Skip to content
English
More support Customer portal Sign in
Contact us
  • There are no suggestions because the search field is empty.

Release history

A snapshot of Cydarm updates

10 December 2025

Enhancements and bug fixes 0.8.55.0

New features

CACAO playbook automations

With our new CACAO hybrid automation feature, you can now automate actions within playbooks using input and output variables - triggering API enrichments to run automatically and freeing up your team to focus on what matters most! 

Look for the lightning bolt icon, which signals that an automation is linked to the playbook step.

Timezone tooltips

Thanks to a great suggestion from one of our customers, and as a special addition before the end of the year, we've added a "world clock" style tooltip for timestamps.

To set up your preferred time zones:

  1. Click the globe icon in the top menu bar
  2. Click the settings cog
  3. Use the + button to add your preferred time zones

Once configured, simply hover over any timestamp in the Case Activity Thread to see it displayed across all your preferred time zones simultaneously—no more toggling or manual conversions. A small but powerful addition to help teams stay aligned across regions!

EzyConnect expansion

In our last release, we introduced VirusTotal as the first integration of our new EzyConnect self-service integration capability. We're excited to share that this release expands the library with 7 new modules, all available under EzyConnect on the Settings page:

  • AbuseIPDB
  • GreyNoise
  • Microsoft Teams
  • MISP
  • Slack notifications
  • URLScan

Enhancements

  • Improved OpenAPI spec and API documentation generation for better accuracy and developer usability.

For a detailed overview of this month's release notes, refer to Release notes 0.8.55.0

 

21 November 2025

Enhancements and bug fixes 0.8.54

New features

We're excited to introduce a couple of major features designed to enhance your incident response capabilities:

1. EzyConnect: We've created a simplified way to set up integrations and automated responses. The first integration available through EzyConnect is VirusTotal, which allows you to automatically scan indicators of compromise (IOCs) and add results to cases. Future releases will include new EzyConnect integrations.

Key features of EzyConnect:

  • The EzyConnect functionality is located in the left side menu under Settings > EzyConnect.
  • This new EzyConnect settings screen provides an intuitive wizard-based setup experience.
  • VirusTotal EzyConnector is available for streamlined IOC enrichment.

2. User-configurable webhook receiver service: The webhook receiver listens for incoming webhook requests and automatically creates Cydarm cases. It uses configurable templates to map webhook data (JSON or URL-encoded) to case fields including description, severity, tags, and metadata. It supports creation of multiple webhook endpoints and attaches full payloads as JSON files.

Enhancements

Case management
  • Introduced Organization-specific default metadata fields, which automatically populate the Add Metadata dialog with frequently used fields, reducing data entry time and effort.
  • Enabled hover text for single tags in tag groups when the tag text is too long to display fully.
  • Reduced minimum width for case description field to improve layout with short descriptions.
  • Fixed rendering bugs causing text overlap in various parts of the interface.
Reporting and dashboards
  • Elevated the Reports page and the newly renamed Dashboards page (formerly Charts) to the top menu bar for easier access.
  • Enhanced layout consistency and CSS styling on the Dashboards page.
  • Significantly improved chart loading performance when changing date ranges.
Playbooks 
  • Added a Significance level dropdown to Playbook > Action> Comments. This update allows users to set the significance of a comment directly within the playbook interface, eliminating the need to navigate to the activity thread.
Integrations
  • Updated SMTP connectors to handle TLS mode when configured to use port 465.
  • Renamed Advanced Connectors and Advanced Triggers settings for clarity.

Bug and security fixes

For a detailed overview of this month's release notes, refer to Release notes 0.8.54

 

7 October 2025

Enhancements and bug fixes 0.8.53

Enhancements

  • Enhanced the Metrics > Charts page:

    • Date filtering: Enabled date filtering for charts to allow users to view data within specific time frames.
    • Date format update: Updated the date field format in the date picker to reduce ambiguity. For example, 3 January 2025 will now appear as 3/Jan/2025.
  • Introduced a property allowing users to select which columns are always included when generating the Case Details Report.
    • For detailed instructions on how to set this property, see our help page.
  • Expanded table fields in case summary reports for better visibility, with the option to widen fields further after downloading.
  • Improved error message handling in CACAO Roaster to provide clearer and more actionable feedback to users.
  • Updated the default display of JSON objects to a table format for easier readability and management.
  • Added an indication that the Description field is required in the ATC playbook display to ensure completeness and accuracy.

