncation.

AI Discovery​

• 🆕 Discover AI agents, models, MCP servers, and tools — Levo discovers AI agents, MCP servers, and MCP tools from AWS Bedrock tool configurations, and extracts model names from Bedrock and Gemini request paths.
• ⚡ AI and MCP entities are now labeled in the endpoint TYPE column, and full LLM request bodies are forwarded for accurate agent and MCP entity discovery.
• 🐞 Reliable AI trace ingestion for Bedrock, including base64-prefixed streaming responses, large payloads, and paths containing colons; pagination and sorting fixes for AI Models and AI Agents views.

Vulnerabilities & Findings​

• ⚡ Jira tickets for grouped findings — Create a Jira ticket linked to multiple endpoints directly from grouped findings, and filter findings by whether they have a Jira ticket.
• ⚡ Merged category options in vulnerability filters and a stats API that updates as you apply findings filters.
• 🐞 Fixes to Jira ticket and delete icon sizing and an overlapping solution URL in Findings.

Sensitive Data​

• 🆕 Richer sensitive data view — New stats on the sensitive data page, plus API type, newly-added, external, and trace context for each item.
• ⚡ Improved PII detection using a new NER model alongside regex, and external flags surfaced in sensitive data.

Runtime Protection​

• 🆕 Replay-attack protection — Added nonce deduplication and token lifetime enforcement to defend against replay attacks.
• ⚡ Added a health check for the Protection module.

Sensors & Deployment​

• 🆕 AWS ECS Fargate deployment — One-click deploy and enhanced installation scripts for the Satellite and PCAP sensor on AWS ECS Fargate, with updated task definitions.
• 🆕 Zero-downtime key rotation for the Satellite — A new decryption pipeline with zero-downtime key-store rotation, a filesystem key store, and pluggable decryption scripts for Satellite traffic.
• ⚡ eBPF sensor self-monitoring of CPU and memory, and a more efficient collector configuration with metrics export.
• 🐞 Fixed an eBPF sensor memory leak and improved its restart behavior; resolved a Java agent memory leak and binary payload corruption.

Integrations​

• ⚡ Improved integrations page — A refreshed integrations experience in the dashboard.
• ⚡ Keycloak LDAP/AD user federation for on-prem installations, LDAP support for multiple AD groups, and improved Auth0 subject detection.
• ⚡ Chrome extension now captures application data.

Reporting & Compliance​

• 🆕 New report types — Added AI Agents reports, a change-log and auth-schema report, an environment test report, and an RBI compliance report integrated into the UI.
• ⚡ Past Reports now show request metadata and offer filters; reports can be downloaded via secure links.
• 🐞 Report storage moved to durable object storage and a database for reliability, with corrected report numbers.

Platform, Administration & Access​

• 🆕 Admin portal upgrades — New Environments tab, Feature Control, Session Management, org detail tabs, dark mode, and global API error handling with an error boundary page.
• ⚡ Modernized authentication UI — Redesigned login and signup experience, with redirect back to your original URL after login.
• ⚡ Sticky header rows, better empty-space handling on large screens, and the dashboard UI upgraded to a current runtime.
• 🐞 Filters and cache now reset correctly on organization switch, and a Test Plans page crash when sorting was fixed.

March is a big month for web application scanning: our DAST engine matures with smarter crawling, scheduled and on-demand scans, AI/LLM-driven authentication, and a large round of false-positive reduction. We also unified AI Gateway policies with live guardrail enforcement, moved reporting to a faster async pipeline with a new application comparison report, and added configurable session management, sensor health notifications, and grouped threats.

