What's new

Changelog

A running record of everything shipped in OpenPostern. Newest entries first.

v2.3

May 2026

  • White-label reporting for agency plans
  • Hourly scan intervals on Command plan
  • Alert batching: grouped digest emails instead of per-alert noise
  • Cyber insurance documentation page at /cyber-insurance
  • Agency plan: multi-client management with per-client dashboards
  • Trial email sequences for onboarding, day-3, and day-7
v2.2

May 2026

  • Scout, Guard, and Command pricing tiers
  • Stripe subscription management with upgrade and downgrade portal
  • Organization-scoped billing and plan enforcement
  • Post-invite redirect to /overview with agency label
v2.1

May 2026

  • Admin panel: user search, role management, and deletion
  • Webhook delivery for breach alerts: Slack, PagerDuty, and custom HTTP
  • Multi-factor authentication prep: infrastructure in place, Q3 rollout
  • Form error handling improvements across invite and account flows
v2.0

May 2026

  • Multi-tenancy: organization model with owner, admin, and member roles
  • Per-org Stripe subscriptions
  • 3-vendor free tier enforcement
  • On-demand PDF reports with risk narrative
  • Multi-vendor blast-radius view: URGENT escalation for correlated threats
  • News monitoring via AI-classified vendor news alerts
  • Cookie security hardening: clear-on-signout and leak prevention
v1.5

April/May 2026

  • KEV, SSL, DNS, and HTTP headers scanner pipeline per vendor
  • Vendor scan history in admin
  • Scan-on-demand from dashboard
  • Score trend tracking: portfolio score with 7-day delta
  • 4-tile KPI dashboard: portfolio score, threats, exploited CVEs, and at-risk vendors
  • Email notification system with org-scoped alert subscriptions
v1.0

April 2026

  • CVE severity scoring with CVSS weights
  • CISA KEV cross-reference
  • SSL/TLS certificate health checks
  • DNS security: SPF, DKIM, and DMARC checks
  • Blast-radius weighting: data classification and operational criticality
  • Vendor catalog with search and pagination
  • Embeddable scan widget at /embed/scan
  • ISR scan pages at /scan/[slug]
  • Auth: email and Google OAuth via NextAuth
  • Settings: profile, notifications, export, and deletion
  • Stripe checkout, portal, and webhook handling
  • Sitemap and robots.txt