Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.osto.one/llms.txt

Use this file to discover all available pages before exploring further.

Version 9.1.1.8

December 1, 2025
  • Cloud Security (GCP Support): Posture Management now includes full Google Cloud Platform coverage with automated periodic discovery of key GCP services, enriched cloud asset metadata, and built-in security checks to detect misconfigurations across supported GCP resources.
  • Multi-Cloud Posture Visibility: The Cloud Security module now offers unified visibility and posture evaluations across Azure, AWS, and GCP projects, enabling complete multi-cloud analysis in a single consolidated inventory.

Enhancements

Cloud Security Experience
  • Visual Refinements: The Cloud Security interface has been updated with a cleaner layout that improves clarity and creates a more consistent multi-cloud viewing experience.
With this release, the Cloud Security module now supports Azure, AWS, and GCP — enabling complete visibility and posture analysis across all major cloud providers.

Version 9.1.1.7

November 25, 2025
  • Cloud Security (AWS): Full support for AWS environments with automated periodic discovery of key resource types, including EC2, EBS, VPCs, Subnets, Security Groups, S3 Buckets, RDS Instances, IAM Identities, Lambda Functions, EKS Clusters, and more.
  • Comprehensive Asset Inventory: Includes enriched configuration, networking, identity, and encryption metadata for complete visibility across all discovered AWS assets.
  • Built-in Security Checks: Get automatic findings for misconfigurations, exposure risks, and security-critical issues, enabling quick detection and faster remediation.
We are now supporting AWS along with Microsoft Azure, with GCP coming soon.

Version 9.1.1.6

November 19, 2025
  • Posture Management: New capability to continuously discover, map, and monitor your infrastructure’s security posture.
  • Cloud Security (Azure): Full support for Microsoft Azure with automated periodic discovery of 35+ resource types, including VMs, Disks, NSGs, VNets/Subnets, SQL Servers, Cosmos DB, Storage Accounts, Key Vaults, App Services, Functions, and AKS clusters.
  • Comprehensive Asset Inventory: Includes configuration, networking, identity, and encryption metadata for complete visibility.
  • Actionable Security Insights: Get findings and step-by-step remediation guidance powered by near real-time posture evaluation.
Support for AWS and GCP is already in development and coming soon.

Version 9.1.1.5

October 31, 2025
  • Audit Logs: Gain deeper visibility into administrative activities with enhanced tracking of all changes and actions, providing stronger transparency and compliance oversight.
  • WAF Custom Domain Proxy Support: Seamlessly connect your static sites (like Bettermode or GitBook) to your custom domain with a one-step proxy setup and automatic SSL management.
  • WAF Upstream Health Alerts: Stay informed with real-time alerts when upstream servers go down — ensuring you’re informed immediately and can act before your users notice.

Enhancements

  • Web Vulnerability Scanner Performance Upgrade: Our AI-assisted Web Scanner has been optimized for higher performance — offering 2x faster scan execution, improved detection accuracy, and smoother reporting.
  • User Policy Toggle: Policies can now be easily toggled between individual users and user groups, streamlining policy management and reducing administrative effort.
  • WhatsApp Notifications for Agent Installation: Users will now receive WhatsApp alerts when they are added or reminded for agent installation, ensuring seamless setup and onboarding awareness.
  • Enhanced Block Page Design: The domain filtering block page has been visually refined for a cleaner look and improved user experience.

Version 9.1.1.4

September 26, 2025
  • Agent Install Message Copy Option: A new option on the Users page allows admins to easily copy installation messages, which can then be shared on their official communication platforms to ensure smooth agent deployment across the organization. Multiple pre-built message templates are also available for added convenience.

Enhancements

  • Authentication Logs: Improved authentication log tracking with richer details and better visibility, helping admins monitor login activity more effectively.
  • Cloaking Pages: Added new cloaking page templates to strengthen web app protection, making it easier to mask sensitive details and reduce exposure during reconnaissance attempts.

Version 9.1.1.3

September 16, 2025
  • Admin Management: Super Admins can now add multiple Admins and assign tailored permissions for better control and governance.
  • Authentication Logs: Enhanced tracking of authentication activities for improved transparency and security oversight.

Enhancements

Web Application Firewall:
  • Easy Certificate Setup: Just add a CNAME record — the certificate will be issued within minutes and automatically renewed, with no manual steps required.
  • Flexible Configuration: Osto Web App & API Protection Module supports IPv4, IPv6, and domain name configurations.
  • Automatic SAN Certificates: If your website uses the “www” subdomain, Osto WAF will automatically detect it and issue a certificate that covers both the root domain and the “www” subdomain.
Domain Filtering:
  • Improved Domain Filtering Performance: Optimized traffic processing to reduce latency during high traffic loads — resulting in faster and more reliable domain filtering.
  • Domain Filtering Insights: Get helpful descriptions for domain categories within the policy settings.

Version 9.1.1.2

July 2, 2025
  • MacOS Support: The macOS Agent is now compatible with macOS versions 14 and 15.
  • AI-Driven Adaptive Web Protection Profiling: Automatically detect, monitor, and intelligently profile website and API traffic using AI.
  • WebChat Support: Get help when you need it — now live inside the admin dashboard.
  • TLS Version Configuration: Configure which TLS versions are allowed under Website advanced settings.
  • MFA for Secure Server Access: Multi-factor authentication for accessing critical infrastructure.
  • Endpoint Incident Enhancement: Enhanced user-level visibility for more precise detection and investigation of endpoint activities.

Enhancements

  • Onboarding Flow Optimization: Cleaner, faster, and smarter — improved DNS handling, more intuitive TLS settings, and optimized onboarding journey.
  • Expanded Dashboard Insights: New insights: Shadow APIs, Top 5 Accessed Servers, Top 5 Risky Users.
  • User Asset Management: View which users have (or haven’t) installed the Agent App; bulk notify users missing the app.
  • Domain Category Intelligence (Powered by AI): Searchable and explainable domain categories with tooltip guidance; automatically uncover related or secure subdomains via AI-driven discovery.
  • One-Click Recommended Policies: AI-curated best-practice security policies with zero guesswork.
  • Revamped DAST Web Scanner UI: Cleaner formatting, improved scan report readability, and scheduled email report delivery.
  • Osto Captcha Page UI Revamp: Smarter and more visually refined captcha page.

Security Updates

  • Enforced MFA for Server Access: Multi-factor authentication can now be enforced for all Secure Server and Secure Gateway connections.
  • Granular TLS Version Management: Fine-grained control over supported protocol versions.
  • AI-Powered Web Categorization: Our engine now categorizes over 100M+ domains across 60+ categories.