Highlights​

• DAST matures — Web application scans gain smart crawl depth, scheduled and re-runnable scans, deployable on-prem runners, OpenAPI spec parsing, and broad coverage of missing vulnerability categories — with a major false-positive cleanup across active and passive scanners.
• Unified AI Gateway policies — A consolidated, gateway-level policy architecture with hot-reloaded policies from SaaS, a forward-proxy AI traffic governance pipeline, and live guardrail scanners now enabled in the AI Firewall.
• Faster reporting with application comparison — Reports moved to an async pipeline for reliability at scale, plus a new application comparison report you can run and view in the dashboard.
• Configurable session management — Set inactivity and absolute session timeouts, with a clear banner explaining why a session ended.
• Sensor health notifications — Get notified when a sensor goes inactive, with configuration support so you know your traffic capture is healthy.
• Grouped threats and richer findings — Threats are now grouped for easier triage, with evidence surfaced in the Threat Feed, severity sorting, more filters, and saved views across findings and scans.

What's new at a glance. A one-page map of where March's additions land across the Levo API and AI security platform.

Legend for the bullets below: 🆕 new · ⚡ enhancement · 🐞 fix

API Discovery & Cataloging​

• 🆕 Configurable ignored HTTP methods — API discovery can be configured to skip specific HTTP methods, keeping catalogs focused on the traffic that matters.
• ⚡ Endpoint exports now include the created date and last-trace-received date, and you can sort endpoints by when their last trace arrived.
• ⚡ Header parameters such as Content-Type and Accept are now parsed and populated automatically, and endpoint parameters are returned sorted by required status and name.
• ⚡ A new "Recently Discovered" filter at the application level, and a tooltip on Owned Domains in the API Discovery configuration.
• 🐞 Fixed request-parameter wrapping in API specifications and corrected masked-parameter handling in captured request paths.

API Security Testing​

• ⚡ More reliable parameter handling — user-set parameter values are no longer overwritten by newly derived values, and custom values are preserved in raw parameters.
• ⚡ Live UI log streaming per test suite for better visibility into running tests, and quieter CLI output in non-interactive mode.
• 🐞 Corrected test-run counts so they match between Insights and the API Scans page, and fixed author selection to use organization users.

Web Application Scanning (DAST)​

• 🆕 Scheduled and re-runnable web app scans — Schedule web app scans to run automatically, re-run a previous scan, and trigger scans from CI/CD with a new DAST scan action.
• 🆕 Smart scan depth and crawl-only mode — Scans default to a "smart" depth mode, with a crawl-only option for discovery and configurable scan depth per scan.
• 🆕 AI/LLM-driven authentication — Provide cookies, local storage keys, and headers for authenticated scans, including AI-assisted login that handles SPA re-login and CAPTCHA flows.
• 🆕 OpenAPI spec parsing and broader coverage — The scanner parses OpenAPI specs and adds support for the remaining DAST vulnerability categories, plus soft-404 detection, tech-stack detection, and stored-XSS detection.
• 🆕 Deployable on-prem scan runners — Run web app scans from deployable runners with scheduled, org-isolated execution for on-prem deployments.
• ⚡ A redesigned create-scan flow, a search bar for URLs and endpoints in the scan details view, HTTP-method support and filtering, live crawl metrics, persistent filters, saved filter state, and the ability to switch off DAST scanning selectively.
• ⚡ Endpoint URL is now captured on DAST findings and vulnerabilities, with a finding "Kind" filter (Web App Scans / Traffic / All).
• 🐞 Large false-positive reduction across active and passive scanners — including auth-bypass, JWT, GraphQL introspection, and JSON-reflected XSS — plus more reliable crawling, static-asset filtering, soft-404 handling, scan cancellation, and a CLI startup fix.

AI Security​

• 🆕 Unified AI Gateway policy architecture — A consolidated, gateway-level policy framework with a single policy engine, policy versioning, and policies hot-reloaded from SaaS so changes take effect without redeploying.
• 🆕 Forward-proxy AI traffic governance — A new forward-proxy mode runs AI traffic through a multi-stage governance pipeline for inline inspection.
• 🆕 Live guardrail scanners in the AI Firewall — Guardrail scanners are now implemented and enabled, with the AI Firewall and AI Gateway pages out of "coming soon."
• ⚡ The AI Gateway can now send its traffic to the Levo Satellite for full API observability alongside your other APIs, and ships latency benchmarks with inspection optimizations.
• 🆕 Chrome extension AI Guardrails — The browser extension (now "Levo Live") adds AI Guardrails integration with LLM interception and enforce or observe modes.

