v0.32.0
✨ New- Sumo Logic integration
- Enhanced Scanner indexing with improved detection suggestions
- In-agent Scanner validation for detection authoring
- Admin controls to disable login methods (Google, password, SAML)
- Fixed GitHub create PR tool
- Fixed Formal integration
v0.31.0
✨ New- Tags for agents and detections with sortable, filterable tables
- Custom scheduling cadence for detection agents
- Google Admin integration for detection authoring
- Agent run infrastructure is more durable
- Detection agents can now use other agents as tools
- Improved reasoning token streaming and updated reasoning UI behavior
- Detection authoring experience improvements
- Chat interruption handling with improved UI feedback
- Agent details full screen button now has a tooltip
- Schedule status chips for detection agents
- Improved detection and agent list pages with better table controls
- Various visual UI and UX fixes
- Fixed missing fields in detection builder
- Fixed memories CSV export error
v0.30.0
✨ New- Agent templates for quick setup and common use cases
- Output destinations for detection agents
- Toggle to enable or disable detection agents
- Unsaved changes warning now appears across all pages
- Fixed streaming state not updating correctly in chat
- Fixed execution plan display in chat message timeline
v0.29.0
✨ New- 🔎 Our Agentic Detections Platform is out in Beta 🔍: Our detection platform allows for users to specify complex detections which go beyond rule-based detections to catch complex threats in their environment.
- Check out the detections tab in Cotool to see detection suggestions for your environment!
- TheHive: Create case from alert capability
- Improved Splunk querying capabilities
- Enhanced datetime handling utilities
- Fixed Jira 204 response handling
- Fixed detection authoring for Scanner
v0.28.0
✨ New- Slack integration now supports targeting groups and channels in addition to individual users
- Enhanced Splunk query validation with parser that identifies invalid fields
- Added listApps tool and improved detection tools for Splunk integration
- Improved subagent tools display and UX in chat interface
- Added updatedAt filter to TheHive listCases and updated listAlerts
- Fixed Unix timestamp conversion in datetime utilities
- Fixed table component rendering issues
- Fixed trigger email rename functionality
- Fixed agent run deletion from chat page
v0.27.1
💎 Improvements- Enhanced theHive integration with improved filtering capabilities
- Fixed persistent context compression notice remaining visible across chat navigation
- Fixed navigation bug after deleting a chat
- Fixed memory handling for code42 integration
- Agent triggers are now automatically deleted when their parent agent is deleted
v0.27.0
✨ New- Claude Opus 4.5 model now available for agent conversations
- Improved structured output schema handling with dedicated JSON schema types
- Added comprehensive documentation for structured outputs
- Refreshed tool environment map UI for better usability
- Improved pie chart component consistency
- Fixed login page styling issues
- Fixed “show raw output” button in tool result drawer
- Fixed automatic saving and scrolling in schema builder JSON mode
- Fixed Crowdstrike integration errors
v0.26.0
✨ New- Structured outputs for agents: Define JSON schemas to receive structured responses from agent runs
- GPT 5.1 model support
- Formal integration for infrastructure access management
- URLScan now prefers private scans by default for enhanced privacy
- Improved retry configuration for better reliability
- Restored tool call ordering for consistent execution
- Enhanced timeout logging for background jobs
- Reduced MITRE map file size for improved performance
- Fixed prompt suggestions type handling and checkpoints
- Fixed socket connection stability issues
- Fixed sending messages from the side panel
- Fixed various agent loop bugs
v0.25.0
✨ New- Role Based Access Control is now live!!! See the documentation for how to get started
- Enhanced Splunk query refinement and tool prompts
- Context counter now displays warning when approaching limits
- Detection documentation published
- Splunk timeout configuration now available in frontend
- Webhook details now displayed when editing
- Fixed JSON repair handling for empty objects and nullable fields
- Fixed icon display issues in documentation
v0.24.0
✨ New- Integration enable/disable feature: You can now enable or disable integrations from the tools details page without removing credentials
- Enhanced Splunk search with pagination, automatic query timeout (with query cancelation) after 2 minutes
- Removed Splunk wildcards on index parameter and prefix wildcards to prevent performance degradation
- Made endTime parameter required for SentinelOne PowerQuery
v0.23.0
✨ New- Built-in Managed Investigation Agent with Intel Feed exposure checking