Bug and security fixes

For a detailed overview of this month's release notes, refer to Release notes 0.8.53

 

26 August 2025

Enhancements and bug fixes 0.8.52

New feature

CACAO branching playbooks, including editing with the embedded CACAO Roaster application.

The following enhancements were made to CACAO branching playbooks within Cydarm: 

  • Fixed existing CACAO interface bugs to ensure consistency with specifications.
  • Provided default access to CACAO playbooks for all users.
  • Enabled storage of partially complete draft CACAO playbooks.


For detailed information on using CACAO playbooks, refer to our article Creating and managing branching playbooks in Cydarm in the Knowledge Base library.

Bug and security fixes

For a detailed overview of this month's release notes, refer to Release notes 0.8.52

 

16 June 2025

Enhancements and bug fixes 0.8.51

New feature

Backdated Data Entry (Retrospection)

We now support backdating notes on cases, enabling you to enter data at a later time and have it appear in the case timeline as if they occurred at that time.

  • A new Add backdated entry option has been added in the dropdown arrow that appears next to the Save button when entering notes on cases.
  • Backdated entries include a distinct visual indicator (a clock icon) in the case activity thread to differentiate them from real-time entries. Simply hover over the clock icon to see the actual Added date/time the entry was created.
  • Note that the actual time the entry was created is also recorded and stored in the case activity thread.
  • Backdated entries appear in reports chronologically based on their assigned date. 

Bug and security fixes

For a detailed overview of this month's release notes, refer to Release notes 0.8.51

 

30 April 2025

Enhancements and bug fixes 0.8.50

New integration

Microsoft Sentinel and Microsoft Defender

Enhanced our platform with new integrations with Microsoft Sentinel and Microsoft Defender, giving you the flexibility to select which specific data sources to integrate, including Microsoft Security Alerts, Microsoft Sentinel Incidents, Microsoft Defender for Endpoint, and Microsoft Defender XDR.

  • These integrations can also be set to close the related alert or incident in Sentinel or Defender when the associated Cydarm case is closed.
  • You can set up these integrations in Settings > Connectors.

Bug fixes

For a detailed overview of this month's release notes, refer to Release notes 0.8.50

 

07 April 2025

Enhancements and bug fixes 0.8.49

New feature

Mandatory tags groups

  • Mandatory tag groups are now available, allowing managers to set tag groups as mandatory depending on the status of a case. When a case enters a status with mandatory tags, the UI will prompt users to add at least one tag from the designated group. For example, while a case is in Analysis the user might be required to characterize the case with a tag from the outcome group, such as outcome:false-positive

Enhancements

  • Simplified tag names by removing duplicate group names for tags that are part of a group. 

Bug fixes

For a detailed overview of this month's release notes, refer to Release notes 0.8.49

 

13 March 2025

Enhancements and bug fixes 0.8.48

Enhancements

  • Organized tags into groups to simplify management of long tag lists. Tag filter functionality remains unchanged.
  • Truncated overflowing tag groups into a Show more dropdown for cleaner UI navigation.
  • Replaced the profile icon with a three-dot menu icon (⋮) in the top-right corner, and added username visibility to the menu for improved accessibility and at-a-glance account confirmation.

Bug fixes

For a detailed overview of this month's release notes, refer to Release notes 0.8.48

 

05 February 2025

Enhancements and bug fixes 0.8.47

Enhancements

  • Added automatic saving of draft notes when switching between platform pages in a single session. This feature preserves your work in progress, however, the following exceptions apply: 
  • Introduced a new + Create Case button in the toolbar, allowing you to initiate a new case from any location within the platform.
  • Added a Case Groups section to the Case Details Report to help you identify case group memberships and understand links between related cases. 
  • Added new webhook templates to enhance the readability of timestamps.
  • Improved error messaging when user creation fails.