AI Discovery​

• ⚡ AI traffic to the Satellite — The collector adds a Levo AI receiver and AI-proxy span processing, and full LLM request bodies are forwarded so AI agents and MCP entities are discovered accurately.

Vulnerabilities & Findings​

• 🆕 Grouped threats and evidence — Threats are now grouped for easier triage, with evidence returned by the findings API and surfaced in the Threat Feed.
• 🆕 Bulk tag actions — Apply tag actions to findings in bulk, and sort findings by severity.
• ⚡ More filters on the Findings and Applications pages, saved filters and views on API Scans, application stats that update as you apply filters, and a stats API for consistent counts.
• 🐞 Fixed open-vulnerability counts that did not match between Insights and the global level, and corrected bulk actions on the vulnerability pages.

Sensitive Data​

• ⚡ Inline sample traces for PII — The PII tab now shows inline sample traces with row selection, pagination by type, and a refreshed view that updates as new sensitive data is discovered.

Runtime Protection​

• 🆕 Findings and evidence from protection rules — Protection now creates findings (including for Lua-based rules) with evidence, and deduplicates rate-limit findings to one per key per window.
• 🆕 Bulk rule exclusions and header-injection rules — Add bulk rule exclusions and custom header-injection rules, with configurable content types and active WAF protection.
• ⚡ Improved rate-limit rule configuration in the dashboard, and GraphQL protection handling.
• 🐞 Blocking is now disabled by default for safer rollout, with smarter routing of rule overrides and hardened Kubernetes deployment.

Sensors & Deployment​

• 🆕 Sensor health notifications — Get notified when a sensor becomes inactive, with configuration support so you always know your traffic capture is healthy.
• ⚡ The Java agent now logs to file with additional diagnostics for easier troubleshooting.
• 🐞 Sensor Helm chart fixes addressing a customer-reported deployment issue.

Integrations​

• 🆕 CI/CD DAST scan action — A new action to run web app scans directly from your CI/CD pipeline.
• ⚡ Auth0 tokens are now routed correctly by subject claim, and SSO-only users no longer hit a 401 on password reset.

Reporting & Compliance​

• 🆕 Application comparison report — A new report that compares applications side by side, available to run and view in the dashboard.
• 🆕 Async reporting pipeline — Existing reports were migrated to an async architecture for reliability at scale, with additional report types added and a new Reports page in the UI.
• ⚡ Reports support multiple CSV previews, and DAST scan report findings now include a solution field and detected AI endpoints.
• 🐞 Fixed PDF rendering in generated reports.

MCP Server​

• ⚡ Reliability improvements to the MCP Server deployment.

Platform, Administration & Access​

• 🆕 Configurable session management — Set inactivity and absolute session timeouts, with sensible defaults and a banner that explains why a session ended after inactivity or expiry.
• 🆕 Default "staging" environment — New organizations are created with a default "staging" environment so you can start capturing traffic immediately.
• 🆕 Redesigned admin portal login — A modernized admin portal sign-in, with consolidated frontend and backend deployment.
• ⚡ Sidebar UX improvements (peek, pin, and toggle), clicking the Levo logo returns you home, an announcements unread count, and organization list sorting with consolidated copy buttons.
• 🐞 Cross-organization data leakage on org switch is fixed by clearing cached state, pagination and filter state now persist correctly across navigation, dark-mode rendering issues were resolved, and several login and auto-logout bugs were fixed.

February built on January's launches by making them production-ready: web application scanning (DAST) matured fast with CLI-driven scans, evidence, and DOCX reports; AI Guardrails gained a policy framework and multi-tenant, parallelized scanning; and we introduced tagging across findings and vulnerabilities, separated threats into their own feed, and shipped a new agentless API discovery CLI.

