Lyrie AILyrie AI
Changelog
CHANGELOGv1.1.0

LyrieHEX v1.1 — Risk Scoring, Smarter Scanning & Cleaner Reports

April 5, 2026

LyrieHEX v1.1 — Risk Scoring, Smarter Scanning & Cleaner Reports

We've completely rebuilt the LyrieHEX scanning engine from the ground up. Version 1.1 brings a new API backbone, AI-driven risk assessment, professional-grade reporting, and a scan experience that feels alive.

Risk Score & Risk Level

Every scan now produces a Risk Score from 0–100 alongside a human-readable Risk Level (Minimal, Low, Medium, High, or Critical). No more guessing how urgent your findings are — one number tells the full story.

The score factors in finding severity, exploitability, exposure surface, and configuration weaknesses to give you an actionable security posture at a glance.

Smarter Findings with CWE IDs & Recommendations

Findings are no longer just alerts — they're actionable intelligence.

  • CWE IDs — Every finding is tagged with its Common Weakness Enumeration identifier, making it easy to cross-reference with industry standards and compliance frameworks.
  • Categorized Tags — Findings are labeled with contextual tags (e.g., misconfiguration, information-disclosure, injection) for faster triage.
  • Remediation Guidance — Each finding now includes a clear recommendation so you know exactly what to fix and how.

Advanced Security Audit Suite

LyrieHEX v1.1 goes far beyond traditional vulnerability scanning. New audit modules include:

  • Security Header Analysis — Detects missing or misconfigured HTTP security headers (HSTS, CSP, X-Frame-Options, and 15+ others).
  • Cookie Security Audit — Flags cookies missing Secure, HttpOnly, or SameSite attributes.
  • CORS Misconfiguration Detection — Identifies overly permissive cross-origin policies that could expose your API.
  • HTTP Method Enumeration — Discovers dangerous methods (PUT, DELETE, TRACE) left enabled.
  • Sensitive File Discovery — Scans 368+ common paths for exposed configuration files, backups, and debug endpoints.
  • JavaScript Secret Scanning — Detects API keys, tokens, and database connection strings leaked in client-side source code.

Finding Validation & Noise Elimination

Scan results are now passed through a validation layer before they reach your report. This eliminates false positives, filters out noise (like 302 redirects and 403 responses from WAFs), and ensures every finding you see is real and worth your attention.

Redesigned Real-Time Scan Experience

The scan terminal has been rebuilt for responsiveness:

  • Smooth progress tracking — The progress bar interpolates between server updates, so it never looks frozen. Progress always moves forward.
  • Instant completion transition — When a scan finishes, results appear immediately. Report data loads with automatic retry logic if the server needs a moment to compile.
  • Loading states — No more blank screens between scan phases. Every transition is covered.

Updated Scan Modes

All five scan modes have been refined with updated stage pipelines and more accurate time estimates:

ModeTimeWhat it covers
Fast~25sQuick surface-level security check. Detects critical vulnerabilities, missing security headers, and misconfigurations in seconds.
Quick~100sLightweight reconnaissance plus vulnerability scanning. Includes port scanning, path discovery, and WAF detection.
Full~4.5 minComprehensive security assessment. Subdomain enumeration, 1000-port scan, web audit, SSL analysis, and deep vulnerability detection.
Hybrid~7.5 minFull scan with injection testing. Adds SQL injection testing, CMS audit, DNS reconnaissance, and 5000-port scan.
Aggressive~13 minMaximum depth. Full subdomain enumeration, all-port scan, recursive crawling, deep injection testing, and complete vulnerability coverage.

Enhanced HTML & JSON Reports

Downloaded reports now include:

  • Risk Score panel with color-coded severity
  • CWE IDs alongside each finding
  • Categorized tags for quick filtering
  • Actionable remediation recommendations
  • Accurate port, subdomain, and technology counts pulled directly from scan data
  • Severity breakdown grid computed from actual findings

Under the Hood

  • Migrated to LyrieHEX API v1.0 with authenticated endpoints and API key security.
  • Deep data extraction engine.
  • Improved ANSI escape code stripping for cleaner terminal output.
  • Report fetch retry logic handles 202 (processing) responses gracefully.

What's Next

We're working on scheduled recurring scans, scan comparison diffs, and Slack/Discord notifications for completed scans. Stay tuned.

LyrieHEX v1.1 is available now for all users. Start a scan from your dashboard.