Bug fixes

For a detailed overview of this month's release notes, refer to Release notes 0.8.47

 

13 January 2025

Enhancements and bug fixes 0.8.46

Enhancements

  • Added a count of Member Cases for each case to the Case Details Report.
  • Added list of contributors to the Case Details Report.
  • Search in the Select Action dropdown now filters by action name only.
  • Actions in playbook menus are now sorted alphabetically.
  • Updated Cydarm logo in all downloadable reports.
  • Removed unused UI fields in metadata to enhance ease of use.

Security improvements

  • Security enhancement: prevented SAML replay attacks, where an attacker with access to the SAML assertion could create additional access tokens.
  • Security enhancement: prevented potential webhook abuse via Server Side Request Forgery (SSRF).

Bug fixes

For a detailed overview of this month's release notes, refer to Release notes 0.8.46

 

07 November 2024

Enhancements and bug fixes for 0.8.45

New features

Automations 

  • Implemented round trip webhook enrichment to streamline threat analysis and automate response workflows, eliminating the need to switch between applications!
  • For a practical example of how to connect and use these bidirectional automation capabilities across various platforms, please refer to the article Automating VirusTotal hash lookups with Cydarm in our Knowledge Base library.
  • We will soon introduce specific webhook connectors to further streamline your integration process and enhance user convenience.

Platform improvements

  • Upgraded Tenable integration for enhanced case management compatibility.
  • Modernized email poller and updated multi-connector architecture to improve stability.
  • Cleaned up front end documentation and updated tooltips.

Bug fixes

For a detailed overview of this month's release notes, refer to Release notes 0.8.45

 

03 October 2024

Enhancements and bug fixes for 0.8.44

New features

Automations

  • Enhanced generic webhooks to include support for more case variables. A complete list of supported templated variables can be found here, with copy-and-paste examples for use within your Cydarm instance available here.
  • For an overview of our Generic outbound webook capabilities please view  our Knowledge Base article Generic outbound webhooks.

    Platform improvements

    UI improvements 

    • Enhanced the webhook setup screen to display complete lists of available platform triggers.

    Performance improvements

    • Improved performance in quick-search through smarter indexing. 

    Bug fixes

    For a detailed overview of this month's release notes, refer to Release notes 0.8.44

     

    11 September 2024

    Enhancements and bug fixes for 0.8.43

    New features

    1. Automations

    • You can now add any webhook that conforms to the webhook pattern to enhance your workflow. All services that allow authentication via URL strings can be integrated.

    2. Syntax highlighting 

    • Syntax highlighting on code blocks allows users to easily identify and understand code snippets. For more details, please refer to the Syntax highlighting for code blocks article. 

    Platform improvements

    • New Help link in the Profile menu dropdown takes you directly to the Cydarm Knowledge Base Library and Support Portal.
    • Consistent Form submission heading and spacing in activity thread.
    • Consistent SLA information display across the Case View and Case List pages.
    • Enhanced readability and usability of metadata fields in Case View.
    • Enhanced STIX 2.1 UI rendering to improve UUID usage, URL patterning, and SDO compliance.
    • Enhanced bulk case update functionality: new API endpoint for streamlined case management. For example bulk changes to case workflow status.

    Performance improvements

    • Smart fetching in Case Activity Thread to improve performance.
    • Improved Metrics Summary Report Preview loading time.

    Bug fixes

    For a detailed overview of this month's release notes, refer to Release notes 0.8.43

     

    17 July 2024

    Enhancements and bug fixes for 0.8.42

    New features

    1. CACAO playbooks (in limited beta)

    • CACAO playbook control flow supports OASIS CACAO v2.0 Committee Specification 01.
    • OASIS CACAO playbooks can be uploaded into the playbook editor from an external file, and attached to cases. 
    • CACAO playbook type tags triggers auto-addition of all cacao playbooks of that type to case.

    2. Automations

    • Allow webhook connectors to send payloads templated with mustache.
    • Enable integration administrators to configure platform events to trigger operations against connectors.
    • Platform events and exposed variables: A list of variables is now available within the product interface. For information on locating the variables, please refer to the Trigger automation configuration article in our Knowledge Base.

