Changelog

What’s new in KollGuard

New features, improvements, fixes, and security updates — shipped continuously and documented here with every release.

July 2026

  1. New

    Developer tools: issues, epics & support tickets

    Kanban boards for the work your findings create — issues grouped under epics, plus a customer support-ticket queue. AI-assisted drafting and triage, and one-click CSV import from Jira, Linear, GitHub, or Zendesk.PR #162 / #163

  2. New

    Agent write access over MCP

    Scoped API keys now let your coding agents do more than read: Claude Code, Cursor, or any MCP client can file issues and update tickets directly from your IDE.PR #162

  3. Improved

    Redesigned sidebar navigation

    The app navigation now follows industry-standard information architecture — Risk Register, Sensitive Data, Code Scanner, and Evidence Library — so everything is where a security team expects it.PR #165

  4. Security

    Hardening pass from an adversarial code review

    A multi-agent adversarial review of our own codebase led to a hardening sweep: every API-key action is now attributed in the audit log, ticket reads honor tighter scopes, and importers handle malformed files more robustly.PR #165

  5. Fixed

    Dependency security refresh

    All 27 open dependency security alerts cleared, including upgrades to jspdf 4 and DOMPurify 3.4.11. We run the same posture bar on ourselves that we scan for.PR #167

June 2026

  1. New

    Architecture import & export

    Bring existing diagrams into the interactive architecture view — from an image, PDF, Figma, Visio, or Word — and export the live diagram back out for auditors and docs.PR #161

  2. New

    Daily digest email

    A per-tenant morning summary of your posture: score movement, new findings, agent health, and AI spend — so you know where you stand before standup.PR #159 / #140

  3. New

    Web app security scanning

    Verify you own a URL, then run safe, non-destructive checks — security headers, TLS, cookie flags, exposed files, CORS — the automated part of a pentest, on a continuous cadence.PR #155–#157

  4. New

    Investor outreach CRM & branded subdomains

    A built-in CRM for fundraising outreach with multi-agent email review, plus branded per-tenant subdomains so your trust surface lives on your own name.PR #138

Want these in your inbox? Every workspace gets a daily digest of its own posture.

Get started