Changelog

🚀 Highlights

• Behavioral Trust ladder — the agent's process-containment engine no longer relies on hard-coded process name lists. A six-stage trust ladder (signed-publisher → tier inventory → known good behavior → reputation → user approval → automatic containment) evaluates every process in real time, so legitimate IT-management tools are never killed and unknown threats are never allowed.
• Defender-independent download scanner — the on-device scanner now produces its own verdict without depending on Microsoft Defender being installed or enabled. Premium-grade pre-filter blocks the most common phishing-stager patterns before the ML pipeline even runs.
• Real production signing keys — agent binaries now verify license JWTs against a real ES256 (NIST P-256) public key embedded in the binary. License revocation propagates within minutes through the cloud.
• Phantom toast fix — the agent no longer surfaces "threat blocked" notifications for benign scans of system directories. Default monitored path narrowed to user-writable locations only.
• QuickSecure Mobile — Android on Google Play — QuickSecure for Android is live on Google Play. Same on-device behavioral detection as desktop, plus paste-and-go Scam Shield, Number Lookup, Family Circle, and Breach Watch. Get it on Google Play.
• QuickSecure Mobile — iOS in review — iOS app submitted to App Store Review with 7-day free trial, StoreKit 2 subscriptions, and full backend provisioning via JWS. App Store Connect listing live; in-app purchase activation coming with first reviewer approval.
• 10-device cap on mobile subscriptions — Apple and Google subscriptions now cover up to 10 devices under one account, matching how families and small businesses actually use protection across phones, tablets, and reinstalls.
• Sign in with Apple — Apple Sign-In and Sign-Up now available alongside Google on corxor.com. Brand-compliant buttons on Login + Register, with auto-provisioning of local accounts on first sign-in.
• Customers showcase — new Customers page featuring our founding partners (Alka Group, Seda Makina) with their real logos, deployment context, and a founding-program limited to 10 spots.
• Tenant bootstrap automation — net-new Business and Enterprise tenants now provision end-to-end via a single GitHub Actions workflow that creates the tenant row, mints the ES256 JWT, and delivers the activation token to the operator. Pilot rollout time dropped from hours to minutes.
• Light-mode readability refresh — fixed dozens of "invisible text on white background" cases across QuickSecure pages where dark-mode colors were leaking through. Premium polish layer added site-wide: branded selection color, accessible focus rings, slim scrollbar, tabular numerals, sticky-header-aware anchor jumps.
• Localization 16 → 18 languages — Catalan and Greek now join the supported list across the website. Mobile apps already shipped in 18 languages.

Highlights

• AI Security Engine — integrated LLM-powered security intelligence across the entire platform. Ask natural-language questions about incidents, IOCs, and endpoint telemetry with full audit logging. Available in Workspace (AI Security Assistant) and SOC Command Center.
• AI-powered Incident Explanation — one-click AI analysis on any incident with structured MITRE ATT&CK mapping, impact assessment, and recommended remediation steps.
• AI IOC Assessment — intelligent IOC triage with threat scoring, context enrichment, and automated classification across hash, IP, domain, and URL indicators.
• SIEM Integration Hub — native webhook-based SIEM export with support for Splunk, Microsoft Sentinel, Elastic, and custom endpoints. Per-tenant configuration with health monitoring.
• Alliance Intelligence Network — cross-tenant threat intelligence sharing with confidence scoring, Bloom filter privacy, and ML-driven promotion of community-contributed indicators.
• AI API & Managed Keys — programmatic API access to the AI Security Engine with managed API keys, per-request usage metering, rate limiting, and tier-based entitlements.
• Security Engine Policy API — remote policy management for endpoint agents: containment rules, scan schedules, network monitoring, and AutoPilot configuration.
• Delta Sync Protocol — efficient incremental synchronisation between endpoints and cloud with conflict resolution, reducing bandwidth by up to 95%.
• AI Evaluation & Governance — built-in evaluation framework for AI response quality with ground-truth scoring, user feedback collection, and surface analytics dashboard.
• Knowledge Base Management — vector-indexed knowledge chunks for AI grounding with admin tools for indexing, searching, and managing the knowledge corpus.
• Workspace AI Assistant — personal AI security advisor for Business and Enterprise users, grounded in their own protection data, device telemetry, and threat history.

Highlights

• Mobile protection — QuickSecure now runs on Android 10+ and iOS 15+, bringing on-device AI to your phone and tablet.
• Multi-device licensing — Personal plan covers up to 3 devices (e.g. laptop + phone + tablet) under a single subscription.
• Collective Defence v2 — faster IoC propagation across the global network; new threats reach every endpoint in seconds.
• Enhanced XAI reports — richer explanations with feature-contribution breakdowns for every detection.
• Performance improvements — reduced idle memory footprint and optimised ONNX inference for ARM processors.

Highlights

• macOS support — full agent support for macOS 12 (Monterey) and later.
• AutoPilot improvements — configurable confidence thresholds and a new "silent quarantine" mode for high-confidence threats.
• SOC dashboard refresh — redesigned timeline view with device grouping and faster search.
• ML model governance — model versioning, drift monitoring, and canary deployment controls for Enterprise customers.

Highlights

• Network traffic analysis — lightweight DNS and connection monitoring to detect C2 beaconing and data exfiltration.
• Tenant isolation — per-tenant data partitioning and independent policy enforcement for Enterprise deployments.
• CLI enhancements — new commands for scan scheduling, allow-list management, and status reporting.

Initial Release

• Real-time file-system monitoring with ETW integration (Windows) and fanotify (Linux).
• On-device AI threat detection powered by ONNX — verdicts in under 15 ms.
• Cloud-based Indicator of Compromise (IoC) database with automatic sync.
• Centralised management dashboard for Business and Enterprise customers.
• AutoPilot mode for automated threat response based on AI confidence scoring.
• Explainable AI (XAI) — human-readable reasoning behind every detection.

Supported Platforms

• Windows 10/11 (64-bit)
• Ubuntu 20.04+, Debian 11+, RHEL 8+

• Adaptive AI engine — continuous on-device model fine-tuning based on your environment.
• Advanced network analysis — deep packet inspection and encrypted-traffic anomaly detection.
• Compliance reporting — automated export for SOC 2, ISO 27001, and GDPR audits.
• AI Threat Hunting — proactive threat discovery powered by natural-language queries across your entire fleet.
• Automated Playbooks — AI-orchestrated incident response workflows with human-in-the-loop approval gates.

Roadmap items are subject to change. Follow our Support page for the latest announcements.