ReARM 26.01.173: VDR Export, Finding Changelogs, and More

We're excited to announce a major release of ReARM Pro (v26.01.173) and ReARM CE (v26.01.129).

This release introduces VDR (Vulnerability Disclosure Report) export capabilities, comprehensive changelog tracking for vulnerabilities and SBOM components, and numerous other improvements.

Key Highlights

VDR Export for Releases

• Export Vulnerability Disclosure Reports in CycloneDX or PDF formats directly from your releases. ReARM now also supports PDF export for finding views.
• Simplifies compliance reporting and vulnerability communication with stakeholders.

Vulnerability and SBOM Component Changelogs

• Previously, ReARM provided changelogs for commits. Now, in addition to that you can also track changes to vulnerabilities and SBOM components over time.
• Additionally, we introduced organization-wide changelog view that provides visibility across all your products and components.

New Features

Programmatic Artifact Management

• Add artifacts programmatically to existing releases via API, enabling seamless CI/CD integration.

BEAR Enrichment Integration

• Integration for BEAR (Bom Enrichment and Augmentation by Reliza) enrichment within ReARM - that updates supplier and licensing details for your SBOMs.

Async Dependency-Track Processing

• Improved performance with asynchronous processing for Dependency-Track integrations.

Organization-wide Violation Ignore Patterns

• Define ignore patterns at the organization level to filter out known acceptable violations.

Enhanced Visualizations

• Interactive releases per day chart
• Full page views of findings over time and releases per day charts
• Findings over time and releases per day charts now available in component and product views

UI Improvements

• 3-way collapsible view when displaying releases allowing to reduce visual clutter
• Display artifact change details in release history

Additionally, this new release of ReARM includes a number of bug fixes and improvements, specifically tweaks to aggregation logic and better handling of finding provenance.

Upgrade Guidance

For ReARM Pro Users

• Reliza will automatically schedule the upgrade to the latest version according to your configured upgrade preferences.

For ReARM CE Users

• Please upgrade manually to the latest version.
• Refer to the upgrade instructions in the ReARM installation documentation.

For more details about this release, see the release entry on ReARM Public Demo.