Skip to main content
A summary of notable product updates. For the authoritative history, see your in-app release notes.
June 20, 2026
SSO, questionnaires, AI comments & granular alerts

Single sign-on, questionnaires, and smarter alerts

  • Single sign-on — sign in with Google or Microsoft (Entra ID) via OIDC; enterprise SSO available by request. See Sign in & SSO.
  • Vendor questionnaire portal — collect answers and evidence directly from vendors through a secure, one-time-code portal. See Vendor questionnaires.
  • AI assessment comments — draft security and compliance review comments from a vendor’s evidence, with suggested open items to verify. See AI-powered enrichment.
  • Granular alerts — an alert-criteria matrix routes each event type to the right recipients. See Settings & notifications.
  • Data deletion & export on request — self-serve pathways clarified in Privacy.
2026
Assessment tracking

Assessment tracking

A full assessment lifecycle: record business context, data handling, and compliance decisions with statuses (Not Started, In Progress, On Hold, Conditional Approval, Approved, Rejected), attach evidence documents, and keep an event-level approval audit log. Renew approvals as review dates approach. See Assessments.
2026
GRC scoring & posture history

GRC scoring and posture history

Vendor scoring across five trust domains (Compliance, Privacy, Breach & threat, Operational maturity, Business & financial), with integration-depth adjustment and floor rules that shape the recommendation. Monthly snapshots power vendor and portfolio score trends. See Risk scoring.
2026
Products & dependency tiers

Product lines and dependency tiers

Track individual products under a vendor, and classify vendors by dependency tier (Core, Standard, Minimal) to weight your portfolio posture. See Vendors & products and Dependency tiers.
2026
CSV import & vendor enrichment

CSV import and automatic enrichment

Import an entire vendor list from CSV with dry-run validation, and get automatic enrichment and a first risk score for custom vendors from public sources. See Add & import vendors.
2026
Incident monitoring

Incident monitoring

Continuous monitoring of public sources for breaches, leaks, and vulnerabilities affecting your vendors, surfaced in a severity-ranked triage queue with optional email alerts. See Recent events.