- Planning mode selector in agent creation UI
- Filter built-in agents from agent builder UI
- User email now included in application logs
- Google Drive auth now displays authenticated user
- Delete user button added to accounts page
- Cron-triggered agent run titles are now static
- Fixed SentinelOne and agent system prompt issues
- Streamlined Google Drive authentication flow
- Fixed type errors in agent loop
- Removed
anytype usage for better type safety - Agent loop no longer throws unhandled errors
- Fixed missing tools in agent execution loop
v0.22.0
✨ New- Elasticsearch integration with MITRE mapping
- Sublime Security MDM documentation tool
- Account listing functionality
- theHive comment function requirements clarified
- Visual feedback when saving settings
- Fixed ephemeral authentication failure issue
v0.21.0
✨ New- Confluence documentation integration
- Agent performance metrics in logs and lists
- Scanner environment job with dedicated UI
- Added support for observables in theHive
- API documentation improvements
- Fixed 400 error responses
- Removed LRU cache from tool credentials
- Fixed insights page default graph and tab
- Fixed documentation generation
v0.20.0
✨ New- Mintlify documentation site
- MITRE rule mapping optimization
- Chat access permissions simplified
- Fixed memory tool association bug in UI
- Fixed missing chat retrieval bug
v0.19.0
✨ New- Scanner environment job and UI
- Consolidated and deduped prompt suggestions
- Updated Linear webhook configuration
- Fixed document search authentication issues
- Fixed chat repository issues
- Fixed token counter for LLM judge
v0.18.0
✨ New- AI-powered agent suggestions feature
- Evaluation scores in agent run detail headers
- Context manager applied to LLM judge evaluations
- Fixed API documentation rendering
- Fixed possible recursive agent reference issue
v0.17.0
✨ New- Task planning in chat and agents
- Extended agent execution loop retry policy
- Wiz integration with projectId filtering
- Improved model selector UI
- Fixed context error when generating agents from chat
- Fixed Document Parser 404 responses
- Multiple database query fixes
v0.16.0
💎 Improvements- Linear status detection for better model understanding
- More aggressive context window management
v0.15.0
✨ New- LLM judge scoring in agent details UI
- Context manager implementation
- User deletion capability for admins
- Fixed visual bugs in agent evaluation UI
- Fixed chat interruption error display
- Fixed Splunk and Hive schemas for Gemini/OpenAI
- Fixed time conversion tool for OpenAI
v0.14.0
✨ New- Organization insights dashboard with metrics
- Slack message writing guidance
- Fixed time conversion tool schema for Gemini
v0.13.0
💎 Improvements- Token counter improvements
- Fixed webhook trigger errors
- Fixed 404 error handling
- Fixed null/undefined content checks
v0.12.0
✨ New- Tool cache versioning
- Jira tool updates
- Reasoning token saving for Anthropic models
- Fixed agent follow-up in agent details
v0.11.0
✨ New- Agent details page redesign
- Stop chat during tool call execution
- Token counter and context window improvements
- Agent linking to sub-agents
- Fixed critical error display
- Fixed Document Parser image parsing
- Fixed deleted chat error
v0.10.0
✨ New- Chat title updates now stream in real-time
- Error classification and handling improvements
- Token counting accuracy
- Fixed SentinelOne 504 errors
- Fixed Linear tool null pointer exception
- Fixed thumbs feedback icon in light mode
v0.9.0
✨ New- Material Security integration
- Sentry error tracking improvements
- Scanner query timeout extended
- Splunk tool descriptions
- Fixed sliding context window implementation
v0.8.0
✨ New- Intel Feed integration
- Sentry error tracking
- Memory tool improvements
- Splunk mapping with retry logic
- Fixed SentinelOne issues
- Fixed object generation flakiness
- Fixed memory bugs
v0.7.0
✨ New- Email trigger functionality
- SentinelOne MITRE mapping
- Splunk mapping optimizations
- Fixed email trigger issues
v0.6.0
✨ New- Time conversion tool
- Detection authoring capabilities
- Fixed agent system prompt bug
- Fixed tool schema parsing
v0.5.0
✨ New- Scheduled job execution
- Slack attachment parsing
- IP lookup tool error handling
- Fixed detection counts
- Fixed Splunk issues
- Fixed browser-use error rendering
v0.4.0
✨ New- Memory management in UI
- Splunk exploration capabilities
- SentinelOne tool enhancements
- Fixed chat migration issues
- Tool call loop error handling improved
- Fixed Scanner implementation
v0.3.0
✨ New- SAML login audit logging
- Scanner integration with MITRE mapping
- Splunk integration with MITRE mapping
- SentinelOne PowerQuery functionality
- Auto-provision access for SAML logins
- Agent description notice improvements
v0.2.0
✨ New- SAML authentication support
- Hive integration
- Splunk integration
- Increased Claude Sonnet context window
- Fixed Hive authentication