Resources Changelog
{ PLATFORM_CHANGELOG }

What we shipped.

Every release makes the platform sharper, faster, and harder for attackers to outsmart. Here is what's new.

Request a Demo Get Free Assessment
{ RELEASE_TIMELINE }

Four releases.
Continuous evolution.

v3.8.0

Latest April 2, 2026

AI attack chain intelligence and enhanced API security testing.

New Features

AI Attack Chain Mapping

The platform now automatically chains related vulnerabilities into multi-step attack paths, showing how low-severity issues combine into critical exploits. Visual attack graphs included in every report.

GraphQL Security Testing

Full introspection, query depth analysis, batching abuse detection, and authorization bypass testing for GraphQL endpoints. Supports schema-aware and schema-less modes.

Compliance Dashboard Redesign

Rebuilt compliance view with real-time framework coverage tracking, evidence timeline, and one-click audit package generation. Now supports custom framework mapping.

Jira Cloud Bi-Directional Sync

Findings push to Jira with full context. When your team resolves tickets, mindthehack automatically re-tests and closes the finding if remediation is verified.

Improvements

  • Scan engine 40% faster on large enterprise networks (10,000+ hosts)
  • Reduced false positive rate to under 0.3% across all test categories
  • Added support for TLS 1.3 certificate chain validation testing
  • New dark mode for PDF reports with improved accessibility

v3.7.0

Stable February 18, 2026

Internal network testing, DORA compliance module, and real-time alerting.

New Features

Continuous Internal Network Testing

Deploy a lightweight agent inside your network perimeter for automated internal penetration testing. Covers Active Directory, lateral movement paths, privilege escalation, and network segmentation validation.

DORA Compliance Module

Purpose-built module for financial institutions. Automates TLPT-aligned testing, generates ICT risk management evidence, and maps findings directly to DORA Articles 24 through 27.

Real-Time Alert Engine

Configure custom alert rules based on severity, asset criticality, or compliance impact. Supports Slack, Microsoft Teams, PagerDuty, email, and webhook delivery.

Improvements

  • Added SAML and OIDC SSO support for enterprise identity providers
  • Improved credential testing for cloud services (AWS, Azure, GCP)
  • Enhanced subdomain enumeration with passive and active techniques
  • New API rate limiting controls for safe production testing

v3.6.0

Stable December 5, 2025

Cloud configuration auditing, enhanced reporting, and CI/CD pipeline integration.

New Features

Cloud Configuration Auditing

Automated security assessment of AWS, Azure, and GCP configurations. Checks IAM policies, storage exposure, network security groups, and encryption settings against CIS benchmarks.

Executive Reporting 2.0

Redesigned executive reports with trend analysis, peer benchmarking data, risk reduction metrics, and board-ready visualizations. Exportable as interactive HTML or branded PDF.

CI/CD Pipeline Integration

Native integration with GitHub Actions, GitLab CI, Jenkins, and Azure DevOps. Run security tests on every deployment with configurable quality gates.

Improvements

  • Added WebSocket protocol testing capabilities
  • New custom scan profiles with granular test selection
  • Improved asset discovery with passive DNS and certificate transparency
  • Role-based access control with customizable permission sets

v3.5.0

Stable October 14, 2025

NIS2 compliance automation, asset grouping, and scheduled scan orchestration.

New Features

NIS2 Compliance Automation

Automated mapping of penetration test findings to NIS2 requirements. Generates compliance evidence packages with article-level traceability for essential and important entity reporting.

Asset Group Management

Organize assets into logical groups by business unit, environment, or compliance scope. Apply scan policies, notifications, and access controls at the group level.

Scan Orchestration Engine

Schedule recurring scans with maintenance windows, blackout periods, and dependency chains. Supports parallel scanning across multiple asset groups with resource-aware throttling.

Improvements

  • Added OAuth 2.0 authenticated scanning for API endpoints
  • Improved container security testing (Docker, Kubernetes)
  • New vulnerability prioritization engine using EPSS scores
  • Extended support for legacy protocols (FTP, Telnet, SNMP)
{ STAY_UPDATED }

Never miss
a release.

Get notified when we ship new features. Platform updates, security improvements, and integration releases delivered to your inbox.

Want to see these features
in action?

Book a live walkthrough and see how the latest capabilities fit your security program.

Request a Demo Get Free Assessment