CyberScore
HomeCompareStatus

Changelog

What we've shipped recently. Customer-visible only — the internal CI / refactor noise stays out of this list.

May 7, 2026

16 entries
  • New

    Comparison pages

    Side-by-side feature + pricing tables for prospects evaluating CyberScore against Detectify, Intruder.io and UpGuard. Honest editorial — claims about the other products are tagged "from the public website at the time of writing".

    See it →
  • New

    SEO: default OG card, JSON-LD, sitemap, robots.txt

    Default 1200×630 OG card so any LinkedIn / Slack share unfurls cleanly. SoftwareApplication schema injected on the landing for richer Google previews. Sitemap and robots.txt updated with the new public pages and tightened to keep crawlers out of auth-gated SPA shells.

  • New

    Public changelog

    You're reading it. Customer-facing only — the internal CI / refactor noise stays out.

    See it →
  • New

    Public score badge + dynamic OG image

    Opt-in /badge/<domain> page with a 1200×630 OG card so you can paste the link on LinkedIn and see it unfurl into a graded badge.

  • New

    Public component status page

    New /status with API / database / queue / scanner-pipeline checks and a JSON endpoint Pingdom can hit.

    See it →
  • Integration

    API keys + 60/min rate limit + dual-auth

    Tenant-managed bearer tokens (csk_…) accepted on every read-only scan endpoint. Per-key rate limit so a runaway loop can't flood the backend.

    See it →
  • Integration

    Customer webhooks with HMAC signing

    Register URLs to receive scan.completed, score.dropped and finding.new events with X-CyberScore-Signature.

    See it →
  • Integration

    Slack alerts on score drops

    Per-domain Slack incoming-webhook URL on the monitoring toggle. "Send test" button so you can verify before next Monday.

  • New

    Multi-domain portfolio dashboard

    One row per scanned domain with score, delta vs. previous scan, open findings count and monitoring badge. Sortable, with bulk import + rescan-all.

    See it →
  • New

    Compliance tracker + CSV export

    Cross-domain registry of every fix decision your team has recorded. Audit-ready CSV download.

    See it →
  • New

    Weekly continuous monitoring + digest email

    Toggle a domain, get a weekly auto-scan and a digest email with the score delta and the findings that changed.

  • New

    Findings delta in scan comparison

    When you mark a finding "fixed" and run a fresh scan, the comparison view now shows a "Verified fix" badge if it really disappeared.

  • New

    Public score badge with dynamic OG image

    Opt-in /badge/<domain> page with a 1200×630 OG card so you can paste the link on LinkedIn and see it unfurl.

  • Fix

    Webhook delivery wiring fix

    Closed a silent bug where customer webhooks were registered but never fired because the dispatcher was missing the organization ID.

  • Security

    Webhooks router lockdown

    Rewrote the webhooks API: every endpoint is now JWT-auth-gated and tenant-scoped. URL validator refuses anything not over HTTPS.

  • Security

    Legacy /scheduler endpoints disabled

    A pre-existing /api/v1/scheduler/* router was exposing schedule-creation without any auth. Disabled in favour of the new /monitoring/schedules surface.

Got feedback or a missing feature? Email patrick@cybersco.re.