Highlights​

• Findings & Vulnerabilities tagging — Apply tags to findings and vulnerabilities to organize, triage, and filter at scale, with bulk delete and a redesigned Findings view.
• DAST scanning matures — Launch web app scans from the CLI, capture evidence, cancel scans end to end, export DOCX reports, and discover far more endpoints with new JS-aware crawling.
• AI Guardrail Policies — A new policy framework for AI Guardrails with multi-tenant enforcement and parallel scanning for 3–5x faster checks.
• Threats, separated from findings — Runtime threats now have their own dedicated feed, distinct from security findings.
• Agentless API discovery CLI — A new command-line tool to discover APIs with multiple scan modes, no sensor required.
• End-to-end audit logging — A rebuilt audit log with readable entity names, user-activity tracking, and before/after state on changes.

What's new at a glance. A map of where February's new capabilities fit across the Levo API & AI security platform.

Legend for the bullets below: 🆕 new · ⚡ enhancement · 🐞 fix

Vulnerabilities & Findings​

• 🆕 Tagging for findings and vulnerabilities — Apply and search by tags across findings and vulnerabilities to organize and triage at scale.
• 🆕 Bulk delete for findings — Select and remove multiple findings in one action.
• 🆕 Redesigned Findings page — A new Findings view with clearer layout and additional row controls.
• ⚡ Search for multiple issue names at once across the Findings and Grouped Findings screens.
• ⚡ New KIND filter for findings and vulnerabilities, plus improved field filtering.
• 🐞 Fixed null values on the Grouped Findings page, a vulnerability detail page that would not open for certain filters, and an application-to-endpoints count mismatch.

Web Application Scanning (DAST)​

• 🆕 Launch scans from the CLI — Kick off web application scans directly from the command line.
• 🆕 Evidence capture — DAST scans now record supporting evidence for each finding, viewable in the UI.
• 🆕 DOCX scan reports — Export web application scan results as DOCX, alongside an improved report export experience.
• 🆕 Scan cancellation — Cancel a running web app scan end to end.
• 🆕 AI-assisted login — Provide a prompt and credentials for AI-driven authentication during a scan.
• ⚡ Smarter crawling and discovery — AI-driven crawler and prompt improvements, framework-agnostic URL discovery, and JS endpoint discovery that finds 80–99% more endpoints.
• ⚡ Separate passive (Scanner) and active (Probe) interfaces, advanced rules in active scans, and new active-scan test categories including a SQL injection filter in the UI.
• ⚡ Standard crawl mode is now the default when creating a scan, with a refreshed scan details page, metrics, and URLs tab.
• 🐞 Fixed scan log cleanup, LLM provider selection, and assorted scan stability issues.

AI Security​

• 🆕 AI Guardrail Policies — A new policy framework to configure AI Guardrails, with an expandable policy screen and per-scanner action and alert settings.
• 🆕 Guardrail alert management API — New API endpoints to manage and route guardrail alerts.
• 🆕 Standalone Scan API — Dedicated request and response scan endpoints for integrating guardrail checks directly.
• ⚡ Multi-tenant guardrails — Multi-tenant guardrail management with per-tenant alert routing and OAuth2 token rotation.
• ⚡ Faster guardrail scanning — Parallel scanner execution for 3–5x faster checks, plus a global model cache that cuts cold-start model load from ~40s to ~1s.
• ⚡ Configurable alert webhooks and periodic scanner-configuration polling, with SaaS configuration enabled by default.

AI Discovery​

• 🆕 Local MCP and coding-agent discovery — Levo now discovers local MCP servers and coding agents, including those launched from the Claude CLI, and captures their enabled tools and permissions.

API Discovery & Cataloging​

• 🆕 Agentless API discovery CLI — A new command-line tool to discover APIs with multiple scan modes, without deploying a sensor.
• 🆕 Auth scheme refresh — A new system capability to refresh authentication schemes for endpoints by replaying recent traffic.
• ⚡ Configure API discovery to ignore specific HTTP methods, reducing noise in generated specs.
• ⚡ Application-name support across discovery so endpoints are attributed to the right app, with faster API-visibility retrieval.
• 🐞 Imported Postman collections are now persisted reliably, and optional path lists are handled correctly during discovery.