    Platform improvements

    • Comments on playbook actions are now collected under a parent comment with a meaningful label. 
    • Changes to tags and metadata on the Case View page now load immediately after update.
    • Case view sidebar ACL display is now more intuitive and uses less space.
    • Improvements to the playbook list UI. 

    Bug fixes

    For a detailed overview of this month's release notes, refer to Release notes 0.8.42

     

    03 June 2024

    Enhancements and bug fixes for 0.8.41

    This release prioritized enhancing platform performance and addressing bugs to ensure a smoother and improved experience for our users, as well as pave the way for user configurable webhooks, along with initial enhancements to Cacao playbook implementation!

    Platform improvements

    • Enhancements to the quick search functionality to reduce query times.
    • Improve the performance of the case thread for cases with multiple attachments.
    • Omit response fields that are not populated

    Bug fixes

    For a detailed overview of this month's release notes, refer to Release notes 0.8.41

     

    30 April 2024

    Enhancements and bug fixes for 0.8.40

    New feature

    • Knowledge pages (aka Wiki) now allow users to attach/delete documents and create child pages. 
    • Webhook Sender Connectors: you can now send a JSON webhook in response to a platform event - the initial release of this feature sends a Slack notification when a case is created.

    Platform improvements

    • UI improvements to Case View page (timestamps, items expandable/collapsable)

    Bug fixes

    For a detailed overview of this month's release notes, refer to Release notes 0.8.40  

     

    21 March 2024

    Enhancements and bug fixes for 0.8.39

    New feature

    • Made the paginated case list the default (optional: customers can opt out by setting a system property).
    • Added drag and drop support for Add ItemNote modal on the case activity thread.
    • Create a user account on the first successful SAML login, using configurable defaults. (optional)

    Platform and performance improvements 

    • Enhanced the new connector infrastructure to implement the delete functionality. A user can now delete a connector created through the Settings > Connector page.
    • Trigger handler returns immediately on validating webhook received

    Bug fixes

    For a detailed overview of this month's release notes, refer to Release notes 0.8.39 

     

    16 February 2024

    Enhancements and bug fixes for 0.8.38

    New feature

      • Email notification on Case Assignment. This is the second connector built on the new automation architecture. It can be configured from the Settings > Connectors page in the Cydarm. More information can be found at Email notification on case assignment 

    Platform improvements

    • Update to the quicksearch API to improve search speed.
    • Improved case load speed. 
    • Configurable rate limiting middleware applied to some API endpoints to improve reliability and stability.

    Security updates

    • Security update to openssl dependencies. 
    • Security update to HashiCorp vault.
    • Permissions update

    Bug fixes

    For a detailed overview of this month's release notes, refer to Release notes 0.8.38

     

    8 January 2024

    Enhancements and bug fixes for 0.8.37

    New features

    • The first self-serve automation has been deployed. Our email poller service now has a configuration page so that you can easily set up an email poller via the Cydarm UI.

    Platform improvements

    • Enhanced the performance of Incident Report generation and increased the timeout on the Pandoc server to improve the reliability of generating very large reports.

    Bug fixes

    For a detailed overview of this month's release notes, refer to Release notes 0.8.37

     

    4 December 2023

    Enhancements and bug fixes for 0.8.36

    New feature 

    • Bulk IOC Upload: You can now add multiple Indicators of Compromise (IOCs) to a case by uploading a correctly formatted CSV file.

    Platform improvements

    • Introduced new controlled playbook ACLs to allow for easy control over who can edit playbooks.
    • A new ACL, manager private, has been created. In new installations, this is used to allow manager users to re-open closed cases. For upgraded installations, case status transitions are not modified. To find out more about modifying case status transitions, see the article Case status configuration .

    UI Enhancements and Bug Fixes


    For a detailed overview of this month's release notes, refer to Release note 0.8.36

     

    20 September 2023

    Enhancements and bug fixes for 0.8.35

     Performance improvements

    • The Case Details report (CSV output) has been optimized to be produced in less time.
    • Significant reductions in database timeouts to boost overall performance.
    • Optimized Case View loading time for a snappier user experience.
    • Enhanced loading time for the Launch Page, resulting in a faster display.

