Skip to content

Changelog

What is new in NANOTESTING

Every release ships safer scans, clearer findings, and more audit-ready evidence. Each one gets a name we probably should not have let through code review.

  1. Sneaky Walrus

    v1.7

    Compliance and audit views you can scope to a single target, an honest Provisional grade when a check cannot finish, and fewer false positives.

    • NewSee compliance for one target at a time: /compliance toggles between your whole workspace and a single target, the dashboard compliance card can scope to a target, and you can export an evidence pack covering several targets at once.
    • NewFilter the audit log by target, so you can pull the history for just one system.
    • NewA 14-day free trial on the paid plans, now shown clearly on the pricing page.
    • ImprovedHonest risk grade: when some checks could not finish, the grade is marked Provisional on screen and in the PDF, and a check that was skipped is never shown as a clean pass.
    • ImprovedWider automatic API spec discovery across more frameworks, so contract fuzzing can run without uploading a spec by hand.
    • ImprovedLive scan progress now updates on its own, with no manual refresh needed.
    • ImprovedClearer Web3 guidance to add a free Etherscan key so on-chain source checks can run.
    • ImprovedRefreshed sample report and sample dashboard that match the real product, completed integrations docs, and new in-depth security guides on the blog.
    • FixedFewer false positives in HTTP request-smuggling and ERC-20 on-chain probes.
    • FixedMore accurate status page that reports the real current status.
  2. Purple Monkey

    v1.6

    Audit-ready compliance evidence packs, an honest posture across seven frameworks, and a phone-friendly dashboard.

    • NewCompliance evidence packs you can hand an auditor: a dated, scoped, control-by-control PDF, CSV, or JSON, with the assessment date, the systems in scope, and the evidence behind each control.
    • NewTen new in-depth guides in the security blog, each with a shareable preview card so they look great when posted.
    • ImprovedHonest compliance posture: controls an external scan cannot assess are clearly marked, never quietly counted as passing.
    • ImprovedThe whole dashboard now works one-handed on a phone, with a native-feeling bottom navigation.
  3. Crazy Train

    v1.5

    OWASP Top 10 2025 everywhere, and injection, XSS, and SSRF now count toward your framework posture.

    • ImprovedFindings map to the OWASP Top 10 2025 categories consistently across the dashboard and every exported report, so the numbers always agree.
    • NewInjection, cross-site scripting, and SSRF findings now roll up into your NIST CSF, CIS, and PCI DSS control posture.
    • ImprovedOne shared control catalog means a finding is never dropped or shown under a different control depending on where you look.
  4. Spoiled Milk

    v1.4

    Scan on a schedule, and patch what is actually being exploited first.

    • NewRecurring scheduled scans so your posture never goes stale between releases.
    • ImprovedDependency vulnerabilities are ranked by real-world exploitation (KEV and EPSS), so you fix what matters this week instead of drowning in CVSS scores.
    • ImprovedTrend reports chart your security score over time so you can see the line moving the right way.
  5. Lazy Sunday

    v1.3

    Mobile app scanning and more affordable plans.

    • NewScan mobile apps directly: upload an Android APK or iOS IPA and get the same prioritised findings as a web target.
    • ImprovedRefreshed pricing so the plans are easier to start on.
    • FixedA range of polish across reports and the findings view for a cleaner read.
  6. Disco Hamster

    v1.2

    Compliance mapping arrives, plus signed, shareable reports.

    • NewCompliance mapping: every finding is tied to the OWASP, ISO 27001 Annex A, and SOC 2 controls it touches.
    • NewSigned, verifiable PDF reports you can share with customers and auditors.