Skip to main content

2025.4 - Required

Versioncalendar icon Release Date
2025.4.0April 25, 2025
2025.4.1April 30, 2025
2025.4.2August 8, 2025

System Requirements Update

Ensure your infrastructure meets the latest requirements for optimal performance and security:

ComponentMinimum VersionRecommended Version
KOTS1.117.3Latest
Kubernetes1.251.31
PostgreSQL1516
Redis67
helm3.13Latest
ggscout0.16.40.16.4 is the only supported version

Helm & Upgrade Considerations

To ensure compatibility, please review Helm values updates from the previous version.

⚠️ Important: This is a required release and cannot be skipped.

Upgrading to 2025.4

Please install the PostgreSQL pgvector extension to enable vector similarity search. This is essential for upcoming features leveraging our internal machine learning engine. Follow the installation instructions to ensure compatibility.

Air gap deployment? We've added new images in this release. Find all image and tag names on the Air Gap Install page.

Feature highlights

  • NHI Governance — manage and secure Non-Human Identities with comprehensive observability and lifecycle management. Learn more
  • Secrets Analyzer — enrich detected secrets with scope, permission, and ownership details for faster risk assessment. Learn more
  • Custom tags — categorize and filter incidents with customized labels for improved remediation workflows. Learn more
  • Log collector for Self-Hosted — seamless log collection system with Loki, MinIO, and Fluent Bit for faster troubleshooting. Learn more

Secrets Detection Engine

  • v2.134 — 1 new detector (Azure Logic App), 2 improved (LINE Messaging, OpenAI), 1 analyzer enhancement.
  • v2.135 — 4 new detectors (Artifactory Reference Token, Artifactory Master Key, Artifactory Basic Auth), 4 improved (Snowflake, IBM Cloud, PlanetScale, Artifactory).

Enhancements

  • Jira DC incident filter, custom tags from search, custom webhook payload. See SaaS release: Apr 14.
  • Jira configuration layout, navigation improvements, invitations API. See SaaS release: Apr 23.
  • Self-Hosted:
    • Improved error messages for email configuration setup.
    • Enhanced debug capabilities with network diagnostic tools (netcat, openssl) in debug image. Learn more.
    • Extended readiness probe timeout on public-api for enhanced stability.
    • Added OpenShift restricted-v2 SCC support via global.compatibility.openshift.adaptSecurityContext. Learn more.
    • Added default support-bundle Role and optional ClusterRole creation.
    • PostgreSQL pgvector extension now required by default for upcoming ML features. Learn more.
    • Improved response times for issue occurrence queries through optimized request routing.
    • Standardized health check endpoint routing under main API hostname.

Fixes

  • Jira Cloud project key synchronization. See SaaS release: Mar 19.
  • GitLab multiple group hook emails, read-only token webhook detection, system hook 403 errors, unnecessary webhook scans, incidents list refresh. See SaaS release: Apr 14.
  • GitLab system hook 403 errors. See SaaS release: Apr 23.
  • Self-Hosted:
    • Updated license expiration notification message for clearer guidance.
    • Added Content Security Policy (CSP) headers to HTTP responses for enhanced browser security.

Hotfixes

2025.4.1

calendar icon   Release Date: April 30, 2025

Fixes

  • Self-Hosted:
    • Support Bundle Role creation disabled by default to accommodate customers with high security requirements (Helm).

2025.4.2

calendar icon   Release Date: August 8, 2025

Fixes

  • Self-Hosted:

Something we didn’t cover?

See our Roadmap

Subscribe on GitHub

Submit a request

API status