    UI enhancements and bug fixes


    For a detailed overview of this month's release notes, refer to Release notes 0.8.35

     

    9 August 2023

    Enhancements and bug fixes for 0.8.34

    Performance improvements

    • On the Playbook Action page, we have made some styling improvements, including markdown rendering in the action description. Also, when adding an action to a playbook, the new dialog provides separate selections to add an Existing Action or to create a New Action.
    • On the Case Details View:
      • Filters will clear when a user opens a new case.
      • Fixed a bug relating to the date/time picker for IoCs using Safari browser.
      • The size of the drag and drop target zone has been increased.
      • Fixed upload of STIX data files on the case activity thread (*.stix.json).
    • On the Metrics Charts page, the aggregation on the opened and closed cases chart has been set to more sensible defaults.
    • Quick search bar includes closed cases in search results.
    • Update close conditions for SLA timers. Timer will stop when reaching a specific ending state condition for SLA timer, but also when case enters other standard end states.

    API enhancements


    For a detailed overview of this month's release notes, refer to Release notes 0.8.34

     

    26 June 2023

    Enhancements and bug fixes for 0.8.32

    New feature 

    Enhancement for case access control list

    • When updating the case access control list, you can choose to update all historical case data items on that case to the new ACL. Previously, when the Case ACL was changed, the new ACL only applied to new items on the case. Now, you have the option to apply the new Case ACL to all historical case data if desired.

    Performance Improvements

    • Performance improvements through API and DB optimisation.

    UI Enhancements

    • UI tweaks to Cases 
    • Improved alignment and layout of information on playbooks and playbook actions.
    • Improved alignment and layout of information on Metrics Charts page and Reports page
    For a detailed overview of this month's release notes, refer to Release notes 0.8.32

     

    31 March 2023

    Enhancements and bug fixes for 0.8.30

    Performance improvements

    • Case Audit Report - The report generated from the Case Details View > Report page: The form data in this report is now displayed in the same way that it appears in the case activity thread.
    • Playbook Action Comments - When adding comments to playbook actions, there is now an ACL selector so that an alternative ACL can be selected for individual comments.
    • Case Details Report uplift.
    • Summary Report - Improved formatting of the report preview.

    For a detailed overview of this month's release notes, refer to Release notes 0.8.30

     

    2 March 2023

    Enhancements and bug fixes for 0.8.29 

    New feature

    • Brand new capability in the Cydarm Wiki, uplifted playbooks with the addition of Comments on Playbook Actions.

    API documentation updated 

    Bug fixes

    For a detailed overview of this month's release notes, refer to Release notes 0.8.29

     

    14 January 2023

    Enhancements and bug fixes for 0.8.28

    New feature

    • SLA timer has been added to the metadata panel
    • The default value when entering text in the Data tab has been shifted to focus on the Data Type field rather than the Value field. 
    • Dynamic updating has been implemented across case headers, the UI now dynamically updates changes made to case headers across all open instances.
    • Design updates

    API documentation updated

    Bug fixes


    For a detailed overview of this month's release notes, refer to Release notes 0.8.38

     

    14 December 2022

    Enhancements and bug fixes for 0.8.27

    Highlights

    • UI updates: Case Detail View usability improvements
    • UI updates: Design changes for Playbooks attached to cases

    Enhancements and bug fixes


    For a detailed overview of this month's release notes, refer to Release notes 0.8.27

     

    10 November, 2022

    Enhancements and bug fixes for 0.8.26

    Highlights

    • Additional API functionality on the /case endpoint to support case list filtering, sorting, and pagination.
    • The Reports capability now includes the ability to generate a preview prior to download.
    • A user can now add tags to the individual actions on that playbook.
    • Email poller integration enhancements

    Enhancements and bug fixes


    For a detailed overview of this month's release notes, refer to Release notes 0.8.26

     

