Changelog
Follow up on the latest improvements and updates.
RSS
We’ve just rolled out two key updates to help you manage Secfix more efficiently as your team grows.
New user roles
You now have more flexibility in how you grant access:- View-only Admin: Read-only access to all pages. Perfect for auditors.
- Editor: Can edit most pages but cannot view sensitive areas like Employees or Access.
These roles make it easier to involve subject-matter experts without overexposing sensitive information. (Coming soon: Collaborator role)
Refreshed Sidebar Structure
The sidebar has been reorganized to improve clarity and navigation. Pages are now grouped under logical sections like Compliance, Personnel, Risk, and Trust, making it easier to find what you need.
We’ve replaced the Compliance Reports page with a brand new Frameworks page, giving you a much more powerful way to stay on top of your compliance requirements.
With the new Frameworks page, you can easily review all framework requirements in one place and view each control along with everything mapped to it, including:
- Manual evidence
- Automated checks
- Risk scenarios
- Policies
You can now leave comments on risk scenarios in the Risk Register!
After rolling out the comments feature to Automated Checks and Manual Evidence, we’ve extended it to the Risk Register so your team can easily collaborate, ask questions, and provide context right where it's needed.
This week, we rolled out updated filters on the Manual Evidence page to bring consistency with other pages and make filtering easier. You can now quickly narrow down the list to show items that need attention, are assigned to you, or filter by owner, standard, recurrence, or status.
This makes it easier for teams to collaborate, ask questions, and provide context all in one place. Whether you're reviewing uploaded documents or clarifying evidence requirements, the new comments section keeps communication tied to the relevant item.
We’ve rolled out three major features to level up your experience:
Comment tagging
You can now tag team members in automated check comments! Tagged users will receive an email notification with a direct link to the comment. 
Automated Checks History
Track progress over time with new historical graphs! You can now view:- A general completion history graph for all automated checks.
- A check-level graph showing how many resources passed the check over time.
Test Data tab
For each check run, you can now inspect the test data as JSON to see exactly which resources it was executed on.
Deactivate specific resources in automated checks
You can now deactivate monitoring for one or more failing resources within an automated check. This is helpful when a resource isn’t relevant or when you'd rather attach manual evidence instead. Just provide a reason and optional attachments. You can reactivate the resource at any time. 
View onboarding evidence for terminated employees
Onboarding task evidence is now visible on terminated employee profiles, making it easier to reference historical records during audits or reviews.
👥 Employees Page Improvements
- Added filters and improved layout for a smoother experience.
- The "Not a person" group is now added as a default employee group.
- When you mark an account as "Not a person," their employee group is automatically updated.
- To revert, simply change their group back to another option.
✅ Treatment Tasks Enhancements
You can now interact with treatment tasks on approved risk scenarios without resetting the approval status.- Actions like updating the task status, changing the due date to a future date, assigning an owner, or editing the task title will not affect the approval status.
- However, adding or deleting tasks or changing the due date to a past date will still reset the approval.
The biggest benefit:
You can now quickly spot what’s going wrong with the Secfix Agent or a device’s configuration, and understand exactly why a compliance check is passing or failing — without needing to dig through raw data or guess at root causes.
Here’s what’s included:
- A unified view of device health signals: password manager, disk encryption, antivirus, and screen lock
- Detailed context behind each check — including which app is responsible or - which disk still needs encryption
- Clear display of users and installed apps per device
- Filtering, search, and the ability to flag unassigned computers
- Bulk onboarding reminders
- Deleting a device triggers auto-sending uninstall instructions
We’ve rolled out one of the most requested features —
Risk IDs
— and expanded the “My Tasks”
page to give you a clearer view of your device status.Unique IDs & Shareable URLs for Risk Scenarios
Every risk scenario now has its own unique ID and a shareable URL. This makes it super easy to reference, share, or jump directly to a specific risk scenario.
Device Info on My Tasks Page
Once the Secfix Agent is installed, you’ll now see details about your device directly in the My Tasks page.
Load More
→