What's new in TridentStack Control

New

• You can now follow TridentStack Control updates on our public changelog at tridentstack.com/changelog, including an RSS feed for your reader of choice.

Improved

• The dashboard now loads noticeably faster and picks up where you left off instantly while refreshing data in the background.
• Vulnerability lists on agent pages load significantly faster.
• Pages that poll for updates now skip downloading data that has not changed, reducing background data transfer throughout the console.
• The Reporting page loads much faster on first visit.

Fixed

• Raw SQL report queries ending with a semicolon are now accepted instead of being rejected.
• When a report query fails, the error message now remains visible instead of leaving the results area blank.

New

• Import your existing Group Policy configuration: upload a Group Policy backup from the Policy Objects page, preview which settings TridentStack Control recognizes, and import them as policy objects. Imported policies arrive disabled so you can review them before enabling enforcement.

Improved

• Agent 1.1.57 began rolling out with stronger pre-installation checks for application updates, reducing failed installs.
• Windows feature upgrades now verify available disk space before starting, and report clearly when an endpoint does not have enough free space to upgrade.

Fixed

• Fixed an issue where some macOS application updates could fail to download.

New

• Microsoft Entra ID group sync: connect your Entra tenant under Settings, map groups to endpoint tags, and group membership stays in sync automatically every hour. Tag-based policies follow your directory without manual upkeep.
• EPSS exploit-prediction scores on vulnerabilities: both vulnerability views now show each CVE's likelihood of real-world exploitation alongside CVSS severity, with sorting and a minimum-EPSS filter to focus on what is most likely to be attacked.
• A guided setup experience for new tenants walks through enrolling your first endpoint, creating update policies, and organizing endpoints with tags. Replay or turn it off any time from User Settings.

Improved

• Vulnerability scanning is now incremental: endpoints are rescanned when their software actually changes instead of on every cycle, so results appear faster and fleet-wide scans finish sooner.
• The endpoints list refreshes automatically in the background, with a toggle to turn this off.

Fixed

• Notifications for newly detected critical vulnerabilities are now delivered reliably.

Security

• Ongoing security hardening across the platform as part of our regular security review process.

New

• A public status page is available at tridentstack.com/status, covering the application, agent connectivity, documentation, and website with uptime history.

Improved

• Vulnerability remediation status is clearer: when a fix has been installed but the endpoint has not been rescanned yet, the vulnerability now shows "Update installed, refresh on next scan" with a one-click Re-scan now button, instead of an ambiguous state.
• After remediating a vulnerability on an endpoint, a follow-up scan runs automatically so the result reflects the fix without waiting for the next scheduled scan.

Fixed

• Vulnerabilities that only affect the mobile edition of an application are no longer flagged against the desktop edition installed on your endpoints.

New

• macOS endpoints can now enroll in TridentStack Control. Manage Apple devices alongside your Windows and Linux fleet, including software inventory, update visibility, and policy assignment.

Security

• The macOS and Linux agent installers now verify the integrity and authenticity of the installation package before installing, protecting against tampered downloads.

New

• Billing is now live. Your first 200 endpoints remain free forever; beyond that, endpoints are $5 per month each, with an annual option that saves two months.
• Manage your payment method, view invoices, and track license usage directly from the dashboard.
• Licenses are assigned automatically as endpoints enroll, so there is nothing to provision by hand.

New

• Windows hotpatch updates are now identified in the update catalog with a dedicated badge, so you can see at a glance which updates install without requiring a restart. Endpoint detail views show whether each device is hotpatch ready, with a guide for enabling hotpatching in your environment.
• Compliance templates now show a risk summary before you apply them: how many controls could affect connectivity or sign-in behavior, with the highest-risk controls called out for review.

Improved

• Hotpatch releases carry full severity information and link to Microsoft's release documentation from the update detail view.
• Policies created from compliance templates record which framework they came from, so you can trace a setting back to its CIS or DISA STIG source.

New

• TridentStack Control is now generally available and serving production customers. One platform for patch management, third-party application updates, vulnerability detection, compliance tracking, and policy management.
• Native OS update management for Windows and Linux endpoints, with approval workflows, deployment rings for phased rollouts, and supersedence tracking.
• Third-party application updates with version targeting, silent installation, and per-group configuration profiles.
• Automatic vulnerability detection from your software inventory, with CVSS severity prioritization and exception management.
• Compliance framework tracking for CIS Benchmarks, DISA STIGs, Microsoft Security Baselines, and NIST controls, with automated scoring.
• Policy management with a web-based settings catalog that works with or without Active Directory.
• Your first 200 endpoints are free forever, with every feature included.