New Features: Release Round-up November 2025

Before we head off into a much-needed holiday weekend, the Arnica development team made sure to ship a focused but high-impact set of improvements across secrets management, SBOM, repository APIs, and container scanning. These improvements and features are now live and ready for customers.

🔍 Expanded Similar Findings for Secrets (Now with Secret Fingerprinting)

Our Similar Findings feature, originally launched to group related SAST, IaC, and SCA for better visibility and faster fixes, now supports hard-coded secrets. Using secure fingerprinting (think hashing), Arnica now tracks when the same secret appears across multiple files, branches, or repositories. Similar Findings displays every location where a specific secret exists, making rotation and replacement simple.

This update dramatically simplifies secret remediation workflows by helping teams identify anywhere a leaked secret appears across the codebase, making rotating and re-introducing secrets through vault references without breaking any dependencies in production a breeze.

🏷️ Repository Topics Now Available in API Filtering

We’ve added repository level topics (labels) to the List Repositories API along with the ability to filter by those topics. Teams can now query only the repositories tagged as deployable, critical, Kubernetes, and more. This change helps reduce unnecessary API utilization, narrow exports to the data that matters, and enable integration partners to speed up their sync logic.

🧩 New SBOM Packages View

A new Packages view has been added to the SBOM page, allowing users to flip the traditional repo-first view into a package-first one. Teams can now see every package used across the enterprise, identify exactly which repos and files contain a vulnerable package, and respond quickly to emerging package-level CVEs, even if no findings exist yet. This enhancement significantly improves campaign-based remediation workflows.

• Learn more about how to use this feature in our article about the Shai Hulud 2.0 supply chain attack: https://www.arnica.io/blog/shai-hulud-2-0-how-to-immediately-identify-your-exposure-with-arnicas-new-sbom-view

🧩 Automated Code to Image Mapping Enhancements

We recently launched automated, deterministic, zero-touch mapping between source code and container images. Within our latest releases, we’ve made improvements that eliminate the ambiguity around image ownership and origin. This foundational capability supports downstream enhancements in container triage, performance, and visibility.

• 100% automated code to image mapping
• Automated risk ownership attribution at the image level (like you’ve come to expect from Arnica)
• Seamless notifications for newly identified risks in images through Arnica’s developer-native alerting workflows

⚙️UI Optimization for Container Image Version Management

Container images can accumulate hundreds or even tens of thousands of historical versions. Previously, this created slow loading experiences and cluttered views. We implemented smarter limits and optimizations so container images load faster and cleaner. This improves UI responsiveness, developer experience, and version-level navigation.

• Learn more about Automated Container Image Mapping here: https://www.arnica.io/solutions/container-image-scanning

Get in Touch!

These improvements meaningfully enhance triage speed, visibility, and workflow automation across Arnica. From streamlining secret remediation efforts, to automating code to image mapping and production risk triage, each enhancement supports our mission to reduce developer friction and empower security teams to take action faster.

Get in touch with our customer success team to start using these new features and enhancements in your environment.

‍

‍