What's Shipping

Changelog & Roadmap

Every version, every fix, and where we're heading next.

Recent Releases

v0.4 Feb 2026 Latest
  • New AI Agent Task Board: autonomous job execution with streaming output
  • New CVE Triage Queue: kanban workflow (New → Triaged → Assigned → Resolved)
  • New Policy Compliance tracker with clickable metric bubbles
  • Improved Streaming remediation with live EPSS + KEV enrichment
  • Fix Chain-of-thought stripping, clean output in all modes
v0.3 Jan 2026
  • New Multi-provider AI: Anthropic, OpenAI, Azure OpenAI, Ollama
  • New AES-256-GCM API key encryption at rest
  • New Remediation script generation with per-CVE caching
  • Improved TRIS score with industry multipliers + compliance weighting
  • New AI Security Chat with model picker and streaming
v0.2 Dec 2025
  • New EPSS + KEV enrichment on every CVE ingest
  • New Watchlist with Slack/Teams webhook alerts
  • Improved SQLite WAL mode + 32MB cache for scan performance
  • Fix Streaming timeout fixed: idle timeout removed from server
v0.1 Nov 2025
  • New Initial release: NVD ingestion, CVE search, Ollama remediation
  • New Bun + Hono backend, React 19 + Vite frontend
  • New SQLite local cache, Docker + Railway deploy targets

What's Next

Q1 2026: In Progress
Scan file ingestion
In Progress

Direct import of Nessus XML, Qualys CSV, and OpenVAS reports. Drop your scan file and get an enriched triage queue in seconds.

Executive reporting
In Progress

Automated weekly summary reports: KEV exposure window, TRIS-weighted backlog trend, SLA compliance rates by risk band. PDF export.

Asset inventory
Coming Soon

Map CVEs to specific assets. Priority weighting by asset criticality tier. Critical infra gets a higher risk multiplier than dev boxes.

Q2 2026: Planned
SBOM scanning
Planned

Software Bill of Materials ingestion. Find supply chain vulnerabilities buried in application dependencies, the stuff scanners miss.

Multi-user deployment
Planned

Team roles (Analyst, Manager, Read-Only), assignment workflows, and audit log. Enterprise license feature.

Ticketing integrations
Planned

Push CVEs directly to Jira, ServiceNow, or your preferred ticketing system with all enrichment data attached.

CISA KEV alerting
Planned

Real-time notification when new KEV entries match CVEs in your triage queue. Email, Slack, Teams: your choice.

Later
Container / cloud scanning
Planned

Docker image vulnerability scanning, AWS/Azure/GCP asset inventory integration.

SSO / SAML
Planned

Enterprise identity provider integration for organizations with centralized authentication requirements.

Have a feature request? We're building this in close collaboration with early adopters.

Request a Feature →