Release Notes Through 2026-7-9

Overview

MCP access for all Partners

MCP Open Access, Admin > AI Preferences menu option is now available to all partners. You no longer need a subscription to access.

Microsoft 365 Inspector: Auto-Remediation Beta Removed

The Auto-Remediation (Beta) feature has been removed from the Microsoft 365 Inspector and is no longer available in the Liongard platform.

As part of this change:

  • Removed the Auto-Remediation (Beta) capability from the Microsoft 365 Inspector.
  • Permanently removed the 10 associated remediation metrics.
  • Permanently removed the 8 Liongard-created alert rules that supported the feature.
  • The feature is no longer visible or accessible within the platform.

Partners who had previously enabled the Auto-Remediation Beta were notified of this change by their Liongard Account Manager before this release.


Veeam Availability Console Inspector Deprecation

The Veeam Availability Console Inspector has been deprecated following Veeam's discontinuation of the Availability Console product in favor of Veeam Service Provider Console (VSPC). The inspector is scheduled for retirement within the next 12 months.

What you need to do

If you're currently using the Veeam Availability Console Inspector, migrate to the Veeam Service Provider Console Inspector as soon as possible to ensure uninterrupted monitoring and continued support after the retirement date.

Impact

  • The Veeam Availability Console Inspector is now deprecated.
  • The inspector will be retired within 12 months.
  • Migrate to the Veeam Service Provider Console Inspector to avoid service disruption and continue receiving updates and support.

ThreatLocker Inspector (Beta)

You can now use the ThreatLocker Inspector (Beta) to gain centralized visibility into your managed organizations' endpoint security posture directly from ThreatLocker. The inspector automatically discovers each organization in your ThreatLocker portal and creates a dedicated child inspection, giving you organization-specific insights without additional configuration.

What you can monitor

The ThreatLocker Inspector collects key security and configuration data for each organization, including:

  • Endpoint inventory (computers and mobile devices)
  • Application Control policies
  • Network Control policies
  • Storage Control policies
  • Detect policies
  • Configuration Manager settings
  • Local administrator assignments
  • Portal users

Benefits

  • Monitor endpoint security across all managed organizations from a single integration.
  • Automatically discover and inventory ThreatLocker organizations.
  • View organization-specific security policies and device posture in separate Liongard Environments.
  • Simplify security reviews, compliance reporting, and operational visibility with continuously collected ThreatLocker data.

Beta: This inspector is currently available as a Beta feature. Functionality may evolve as we continue to enhance the integration based on partner feedback.

Please review our documentation to learn more about this inspector.


Beta: Anthropic Inspector

You can now monitor your customers' Anthropic Console environments directly from Liongard. As organizations adopt Claude-based AI tools, the Anthropic Console becomes a critical system for managing users, API keys, workspaces, and AI spending. The Anthropic Inspector (Beta) helps you maintain visibility into these resources and quickly detect configuration drift or administrative changes.

What You Can Monitor

The Anthropic Inspector collects key governance and operational metrics, including:

  • Organization users and their assigned privilege levels
  • API key inventory, including stale, expired, and expiring keys
  • Anthropic workspaces
  • Seven-day AI usage and spending trends
  • User, workspace, and API key counts

Key Benefits

  • Monitor administrative access by identifying when administrators are added or removed from an Anthropic organization.
  • Improve security hygiene by tracking stale, expired, and soon-to-expire API keys.
  • Gain visibility into AI adoption with workspace inventory and user activity metrics.
  • Track AI spending with seven-day usage and cost reporting.
  • Detect configuration drift across your customers' Anthropic environments alongside the rest of your cloud services.

Beta: The Anthropic Inspector is currently available as a Beta feature. Functionality and collected metrics may expand in future releases based on partner feedback.

Please review our documentation to learn more about this inspector.


Beta: OpenAI Inspector

Monitor your OpenAI organizations with the new OpenAI Inspector (Beta). As more AI-powered integrations rely on OpenAI API keys, service accounts, and projects, you can now gain visibility into the users, credentials, usage, and spending that power your AI workloads—all from within Liongard.

The inspector uses a parent/child discovery model to simplify management. The Parent launchpoint uses your OpenAI Admin API key to discover every Organization you can access. Each discovered Organization becomes its own child launchpoint, where Liongard collects organization-specific data, including members, projects, service accounts, API keys, usage, costs, and project-level configuration. Project information is consolidated into the organization's dataprint, providing comprehensive visibility without creating separate systems for every project.