Runtime Protection​

• 🆕 Dedicated threat feed — Runtime threats are now separated from security findings into their own feed and UI, with new threat-ingestion endpoints.
• ⚡ Production reliability, memory-safety, and client-identification improvements across the protection engine.

Sensitive Data​

• 🆕 Sensitive-data masking in trace collection — Trace collection can now mask sensitive values, with data-type-based masking applied during processing.
• ⚡ Improved Sensitive Data page for both traces and endpoints, with Authentication and PII details separated on the endpoint detail page.
• 🐞 Fixed a persistent PII filter issue in saved views.

Reporting & Compliance​

• 🆕 DOCX report generation — Generate DAST reports in DOCX format for sharing and offline review.

Sensors & Deployment​

• 🆕 Sensor health reporting — eBPF and PCAP sensors now capture health and component details and report them to the Satellite.
• ⚡ eBPF sensor CPU optimizations and PCAP multitenant traffic support.
• ⚡ New fallback handling so traffic is captured reliably across PCAP and other sensors.

API Security Testing​

• 🆕 Per-test error-code configuration — Define expected error codes for security tests to reduce false positives.
• ⚡ Automatic baseline retry when authentication expires mid-run, for more reliable test results.

Integrations​

• 🐞 Burp extension now omits default ports (80 for HTTP, 443 for HTTPS) from the Host header, per RFC 7230.

Platform, Administration & Access​

• 🆕 End-to-end audit logging — A rebuilt audit log that resolves entity IDs to readable names, tracks user activities, captures before/after state on changes, and supports querying by organization.
• ⚡ POC workspace limits — Proof-of-concept workspaces are now capped at five applications via tier tagging, with a clear in-app banner.
• ⚡ Standardized service-to-service communication and environment-scoped requests for more consistent, isolated multi-environment behavior, with improved connection stability at scale.
• ⚡ Faster endpoint and application loading, database-level pagination, and page numbers retained when switching environments.
• ⚡ Skeleton loaders, category titles in navigation, clearer severity colors, and assorted dashboard UI/UX fixes.
• 🐞 Fixed a caching issue when switching organizations and a more intuitive wrong-password sign-in experience.

January was a big month for AI security. We shipped Vigil, our AI-native firewall for AI apps and MCP servers, launched our new web application scanning (DAST) and external attack surface management capabilities, and made AI guardrails and AI discovery work end to end — alongside dozens of improvements to findings, sensitive data, reporting, and the dashboard.

Highlights​

• Vigil — AI-native firewall — New runtime protection purpose-built for AI applications and MCP servers, with upstream route configuration and live policy enforcement.
• AI Guardrails, end to end — Guardrail violations now generate real-time alerts, backed by both ML-based and regex-based scanners for request and response content.
• Web Application Scanning (DAST) — First release of our DAST engine (ShadowNet), including AI-driven and hybrid crawling and a crawl-only mode.
• External Attack Surface Management (EASM) — New product to discover and scan your internet-facing API attack surface.
• AI discovery in your traffic — Levo now tags and classifies AI, API, and MCP traffic, including AI PII, so you can see what your AI apps are exposing.
• Findings export & faster dashboard — Export findings to CSV and PDF, server-side sorting on the Findings screen, and broad UI performance improvements.

What's new at a glance. A map of where January's new capabilities fit across the Levo API & AI security platform.

Legend for the bullets below: 🆕 new · ⚡ enhancement · 🐞 fix

AI Security​

• 🆕 Vigil — AI-native firewall — A new firewall built for AI apps and MCP servers, with upstream route configuration and runtime enforcement.
• 🆕 AI Gateway & firewall configuration — Configure your AI Gateway and firewall policies directly, including a forward-proxy mode and the ability to forward AI traces to a remote endpoint.
• 🆕 Guardrails with ML and regex scanning — AI Guardrails now scan both requests and responses using ML-based and regex-based detectors.
• 🆕 Guardrail violation alerting — End-to-end alerting fires when a guardrail is violated, surfaced in a new AI Guardrails alert screen in the dashboard.
• 🆕 MCP server scanning — New tooling to scan MCP servers for security issues, with discovered findings published back to the platform.
• ⚡ ML models for AI security can now be deployed with persistent storage for faster, more reliable startup.

