Additional Information
Release Notes
Get Notified of New Features
Risk History TabThe Risk History Tab has been released to general availability. It gives users a centralized view of assessment results over time and shows which issues are new, resolved, regressed, or unchanged for each scan, making it easier to track security posture and remediation progress.Security Upgrades
- Implement Authorization Checks on API Endpoints
- Enhance File Upload Restrictions for Logo Uploads
- Document Fix for Authorization Bypass in Telivy Admin Account Creation
Default Alerts Turned on for Clients under MonitoringDefault email / in‑app alerts are now automatically enabled for new and existing accounts, covering critical findings and major posture changes.
Improved Password Breach SimulationOur password‑breach simulator just got smarter: it can now read the newest Chrome/Chromium “v20” password encryption instead of stopping at the older v10. That means more saved passwords are analyzed—from every browser profile, including Opera and other Chromium variants. Reports now show which encryption version each password uses and clearly explain any analysis failures, giving MSPs fuller visibility into real‑world password risk.
Analysis of
p=Value in DMARCInspects the p= tag in DMARC records to assess the enforcement level of email authentication policies (none, quarantine, or reject). This improves detection of overly permissive DMARC configurations (e.g., p=none), which may leave organizations vulnerable to spoofing and phishing. By highlighting weak enforcement, this feature empowers MSPs to help clients harden their email defenses and align with industry best practices, reducing reputational risk and enhancing email trustworthiness.Agent vs Agentless Deployment Method DifferencesClearly shows the differences between agent-based scans and agentless deployment methods with an easy-to-understand model. This helps users understand what type of deployment is best for their client’s use case and which features can be enabled based on the type. This should reduce the support tickets created by educating the user from the platform itself.PII Detection in OneDrive (Alpha)Telivy now supports PII scanning for files in OneDrive. This allows users to identify what types of sensitive data are being stored in the cloud — a big step toward deeper cloud compliance visibility.Application Security – “Last Visited”We’ve added a “Last Visited” timestamp for websites in Application Security scans. This helps teams investigate potential malicious activity and determine when users last accessed risky sites.UI ImprovementsCurrency fields now respect custom formats everywhere, even in placeholders.Bug Fixes & Stability
- PII scan crash fixed for inaccessible directories (network issues no longer block scans)
- Fixed network scan behavior when default gateways are missing or misconfigured
- Gateway detection is now more accurate, improving the reliability of network scans
- Increased webhook timeout to reduce timeouts on busy systems
Cron ReliabilityImproved IP-to-City updater indexing to enhance cron job reliability.Status MigrationEnabled automatic “Completed” status for non-agent scans.AI UpgradesImproved AI-based detection mapping logic.Lead MagnetRemoved CORS restriction for Lead Magnet integration.Access CodeUpdated access code behaviorUninstall MessagingImproved uninstall messaging.