January product update
Edoardo Zatti, Zoran Gorgiev
This month, we’re making your security workflows more convenient and productive.
Equixly has become even easier to use, faster to configure, and more comprehensive at identifying security risks. We’ve added enhanced intelligent assistance, expanded import options, and deeper vulnerability detection capabilities. Now, you can spend less time navigating setup and more time improving your security posture.
Here’s what’s new in Equixly’s January product update:
- Upgraded AI assistant to guide you through platform features and configurations.
- “Vulnerability Assessment” to detect known CVEs in your web applications.
- Burp history import for flexible service creation.
Meet Polaris: Equixly’s upgraded AI assistant
We’ve enhanced our AI assistant, now named Polaris, to help you get the most out of the Equixly platform. If you already enabled the AI Assistant in your organization settings (introduced in December), Polaris will be available automatically. If not, turn on the AI Assistant switch in your organization settings to use it.
As a purpose-built API security solution, Equixly’s mission from day one has been to help teams secure APIs and web applications that rely on them more effectively than traditional DAST-like solutions.
Still, security workflows often involve configuration steps that slow you down. Setting up services, defining authentication, understanding scan behavior, or integrating platform features such as automation hooks can increase the time and resources spent on security tasks.
The upgraded AI assistant, Polaris, is here to remove that friction.
Why Polaris? Just like the North Star (=Polaris) has guided explorers through complex journeys for centuries, our AI assistant will serve as your steady point of reference. Its raison d’être is to help you navigate Equixly with confidence, making sure you never lose your way, from initial setup to advanced automation.
Help when you’re configuring security workflows
Whether you’re onboarding your first service or fine-tuning an existing setup, Polaris can help you navigate and configure key aspects of Equixly:
- Understanding scan mechanics and scanning workflows for faster service setup
- Creating authentication scripts for better management of complex flows
- Setting up HTTP hooks for streamlined integration of Equixly into automation pipelines
Why this matters Security platforms are only effective when you configure and use them correctly and consistently. By providing guidance in-product, Polaris:
- Flattens the learning curve for new users and teams
- Reduces trial and error in setup
- Accelerates onboarding from service setup to first scan
All of this helps you go from “where do I click?” to “scan is running” without getting bogged down in the platform mechanics.
Expanded vulnerability testing
We’ve also expanded Equixly’s testing capabilities with a new security category: “Vulnerability Assessment.”
This feature enables Equixly to detect known CVEs across your web applications, covering common sources of exposure such as:
- Web servers
- Application frameworks
- CMS platforms
- Known vulnerable software components
Detect exploitable weaknesses tied to CVEs
Modern application security is far from just finding generic misconfigurations specific to your environment. You must be able to find weaknesses that map to actively exploited vulnerabilities in the wild.
With “Vulnerability Assessment,” Equixly can help you do precisely that: discover security issues that match known exploitable CVEs and validate, prioritize, and remediate web app security risks faster.
Better prioritization, clearer remediation focus
One of the most important benefits of this update is that your team gains the ability to answer crucial questions, such as:
- Is this vulnerability currently being exploited in the wild?
- Does the affected component have a public-facing attack surface?
- Is there a direct patch available to resolve the technical debt?
In a nutshell, this update helps you concentrate remediation efforts on what matters most: exploitable weaknesses that impact your security posture.
Burp history import
In addition to standard API definition files such as Swagger and OAS, you can now create services by uploading specifications exported directly from Burp Suite using our Burp history import option.
Leverage existing traffic captures
Not every API comes with clean documentation. And even when documentation exists, it rarely reflects the reality of what’s actually in production. In those cases, captured traffic becomes the most reliable reference.
Burp exports are especially useful when you already have live traffic from:
- Manual testing sessions
- Proxy-driven exploration
- Existing security assessments
By supporting Burp history imports, Equixly makes it easier to turn captured traffic into a structured service you can scan and manage.
Why it matters
This feature streamlines onboarding for APIs that are:
- Undocumented
- Legacy
- Changing quickly
- Discovered through live traffic rather than formal specs
Instead of pausing your security workflow until your team creates or updates an OpenAPI file, you can move forward using what’s already available: captured requests and responses exported from Burp Suite.
Closing thoughts
This month’s updates make Equixly as practical as it is powerful. Now, with guided AI assistance, extensive vulnerability detection, and flexible onboarding paths, you can master the platform faster, test more confidently, and prioritize remediation with better context.
As always, we’ll keep building up Equixly, improving the security of your API and web applications one release at a time.
Edoardo Zatti
Technical Product Manager
With a master's degree in Theoretical Physics, Edoardo has established a robust analytical thinking and problem-solving foundation. During the final year of his studies, he taught an integration course at the university, refining his communication skills and kindling his passion for education. His academic journey took an exciting turn during his master's program as he ventured into the field of computer science through relevant courses. These courses sparked his interest in IT and led him to specialize in backend development, where he sharpened his skills through involvement in complex projects and practical experience in other Tech companies.
Zoran Gorgiev
Technical Content Specialist
Zoran is a technical content specialist with SEO mastery and practical cybersecurity and web technologies knowledge. He has rich international experience in content and product marketing, helping both small companies and large corporations implement effective content strategies and attain their marketing objectives. He applies his philosophical background to his writing to create intellectually stimulating content. Zoran is an avid learner who believes in continuous learning and never-ending skill polishing.