AI Discovery​

• 🆕 AI traffic classification — Traffic is now tagged by module type (API, AI, MCP) so AI activity is identified and cataloged automatically.
• 🆕 AI PII discovery — Levo now detects and surfaces personally identifiable information flowing through your AI applications.
• ⚡ New observability receivers for Portkey AI Gateway, LiteLLM, and Agent Gateway broaden the AI sources Levo can ingest.

Web Application Scanning (DAST)​

• 🆕 DAST module (ShadowNet) — First release of Levo's web application scanning engine.
• 🆕 AI-driven and hybrid crawling — New crawler support including a crawl-only mode for mapping an application before scanning.
• ⚡ Scan results now include a findings summary and clearer scan logs.
• ⚡ Web app scan details can now ignore unknown items to reduce noise.

External Attack Surface Management​

• 🆕 EASM product — A new capability to discover and scan your external, internet-facing API attack surface, with multiple scanner improvements in this first release.

API Security Testing​

• 🆕 Local File Inclusion (LFI) test — New test category to detect local file inclusion vulnerabilities.
• 🆕 Input Validation test category — New test category covering input validation weaknesses.
• ⚡ Filter test runs by the user who started them.
• 🐞 Authenticator logs now appear correctly in the UI, and unauthenticated endpoints now use the target URL from the manifest.

Vulnerabilities & Findings​

• 🆕 Export findings to CSV and PDF — Export your findings for sharing and offline review.
• ⚡ Server-side sorting on the Findings screen for faster, more consistent results.
• ⚡ Vulnerability alignment in test runs and an improved diff view in the test-case log page.
• 🐞 Findings are now created even when the originating endpoint is no longer present.

Sensitive Data​

• 🆕 AI prompt sensitive-data view — New screen to review sensitive data detected in AI prompts.
• ⚡ More filters and saved views in the sensitive data tab.
• ⚡ PII masking applied to trace collection shown on the dashboard.
• 🐞 Corrected PII endpoint filter behavior, including the "does not contain PII" and null-value cases.

Runtime Protection​

• 🆕 Threat feed and prompt sensitive-data permissions added for runtime protection.
• ⚡ Protection configuration moved into a dedicated API & Web App Protection Rules section for easier management.

Sensors & Deployment​

• 🆕 Java agent diagnostics script and Java 8 compatibility.
• ⚡ Traffic capture improvements — New trace collection strategy with support for masked traces.
• ⚡ PCAP sensor now parses form-urlencoded bodies wrapped in data URIs (RFC 2397).
• 🐞 PCAP sensor now handles self-signed certificates correctly.

Integrations​

• 🆕 QRadar integration — Added to the integrations catalog for SIEM forwarding.
• ⚡ Refreshed integrations page with new connectors and clearer "new" indicators.
• ⚡ Documentation added for the Chrome extension, IDE plugin, and Jenkins.
• 🐞 Fixed Azure AD SSO user attribute mapping.

Reporting & Compliance​

• 🆕 Export findings to CSV / PDF — Generate findings reports in CSV and PDF formats from the dashboard.

MCP Server​

• 🆕 Dedicated MCP Server section — Levo's MCP Server now has its own navigation and page in the dashboard.

Platform, Administration & Access​

• 🆕 Audit logs — End-to-end audit logging across the platform, with a dedicated UI, permissions, and broad endpoint coverage.
• 🆕 Keycloak authentication — Added Keycloak as a supported authentication provider.
• 🆕 Licensing visibility — Organizations now show their license expiry date, with new org licensing storage and retrieval.
• ⚡ Admin portal enhancements — Time-based sorting of organizations, multi-org workspace lookups, and clean organization deletion.
• ⚡ Dedicated pages for Satellites, Sensors, and Test runs, an auto-expandable menu, and grouped settings navigation.
• ⚡ Consistent application display names across all pages and clearer status-code and HTTP filtering.
• ⚡ Dashboard performance improvements across multiple screens.
• 🐞 Several dark mode fixes, including hard-refresh, test plans, and the org-selection screen.

