v0.30.0
✨ New- Agent templates for quick setup and common use cases
- Output destinations for detection agents
- Toggle to enable or disable detection agents
- Unsaved changes warning now appears across all pages
- Fixed streaming state not updating correctly in chat
- Fixed execution plan display in chat message timeline
v0.29.0
✨ New- 🔎 Our Agentic Detections Platform is out in Beta 🔍: Our detection platform allows for users to specify complex detections which go beyond rule-based detections to catch complex threats in their environment.
- Check out the detections tab in Cotool to see detection suggestions for your environment!
- TheHive: Create case from alert capability
- Improved Splunk querying capabilities
- Enhanced datetime handling utilities
- Fixed Jira 204 response handling
- Fixed detection authoring for Scanner
v0.28.0
✨ New- Slack integration now supports targeting groups and channels in addition to individual users
- Enhanced Splunk query validation with parser that identifies invalid fields
- Added listApps tool and improved detection tools for Splunk integration
- Improved subagent tools display and UX in chat interface
- Added updatedAt filter to TheHive listCases and updated listAlerts
- Fixed Unix timestamp conversion in datetime utilities
- Fixed table component rendering issues
- Fixed trigger email rename functionality
- Fixed agent run deletion from chat page
v0.27.1
💎 Improvements- Enhanced theHive integration with improved filtering capabilities
- Fixed persistent context compression notice remaining visible across chat navigation
- Fixed navigation bug after deleting a chat
- Fixed memory handling for code42 integration
- Agent triggers are now automatically deleted when their parent agent is deleted
v0.27.0
✨ New
- Claude Opus 4.5 model now available for agent conversations
💎 Improvements
- Improved structured output schema handling with dedicated JSON schema types
- Added comprehensive documentation for structured outputs
- Refreshed tool environment map UI for better usability
- Improved pie chart component consistency
🐞 Fixes
- Fixed login page styling issues
- Fixed “show raw output” button in tool result drawer
- Fixed automatic saving and scrolling in schema builder JSON mode
- Fixed Crowdstrike integration errors
v0.26.0
✨ New
- Structured outputs for agents: Define JSON schemas to receive structured responses from agent runs
- GPT 5.1 model support
- Formal integration for infrastructure access management
💎 Improvements
- URLScan now prefers private scans by default for enhanced privacy
- Improved retry configuration for better reliability
- Restored tool call ordering for consistent execution
- Enhanced timeout logging for background jobs
- Reduced MITRE map file size for improved performance
🐞 Fixes
- Fixed prompt suggestions type handling and checkpoints
- Fixed socket connection stability issues
- Fixed sending messages from the side panel
- Fixed various agent loop bugs
v0.25.0
✨ New
- Role Based Access Control is now live!!! See the documentation for how to get started
💎 Improvements
- Enhanced Splunk query refinement and tool prompts
- Context counter now displays warning when approaching limits
- Detection documentation published
- Splunk timeout configuration now available in frontend
- Webhook details now displayed when editing
🐞 Fixes
- Fixed JSON repair handling for empty objects and nullable fields
- Fixed icon display issues in documentation
v0.24.0
✨ New
- Integration enable/disable feature: You can now enable or disable integrations fromt the tools details page without removing credentials
💎 Improvements
- Enhanced Splunk search with pagination, automatic query timeout (with query cancelation) after 2 minutes
- Removed Splunk wildcards on index parameter and prefix wildcards to prevent performance degradation
🐞 Fixes
- Made endTime parameter required for SentinelOne PowerQuery
v0.23.0
✨ New
- Built-in Managed Investigation Agent with Intel Feed exposure checking
- Planning mode selector in agent creation UI
💎 Improvements
- Filter built-in agents from agent builder UI
- User email now included in application logs
- Google Drive auth now displays authenticated user
- Delete user button added to accounts page
- Cron-triggered agent run titles are now static
🐞 Fixes
- Fixed SentinelOne and agent system prompt issues
- Streamlined Google Drive authentication flow
- Fixed type errors in agent loop
- Removed
anytype usage for better type safety - Agent loop no longer throws unhandled errors
- Fixed missing tools in agent execution loop
v0.21.0
✨ New
- Confluence documentation integration
- Agent performance metrics in logs and lists
- Scanner environment job with dedicated UI
💎 Improvements
- Added support for observables in theHive
- API documentation improvements
🐞 Fixes
- Fixed 400 error responses
- Removed LRU cache from tool credentials
- Fixed insights page default graph and tab
- Fixed documentation generation
v0.17.0
✨ New
- Task planning in chat and agents
💎 Improvements
- Extended agent execution loop retry policy
- Wiz integration with projectId filtering
- Improved model selector UI
🐞 Fixes
- Fixed context error when generating agents from chat
- Fixed Document Parser 404 responses
- Multiple database query fixes
v0.15.0
✨ New
- LLM judge scoring in agent details UI
- Context manager implementation
💎 Improvements
- User deletion capability for admins
🐞 Fixes
- Fixed visual bugs in agent evaluation UI
- Fixed chat interruption error display
- Fixed Splunk and Hive schemas for Gemini/OpenAI
- Fixed time conversion tool for OpenAI