    29 September 2022

    Enhancements and Bug Fixes for 0.8.25

    New feature 

    • Improved the selection controls and making the statistics easier to understand and consistent across the Case Details Report and the Summary Report.
    On the Login page, the MFA entry field has been separated out from the password entry field

    Enhancements and bug fixes


    For a detailed overview of this month's release notes, refer to Release notes 0.8.25

     

    15 September 2022

    Enhancements and bug fixes for 0.8.24

    Highlights

    • Restyled UI across more of the platform: specifically the search filters on Case List, and the header and information panel on the Case Details View.
    • Uplifts to the Case View and Reports pages

    Bug fixes

    For a detailed overview of this month's release notes, refer to Release notes 0.8.24

     

    29 August 2022

    Enhancements and bug fixes for 0.8.23

    Highlights

    • Slack integration enhancement.
    • Restyled UI across more of the platform.
    • Improved interaction when adding tags to a case. The list of tags no longer includes tags that are already on the case.
    • Improved experience of sticky menu items when scrolling.
    • Updated Summary Report: recomputed data for most used playbooks.
    • Improved the sizing for embedded images on playbooks.

    Bug fixes

    For a detailed overview of this month's release notes, refer to Release Notes 0.8.23

     

    3 August 2022

    Enhancements and bug fixes for 0.8.22

    Highlights

    • Launch of a completely refreshed and updated version of the Cydarm website.
    • Restyled UI across more of the platform.
    • Case Details Report now produces timestamps in an Excel-compatible format.
    • Spinner added to show a process is loading.
    • Fixed classification banner setting. 

    Bug fixes

    For a detailed overview of this month's release notes, refer to Release notes 0.8.22

     

    23 June 2022

    Enhancements and bug fixes for 0.8.21

    Highlights

    • Restyling of the UI for a more modern and responsive experience. 
    • Improved search to include names of files on cases, information entered in forms, CSV, and some other data types that were previously not indexed.
    • Updated email poller configuration to new format, toward customer administrator serviceability.

    Bug fixes

    For a detailed overview of this month's release notes, refer to Release Notes 0.8.21

     

    10 June 2022

    Enhancements and bug fixes for 0.8.20

    Highlights

    • Improvements to our Forms feature.
    • Improvements to the ServiceNow integration
    • Improvements to the Email Poller subsystem including support for email polling against Exchange365 via MS Graph API.

    Bug fixes

    For a detailed overview of this month's release notes, refer to Release Notes 0.8.20

     

    8 April 2022

    Enhancements and bug fixes for 0.8.19

    Highlights

    • Dashboard to see SOC performance at a glance.
    • Reports and Charts appear under Metrics on the main navigation bar.
    • ServiceNow integration now includes a facility to mirror Cydarm cases into ServiceNow tickets.
    • The Case View now includes macOS keyboard shortcuts and hotkeys.
    • Better error notifications for failed operations.
    • More consistent language in forms and dialogs.

    Bug fixes

    For a detailed overview of this month's release notes, refer to Release notes 0.8.19

     

    3 March 2022

    Enhancements and bug fixes for 0.8.18

    Highlights

    • Added edit capability for Contacts.
    • Better display of fields in Asset list and creation dialog.
    • Asset selection available as a Form field type in Case View.
    • Improved logic and fixed bugs related to user creation.
    • Users can only be direct members of one Organization.
    • Bulk asset CSV upload fixed.
    • Several minor corrections to specific ACLs to improve usability.
    • Better error notifications for failed operations.
    • Improved test coverage.

    Bug fixes

    For a detailed overview of this month's release notes, refer to Release notes 0.8.18

     

    8 December 2021

    Enhancements and Bug Fixes for 0.8.17

    Highlights

    • Integration of detection alerts from CrowdStrike.
    • Integration of alerts from Panther SIEM.
    • Faster case thread rendering.
    • Faster text search.
    • Faster service level evaluation.
    • Faster ACL filtering.
    • Case creation from a Slack command.

    Bug fixes

    For a detailed overview of this month's release notes, refer to Release Notes 0.8.17

     

    For more detailed technical information please refer to our Cydarm API documentation.