This release brings a refreshed dashboard experience, a completely rebuilt notification system, and the first wave of web application scanning and AI security capabilities. We also expanded API discovery, security testing, and administrative controls to make Levo easier to operate at enterprise scale.

Highlights​

• New Light/Dark theme across the entire dashboard, with smoother loading states and a polished interface.
• Unified notifications — all alerts now flow through a single, more readable notification service, with richer Slack notifications and scheduled-report digests.
• Web Application Scanning (early access) — a new dynamic scanning capability to test deployed web apps, available alongside API security testing.
• AI visibility foundation — Levo now discovers and catalogs AI Models, AI Agents, and MCP servers and tools, with dedicated dashboard views and permissions.
• Stronger vulnerability governance — mandatory closure comments, single-finding export with reproducible commands, and severity context on every alert.

What's new at a glance. This map shows where this quarter's additions fit across the Levo platform: from traffic capture, through Discover → Test & Scan → Detect/Alert/Report, to the dashboard and your downstream tools. New or expanded areas are marked NEW.

Legend for the bullets below: 🆕 new · ⚡ enhancement · 🐞 fix

API Discovery & Cataloging​

• 🆕 Postman collection import — bring API definitions into Levo directly from Postman collections, including adding endpoints to existing applications and converting collections to OpenAPI. Large collections (up to 50 MB) are supported.
• 🆕 Source type visibility — endpoints now show where they were observed from, so you can distinguish traffic-discovered, imported, and other sources at a glance.
• 🆕 Diversity-based clustering — an improved discovery option that produces cleaner, more representative API catalogs.
• ⚡ Larger OpenAPI specifications (over 4 MB) can now be uploaded and exported reliably.
• ⚡ Application and endpoint catalogs now always reflect the latest observed traffic on refresh.
• ⚡ Added a default saved filter to hide noisy OPTIONS and HEAD endpoints, plus filtering by query or path parameters.
• ⚡ Bulk tag updates are now supported when application or method details change.
• ⚡ OpenAPI specifications can be cleaned automatically to remove invalid parameters.

API Security Testing​

• 🆕 Mass Assignment test category — added to Levo's security test suite to catch a common and high-impact API vulnerability class.
• 🆕 Multi-user testing — run security tests across multiple user identities to validate authorization behavior.
• 🆕 Test plan hooks — inject parameters and authenticated calls into test plans for more accurate, real-world test execution.
• 🆕 Remote test runs from the CLI — launch a test run remotely, with Jenkins integration support.
• ⚡ Test runs now clearly indicate their trigger method (on-premises vs. cloud) and link back to the schedule that started them.
• ⚡ Introduced test runner groups for organizing and targeting runners.
• ⚡ Custom schedules can now be created for tracers and scheduled test runs, with the ability to enable or disable individual schedules.
• ⚡ Added the ability to run tests directly from selected traces, including replaying traces to a hosted target.
• ⚡ Reports can now show or download skipped-endpoint details for a test run.

Web Application Scanning (Early Access)​

• 🆕 Web App Scan — a new dynamic application scanning capability (powered by Levo's ShadowNet engine) to test running web applications, with GraphQL support, domain exclusions, and scan logging.
• ⚡ Web App Scan now supports multitenant satellite deployments and reports scan status and logs back to the dashboard.

AI Security (Foundation)​

• 🆕 AI asset discovery — Levo now discovers and catalogs AI Models and AI Agents, with create/read/update/delete management and dedicated dashboard visibility.
• 🆕 MCP server and tool cataloging — import, index, and manage MCP (Model Context Protocol) servers and tools, with environment-aware imports.
• 🆕 AI permissions and roles — a new AI section in the navigation with dedicated access controls.
• ⚡ Added a new API type to capture and classify AI spans in discovery.

