Skip to main content

1.70.0 (April 16, 2026)

Ben Douglas
Updated

Improvements

Assurance Details Review Migration 

See Full Details External Link.svg 

Reviewer Change.png
NOTE: Any Assurance Details Status Reviews (left) have been moved to the Bottom of the Reviewers list on the Review tab (right).
  • There is now only one way to review Control Implementation and Solution Capability records. 
  • We have migrated existing 'Assurance Status Review' to the Reviewer tab in the side panel
  • Modified dashboard Solution Capability Review Status to pull from Review tab instead of now retired 'Assurance Status Review'
    Dash.png
  • Reviewer "Reviewed" status now automatically clears when a Solution Capability, Control Implementation, or Element is edited, so reviewers are prompted to re-review after changes. Implementation Status and Remarks are excluded — updates to those fields will not reset the Reviewed status.
    Element Reviewer (1).png
  • Added setting to optionally create a 'Final Reviewer'. Once the 'Final Reviewer' has reviewed the entire record is considered 'Reviewed'. 
     

New Trust Center (Beta)

See Full Details External Link.svg 

  • Launched a brand-new public Trust Center at trust.paramify.com, giving your customers a self-serve home for your security posture.

  • Create and manage your Trust Center directly from Paramify, a configurable company slug, and a dedicated login experience.

    Trust Center.png

Program, control, subprocessor, and system visibility

  • Publish controls, subprocessors, and systems alongside your programs, with an expanded control status set (Pass, Planned, Partial, Fail, and their sub-states) to more accurately reflect your real environment.

Deliverables

  • Manage deliverables directly in the Trust Center, now with description fields so you can give customers context on what they're about to view.
  • Download support for both public and restricted deliverables, so approved users can grab the artifacts they need in one click.

Access requests and notifications

  • Requesters can now select a specific product offering and choose which programs and deliverables they need access to when submitting a request.
  • Access requests now trigger in-app notifications in Paramify, and send requesters an email once their request has been approved or denied — with duplicate and already-acknowledged requests cleaned up automatically.

Settings and publishing

  • The Trust Center settings page now includes a live URL preview, a "View" button that jumps straight to your published site, and a "last published" timestamp so admins always know how current the public version is.

Solution Capabilities

See Full Details External Link.svg 

Picky Syncing 

  • Replaced the previous "all or nothing" sync behavior with a new selective field sync — choose exactly which fields to update when syncing workspace solution capabilities from their template
  • A new Select Fields to Sync modal lets you review and check off individual fields before applying any changes
  • Rows in the sync modal are fully clickable for a faster selection experience

Bulk Field Sync

  • New bulk action on the workspace solution capability list to apply selective field sync across multiple solution capabilities at once — select which fields to push before confirming

Evidence

Associated Evidence in Solution Capabilities and Control Implementation

  • Added an Associated Evidence panel in the solution capability and program control implementation side panels — view and add artifacts to evidence sets directly from these views without navigating away

Evidence Export

  • Evidence exports now include the evidence name, making exported files easier to identify and organize

Risk Solutions

See Full Details External Link.svg 

Adoption Status

  • Added a new Adoption Status field to Risk Solutions, separate from Solution Status, for tracking whether a risk solution has been adopted by a partner or stakeholder
  • Supports inline editing directly from the list view, as well as editing from the detail side panel
  • New Adoption Status filter available on the Risk Solutions list

Assessments

See Full Details External Link.svg 

Assessor Viewer User Type

  • Introduced a new Assessor Viewer user type that provides read-only access to assessment records
  • Assessor viewers can open and review assessments without the ability to create, edit, or delete any assessment data
  • Updated user type descriptions across the platform to accurately reflect the capabilities of each role

Issues & Vulnerability Management

Impacted Inventory Auto-Update

  • Vulnerability issues now automatically update their impacted inventory based on findings in scan file uploads, reducing manual data entry
  • Added ability to search for issues by searching by asset name (AKA impacted inventory)

Customizable SLA by Issue Risk Level

  • SLA durations can now be configured per risk level — set custom timeframes (e.g., 90, 60, or 30 days) for each issue risk level to match your organization's compliance requirements

Integrations

Jira — OAuth Support

  • Added OAuth authentication as an alternative to basic auth for the Jira integration, supporting organizations with stricter security requirements

API

Validators

  • New GET /validator endpoint to list validators in your workspace, with filtering support by validator ID list or type (automated or attestation)
  • New GET /validator/{validatorId} endpoint to retrieve a specific validator by ID

Evidence

  • Added the ability to get and set collection frequency and start date on evidence sets via the PATCH /evidence endpoint

Custom Control Management (Beta)

Deletion Protection for Custom Compliance Objects

  • Custom catalogs, compliance profiles, program types, catalog controls, and profile controls can no longer be deleted once a workspace program is based on them — a warning message explains what is preventing deletion

Suggested Mappings and Program Mappings on Custom Catalogs

  • Suggested mappings and program mappings on solution capabilities now include custom catalog controls, matching the behavior already available on predefined catalogs
  • Suggested mappings are grouped by catalog for easier navigation

Expanded Bulk Actions and Filtering on Custom Programs

  • New Owner, Parameters, and Reviewer Status filters added to the control implementation list on custom programs
  • New Download Control Implementations bulk action and menu option added to custom program control lists
  • New Apply Suggested Solution Capabilities option added to the custom program control implementation list
  • Owner and Review Status columns now available on custom program control lists

Additional Improvements

  • Improved catalog intake with a loading spinner during file upload and better column capture for XLSX files with sparse data
  • Custom programs now display accurate data in the programs list view, including program type name and certification detail
  • AI model can now be selected in workspace settings (Beta)

Performance

  • Various performance improvements across the application

Fixes

  • Fixed bugs related to the GovRAMP control matrix document
  • Various fixes across solution capabilities, custom programs, and assessments
  • Fixed an issue where certain XLSX file formats caused upload failures during catalog intake

Security

This release includes security-related dependency updates. Updating is recommended for all users.

 

Related articles

Comments

0 comments

Please sign in to leave a comment.