Read about the latest changes to Thalian.
The Compliance page now covers four frameworks side-by-side: SOC 2, ISO 27001, NIST CSF 2.0, and ISO 42001. The Compliance Trend chart plots all four framework scores over time, so security teams can see at a glance which posture is moving and which framework is dragging.
MCP server v1.1.0 adds write-scope action tools; Okta AI agent principals now sync as first-class non-human identities; AI chat can now act on grouped findings and remove admin roles.
New interactive threat visualization, IP-based login context, dramatically less finding noise, and Thalian now installs directly from the Slack App Directory.
Three new integrations, 400+ detection rules, recurring access reviews with PDF evidence export, remediation playbooks, cross-platform offboard cascade, and Claude Opus 4.7.
Thalian now supports bulk decisions in access review campaigns, a FAIR-aligned entity risk model, and smarter integration error handling.
UX improvements across the landing page, demo experience, and signup flow based on a full product audit.
Thalian's detection engine nearly doubled — from 173 rules to 316 — with new integrations, deeper platform analysis, and findings that require 3+ connected platforms to surface.
GCP IAM sync now works reliably across all GCP organization configurations, and the analysis engine handles edge cases that previously caused silent data loss.
In response to the March 30 Axios npm supply chain attack (CVE pending, attributed to North Korean threat actor UNC1069), we audited all dependencies and confirmed Thalian is not affected — axios is not in our dependency tree.
Three major detection upgrades: Entra ID Conditional Access policy analysis, Okta System Log correlation rules, and expanded GCP IAM privilege analysis.