Vulnerabilities & Findings​

• 🆕 Single-vulnerability export with reproducible commands — export an individual finding along with the commands needed to reproduce it.
• 🆕 Bulk actions on the vulnerabilities pages for faster triage.
• 🆕 Mandatory closure comments — closing a vulnerability manually now requires a comment (minimum 80 characters) to preserve an audit trail.
• ⚡ Added more filter conditions, including by endpoint method, on the vulnerabilities screen.
• ⚡ Export endpoints and vulnerabilities to PDF and CSV, with filters.
• 🐞 Resolved an issue where deleting a single finding removed all findings.
• 🐞 Fixed missing Jira ticket URLs in findings after ticket creation.

Sensitive Data​

• 🆕 Category-level sensitive data export — export sensitive data for selected categories, and generate per-application PII reports in PDF or CSV.
• 🆕 Application-level data exposure view — see the top users with data at the application level.
• 🐞 Corrected duplicate endpoint entries that appeared for each sensitive data type in the endpoint list.
• 🐞 Fixed endpoint counts that changed between pages in the sensitive data views.

Reporting & Notifications​

• 🆕 Unified notification service — all notifications were consolidated into a single service for consistency and reliability.
• 🆕 Digest reports — added scheduled digest report building and delivery, including API changelog digests.
• 🆕 Endpoints/Vulnerabilities PDF export with copilot comments.
• ⚡ Vulnerability and changelog notifications are now more readable and include severity and direct links to the affected item.
• ⚡ Slack notifications were improved, including authenticated/external status on endpoint alerts.
• ⚡ Digest report timestamps now include the time of generation.

Sensors & Deployment​

• ⚡ Broader traffic capture — the eBPF sensor now supports capturing GnuTLS-based API traffic.
• ⚡ Sensor status now reflects recent activity windows (last 10 minutes / 24 hours / last activity) for clearer health visibility.
• ⚡ Improved reliability of sensor and satellite metrics reporting, and ordering of sensors and satellites in the Deployments view.

Integrations​

• 🆕 Azure AD SSO support — sign in with Azure Active Directory.
• 🆕 Checkmarx integration improvements — auto-refresh for Checkmarx apps, scheduling fixes, and UI improvements.
• ⚡ Descope SSO configuration errors are now handled gracefully with improved error logging.

Platform, Administration & Access​

• 🆕 Light/Dark theme switch across the dashboard.
• 🆕 Organization ownership controls — transfer or change the organization owner, and delete an organization completely from the admin portal.
• 🆕 Role enable/disable controls at the organization level.
• ⚡ Completed the end-to-end user onboarding flow for adding users to an organization, with case-insensitive email handling.
• ⚡ Added the ability to verify unverified users from the admin portal.
• ⚡ Applications can now be marked as external or internal.
• ⚡ Added skeleton loaders and refined styling for a smoother dashboard experience.
• 🐞 Resolved an issue that prevented deleting invited users.
• 🐞 Fixed user authenticator credential inputs to trim stray whitespace from keys and values.

The Levo team is excited to bring you powerful features to secure your entire API ecosystem more efficiently!

💻 Levo's MCP Server exposes structured, real-time, and governed access to your security intelligence — enabling agents and humans to act without relying on dashboards, tickets, or tribal knowledge. Accelerate velocity, security coverage, and AI-assisted workflows without consuming more of the already scarce developer and security bandwidth.

📑 Levo's API Inventory Portal is now enhanced to be a cloud-hosted, authenticated hub that transforms API management into a collaborative, dynamic process. Hosted on Levo's secure cloud, this portal eliminates silos, providing a single source of truth for API catalogs, sensitive data flows, and trace-linked payloads.

⛔️ Levo's new detection, protection, and blocking module has been rolled out. At its core, the new module transforms Levo's passive monitoring into a proactive, inline protection system. This means traffic can be received directly from end users, inspected for threats, and blocked in real-time if necessary — supporting IP blocking and rate limiting.

📣 Stay tuned! We're continuously enhancing API security and simplifying workflows. More exciting updates are on the way!