Cumulative release notes for 2025

Hyperproof release notes

Cumulative release notes for 2023

Cumulative release notes for 2024

SCIM Provisioning is in Early Access! Use SCIM provisioning with your Okta SSO directory to bring users and groups into Hyperproof without having to invite each user individually.

Policy is now GA! The Hyperproof Policy module is now generally available for purchase and use in your production environment.

Group assignments - You can now assign groups to tasks, requests, and ServiceNow tasks. You can also include groups when importing tasks, controls, and requests.

Activity Feed - Long Activity Feed posts can be collapsed and expanded using the Show more / Show less links.

Downloading proof restriction for external auditors - Hyperproof can turn off the ability for external auditors to download or export proof upon request.

Automated Control Testing - Supports testing multiple columns against each other in a single proof.

Updated Hypersync for Crowdstrike - Switched to collecting the Endpoint Detections proof type using the Alerts API. See full release notes for more details.

New Azure proof type - List of Virtual Network Gateways.

New Microsoft Entra ID proof type - List of Roles Assignments.

New Microsoft Intune proof type - List of Managed Devices. See full release notes for information on requirements to collect this proof type.

New Snyk proof type - The List of Issues by Project (US Only) and List of Issues by Org proof types are being combined into a single proof type, List of Issues.

Updated AWS and Google Cloud Platform proof types - List of Pod Security Policies. See full release notes for information on requirements to collect this proof type.

New framework - EU Cyber Resilience Act (Regulation (EU) 2024/2847) is available in Hyperproof US.

Smart Content is GA! Let Hyperproof do the work for you—quickly create a program and link its controls to pre-populated labels and risks. Smart Content is currently available for the following frameworks: ISO 27001, StateRAMP, and the Hyperproof Common Controls Framework (CCF).

Policy - Added support for reassignment of deactivated users and policy document upload as part of version creation. Many other improvements and fixes.

Labels - Added support for bulk archiving labels.

User management - Added support for bulk actions and filtering on Settings > People.

Vendors and questionnaires - Vendor name is now displayed in the notification email and in the vendor portal.

Self-service reporting - Added support for custom fields in time-series data tables.

Groups - Added support for '@mentioning' groups in the Activity Feed. All group members receive a notification based on their own individual notification preferences.

Freshness / Controls - New behavior for freshness on archived/unarchived controls.

Automated control testing - You can now create Hypersyncs on a label and test the proof created by the Hypersyncs on a control.

New! Hypersync for Kandji. Proof types include: List of Users, List of Device Details, and List of Devices.

Updated! Hypersync for Tenable. Added two new fields to the 'External Vulnerabilities' proof type: First Found, Last Found, and Vulnerability Age. Also added two new filters to the proof type: Severity and Scan.

Updated! Hypersync for Orca. Added new filters for the following proof types: 'List of Alerts' (new filters for Cloud Provider, Status, Severity, Type, and Tags) and 'List of Assets' (new filters for Cloud Provider and Tags).

Updated! Hypersync for Azure. Added new proof type, List of Databases, to Azure Database for PostgreSQL Flexible Server, Azure Database for MySQL Server, and SQL Server.

Updated! DORA updated to include RTS on ICT.

Updated! APRA CPS updated to include CPS 230.

The following frameworks are now available in Hyperproof EU and Hyperproof Gov: Secure Controls Framework 2024, NIST 800-53 Full with SSP Reporting, ISO 26262, and EU AI Act.

AI Chatbot is GA! The AI agent summarizes answers from the help center and provides links to the source content, allowing you to access the full help articles.

Vendor questionnaire emails - Emails generated by the vendor module now include the vendor name.

Program Activity Feed updates - Fields used for reporting in the Program Requirement Details tab, such as SSP fields now send field update information to the Activity Feed.

Hypersyncs - The Hypersync for Jira Cloud now supports authentication using API tokens.

Updated programs - Secure Control Framework version December 2024 and Microsoft SSPA version 10 are now available with controls and crosswalks.

Policy - Version IDs are now editable.

Groups - Added support for groups as control owners and request assignees. Also added support for filtering by groups on the Controls grid and the Requests grid.

Assessments - Added support for the creation and import of requests in assessments. Requests can be assigned to team members or to auditors, and comments can be shared back and forth via the Activity Feed.

Filtering - Added support for filtering controls by owner.

Connection health - Users can now understand the connection health of a task integration. This feature proactively notifies users when a connection stops working and allows them to fix unhealthy connections. Also redesigned Settings > Connected Accounts for Hypersync connections.

Access Reviews - Added support for the Hypersync for Orca Security.

New! Hypersync for Bitbucket Cloud. Proof types include: List of Users, List of Users (Access Reviews), List of Pull Requests, and List of Commits.

New! Hypersync for SAP SuccessFactors (via Finch). Proof types include: List of Employees, List of Employees (Access Reviews), and List of Employees with a Change in Status.

Updated! Hypersync for Okta. New proof type: List of User Login Events.

Updated! Hypersync for Azure. New proof type: List of Application Configurations.

Updated! Hypersync for Tenable. New proof type: List of Attestations.

Updated programs: NIST 800-53 Full Catalog has been updated to version 5.1.1 and now includes SSP fields and reporting.

Scopes - From the Controls grid, you can import custom field values with control scopes.

Roles and permissions - Added support for bulk editing membership for tasks, requests, and evaluations.

Proof management - Expand the Proof list to display all versions of proof using the Expand proof versions option. When proof versions are listed individually you can bulk delete specific versions without deleting the entire proof record.

Access reviews - The following new Hypersyncs can be used to generate user access lists for an access review: Elastic Cloud, Elasticsearch, MongoDB Atlas, Wallarm, UKG Ready, and Dayforce.

Policy data is now available in Snowflake for Self-service reporting.

Gusto is deprecating the API used for the current Hypersync for Gusto. As a result, in this release, we are including a new Finch-based payroll Hypersync for Gusto. At the same time, we are deprecating the existing Hypersync for Gusto. If you are using the current Hypersync for Gusto, we recommend switching to the new Hypersync.

New! Hypersync for MongoDB Atlas. Proof types include: Backup Compliance Policies by Project, and List of Users.

New! Hypersync for Elasticsearch. Proof types include: List of Users.

New! Hypersync for Elastic Cloud. Proof types include: List of Users, Deployments, and Deployment Instances.

New! Hypersync for Wallarm. Proof types include: List of Users, Scanner State.

New! Hypersyncs via Finch, including Dayforce, Gusto, UKG Ready.

Updated! Hypersync for Okta. Proof types include: List of Devices, List of API Tokens, List of Deactivated Users, List of Groups, and List of Users for a Given Application.

Updated! Hypersync for Tenable. Proof type: Security Vulnerabilities.

New and updated programs: EU AI Act and ISO 26262 are now available as programs.