Mac OS Scanner UpgradesThe latest Telivy macOS agent ships native builds for Apple Silicon and Intel, streamlines first-run with earlier consent prompts and a PII-first scan order, skips OneDrive cloud-only placeholders to avoid unnecessary downloads, adds richer diagnostics (API + local fallback logs), and delivers a much smaller installer for faster rollout.Users will see quicker installs and time-to-first-results, faster scans with lower bandwidth/storage use, and greater stability/coverage across all Macs, including devices that previously couldn’t run virtualized Intel builds. Troubleshooting is easier with improved logging, and overall user friction is reduced.
Risk Sorting OrderCorrected the logic for sorting tables by “Risk.” Previously, results appeared in the order High → Low → Medium, which was unintuitive. The updated logic ensures risks are sorted as High → Medium → Low, aligning with expected severity prioritization.Dashboard Cards Link to Data SectionEnhanced the Overview dashboard so summary cards (e.g., “2 Risky Applications”) are clickable and deep-link directly into the detailed findings in the Security tab. Includes micro-animation for smooth navigation and is feature-flagged with analytics to track Overview → Security.
Risk History TabThe Risk History Tab has been released to general availability. It gives users a centralized view of assessment results over time and shows which issues are new, resolved, regressed, or unchanged for each scan, making it easier to track security posture and remediation progress.Security Upgrades
- Implement Authorization Checks on API Endpoints
- Enhance File Upload Restrictions for Logo Uploads
- Document Fix for Authorization Bypass in Telivy Admin Account Creation
Default Alerts Turned on for Clients under MonitoringDefault email / in‑app alerts are now automatically enabled for new and existing accounts, covering critical findings and major posture changes.
Improved Password Breach SimulationOur password‑breach simulator just got smarter: it can now read the newest Chrome/Chromium “v20” password encryption instead of stopping at the older v10. That means more saved passwords are analyzed—from every browser profile, including Opera and other Chromium variants. Reports now show which encryption version each password uses and clearly explain any analysis failures, giving MSPs fuller visibility into real‑world password risk.
Analysis of
p=Value in DMARCInspects the p= tag in DMARC records to assess the enforcement level of email authentication policies (none, quarantine, or reject). This improves detection of overly permissive DMARC configurations (e.g., p=none), which may leave organizations vulnerable to spoofing and phishing. By highlighting weak enforcement, this feature empowers MSPs to help clients harden their email defenses and align with industry best practices, reducing reputational risk and enhancing email trustworthiness.Agent vs Agentless Deployment Method DifferencesClearly shows the differences between agent-based scans and agentless deployment methods with an easy-to-understand model. This helps users understand what type of deployment is best for their client’s use case and which features can be enabled based on the type. This should reduce the support tickets created by educating the user from the platform itself.PII Detection in OneDrive (Alpha)Telivy now supports PII scanning for files in OneDrive. This allows users to identify what types of sensitive data are being stored in the cloud — a big step toward deeper cloud compliance visibility.Application Security – “Last Visited”We’ve added a “Last Visited” timestamp for websites in Application Security scans. This helps teams investigate potential malicious activity and determine when users last accessed risky sites.UI ImprovementsCurrency fields now respect custom formats everywhere, even in placeholders.Bug Fixes & Stability
- PII scan crash fixed for inaccessible directories (network issues no longer block scans)
- Fixed network scan behavior when default gateways are missing or misconfigured
- Gateway detection is now more accurate, improving the reliability of network scans
- Increased webhook timeout to reduce timeouts on busy systems
Cron ReliabilityImproved IP-to-City updater indexing to enhance cron job reliability.Status MigrationEnabled automatic “Completed” status for non-agent scans.AI UpgradesImproved AI-based detection mapping logic.Lead MagnetRemoved CORS restriction for Lead Magnet integration.Access CodeUpdated access code behaviorUninstall MessagingImproved uninstall messaging.