Skip to main content

2025-03-13 Documentation updates

ReversingLabs

Documentation release for the Spectra Assure CLI 2.6.0 product update.

New release of the Spectra Assure Portal and Public API documentation, covering the 2025.3.1 Portal version.

CLIโ€‹

  • Added new --[show-]models, --[show-]sbom, --[with-]license, and --no-dep[endencie]s options to the inspect command. Their usage has been illustrated by accompanying examples

  • Added the --no-tracking option to the report command

  • Marked the --no-vex option as deprecated in the report command

  • Expanded the admonition about --keep-reference on the rl-secure scan command page to include the Windows issue

  • Added the Windows issue regarding symbolic links to the CLI Troubleshooting page

SAFEโ€‹

  • Updated the SAFE Viewer version, release date, links, and hashes to v1.1.0

Otherโ€‹

  • Created a new How Spectra Assure analyzes software page under Concepts & Reference that explains the different stages in the analysis process. A diagram was used to visualize the entire process and make the order of analysis steps easier to understand

  • Created a new Services category under Concepts & Reference, containing all supported SaaSBOM services sorted by type

  • Reorganized the tables on the Community and language coverage page to improve search, navigation, and content maintenance

  • Added the following new policies to the documentation:

    • New policies in the Malware detection category focus on adware, PUAs and low-quality content in software components and their dependencies: SQ30121, SQ30205, SQ30122, SQ30204, SQ30201, SQ30206, SQ30203, SQ30202

    • New policies in the Digital signatures category focus on issues with countersigning and integrity validation of signatures: SQ20133, SQ20136, SQ20135, SQ20134, SQ20132

    • New policies in the Threat hunting category focus on developer reputation, detecting additional known software supply chain compromises, and identifying behaviors typical for infostealer, keylogger, and rootkit malware: TH15110, TH15403, TH20108, TH20113, TH15402, TH15401, TH20114, TH20112, TH18201, TH15405, TH15108, TH18202, TH15109, TH20110, TH15404, TH20109, TH20111

  • Updated the verified glossary entry with new verification types

  • Added new glossary entries for SaaSBOM, CBOM, ML-BOM, BOV, and VEX

  • Updated the Spectra Assure analysis reports page with new information on new Bill of Materials formats

  • Updated the product release notes

  • Added BTRFS filesystem support on Community and language coverage and File format coverage pages

  • Updated the CycloneDX and SPDX versions in the docs. We're now using CycloneDX 1.6 and SPDX 3.0.1