v3.1
Trust & White-Label
CURRENT
June 2026
Provider trust-scoring overhaul, white-labeled reports, an admin "view as Cyber Corp" preview, and a more capable alerting pipeline.
- Providers — the Risk-Grade letters (A/B/C/F) are gone; the Trust Score is now the single verdict, paired with an inverted "distrust" ring that fills red as a vendor’s score drops.
- Providers — the two headline charts now count only vendor identities compromised on the corp’s own services, so they match the "Total Provider Vectors Compromised" scorecard instead of the vendor’s whole external footprint.
- Providers — fixed the vendor services counter that could show more breached than total (e.g. "5 / 1"); the total is never below the breached count.
- Providers — renamed "Total Compromised Users" to "Total Exposed Services by Vendors", and fixed the "Make client" action that previously errored out.
- Reports — white-labeling: a managed corp’s report shows the managing Cyber Corp’s logo with a "by DarkEye" credit, falling back to default branding for unmanaged corps.
- Reports — the tracked-suppliers figure now reflects the providers configured for the tenant immediately, instead of lagging behind the sync output.
- Admin — "View as Cyber Corp": preview the backoffice exactly as a Cyber Corp’s users see it (their managed clients, tenant switcher and navigation), with a one-click exit.
- Alerts — a one-time catch-up digest, grouped by category, is emailed to each newly-added recipient the first time they are configured.
- Alerts — a "Send test alert" button to verify routing and delivery without waiting for a real breach.
- Email — opportunistic STARTTLS on submission (port 587): authentication now negotiates correctly instead of failing with "AUTH extension not supported".
- Auth — demo accounts are exempt from the mandatory 2FA gate for frictionless sales and QA logins.
v3.0
Hardening & Control
May 2026
Operational-control and tenant-isolation release — kill switches for running scans, full-history reporting, and a universal info-stealer date parser.
- Cross-tenant isolation hardening — every backoffice route is now slug-scoped at the decorator level, with IDOR fixes on the breach-management APIs.
- Cooperative cancellation for in-flight scans: per-run Kill, Kill All, multi-select bulk actions and a typed-confirmation Delete All on the Process Monitor.
- "All Period" date filter — dashboards now cover the full history back to 2015-01-01, and it is the default the first time a tenant opens a view.
- Universal info-stealer date parser — the Log date is read correctly across redline, lumma, raccoon, vidar, risepro, stealc, aurora, meta and rhadamanthys.
- Faster crt.sh recovery — subdomain enumeration retries every minute instead of every ten.
- Stale-scan watchdog that auto-recovers runs orphaned by a worker crash or restart.
- This changelog.
v2.5
Visibility
Q3 2025
Deeper operational insight — real-time process tracking, trend analysis and shadow-IT discovery.
- Real-time Process Monitor for the HIBR credential sync and the daily services scan, with per-domain sub-task progress.
- Trend Intelligence module — breach velocity and exposure trajectory over time.
- Shadow IT detection — automatically surfaces undeclared third-party vendors that employees are logging into.
- Vendor Security Scoring rollup on the providers view.
- Info-stealer Log date enrichment — breaches are dated from the original machine infection, not the time we discovered them.
v2.0
MSSP & Intelligence
Q1 2025
The platform becomes multi-tenant and gains its info-stealer and AI capabilities.
- Cyber Corp model — a parent MSSP tenant managing an unlimited number of client tenants, with a searchable tenant switcher.
- Info-stealer log ingestion — HWID-based machine snapshots alongside the corporate breach feed.
- Full four-way identity classification: C-Level, employee, provider and client.
- Subdomain-enumeration engine — crt.sh Certificate Transparency logs plus in-house DNS, TLS-SAN, DNSSEC-NSEC and AXFR techniques.
- Internal and external service-exposure views.
- AI-generated CISO risk reports.
- Public website localized into six languages.
v1.5
Signal
Q3 2024
Alerting and day-to-day usability improvements.
- Per-domain, per-category alert routing with SMTP delivery.
- Event feed with unread counters.
- Custom date-range filtering on every dashboard.
- Light and dark theming across the platform.
v1.0
Foundation
Q1 2024
First release — corporate credential-breach monitoring.
- Corporate breach ingestion matched against monitored domains.
- SHA-256 email hashing — plaintext credentials are never stored.
- Global View dashboard with breach scorecards and an exposure timeline.
- C-Level versus employee identity split.
- Six-stage remediation workflow: investigating → user notified → password reset → verified → closed.
- Excel export of the breach register.