Beta Features include:

  • Discover all OpenAI Organizations accessible with your Admin API key.
  • Inventory organization members, roles, and service accounts.
  • Monitor API keys, projects, usage, and spending.
  • View project-level members, API keys, and rate limits within each Organization's dataprint.
  • Improve governance of AI platforms by monitoring the identities, credentials, and resources behind your OpenAI deployments.

Please review our documentation to learn more about this inspector.

Visual Insights Pro: Granular Permissions

You can now manage Visual Insights Pro access with role-based permissions through User Access Management (UAM), giving you greater control over who can administer Visual Insights and who has read-only access.

Previously, users with access to Visual Insights had the same level of administrative permissions in the underlying platform. With this update, you can now assign the Visual Insights Admin role to users who need full administrative capabilities, while other users receive Member access with read-only permissions to only the dashboards assigned to them through dashboard groups.

What's New

  • Visual Insights Admin role – The Dashboard Admin option in User Access Management will be renamed to Visual Insights Admin. (This will happen soon on the platform)
  • Automatic role synchronization – Assigning or removing the Visual Insights Admin role automatically updates the user's permissions in the Visual Insights platform.
  • Read-only Member access – Users without the Visual Insights Admin role can view only the dashboards assigned to them through dashboard groups.
  • One-time migration – Existing Visual Insights Staff users are automatically promoted to the new Admin role during deployment as the legacy Staff role is retired.

This release introduces the first phase of granular permissions with Admin and Member roles. Additional role-based capabilities, including more granular permissions for report creation and dataset access, are planned for future releases.

For more information about this update, please review our documentation.


Password Policy Updated to Align with NIST Security Standards

We've updated Liongard's password policy to align with the latest NIST SP 800-63B authentication guidelines, replacing traditional password complexity requirements with stronger, modern protections designed to better defend against compromised credentials.

What's Changed

When creating or updating a password, users are no longer required to include a specific combination of uppercase letters, lowercase letters, numbers, or special characters.

Instead, Liongard now validates passwords by ensuring they:

  • Are at least 8 characters long
  • They are not among the most commonly used passwords
  • Have not appeared in known public data breaches

This approach follows current NIST recommendations, which have shown that blocking weak and compromised passwords provides significantly better protection than enforcing complex character requirements.

No Action Required

This update is automatically applied to all Liongard environments. Existing passwords remain unchanged, and the new validation policy will take effect the next time a user creates or changes their password.

For more information about this update, please review our documentation.


Improved Microsoft 365 User Activity Detection

We've improved how the Microsoft 365 Inspector determines whether user accounts are Active, Dormant, Never Used, or No Activity Found.

What's Changed

Previously, Liongard determined user activity using only Microsoft's interactive sign-in timestamp. This could incorrectly classify active users as Dormant if they remained signed in through modern authentication, refresh tokens, or background services without performing a new interactive sign-in.

Liongard now follows Microsoft's recommended approach by evaluating multiple sign-in activity timestamps to determine a user's most recent activity. This provides a more accurate view of account usage and significantly reduces false-positive dormancy results.

Benefits:

  • More accurate Active and Dormant user classifications
  • Fewer false-positive dormant accounts
  • Better visibility into real Microsoft 365 account usage
  • Improved reporting for security reviews, license management, and identity hygiene

Windows Server Inspector: IIS Data Collection

The Windows Server inspector now automatically collects Internet Information Services (IIS) data from Windows Servers where IIS is installed, giving you greater visibility into your managed web server environments without requiring any additional configuration.

Previously, Liongard collected Windows Server configuration details but did not provide insight into IIS deployments. With this enhancement, IIS information is gathered during the existing Windows Server inspection and is available directly within the Windows Server system view.

What's New

For Windows Servers with IIS installed, Liongard now automatically collects and displays:

  • IIS version to quickly identify deployed web server versions.
  • Application pool and website status to monitor service availability.
  • Active site bindings, including HTTPS/SSL configuration, for improved visibility into web server endpoints.
  • SSL/TLS certificate health and expiration details to help identify certificates that may require renewal before they expire.

This information is displayed in a new IIS tab within the Windows Server system view and is immediately available for metrics, change detections, and Visual Insights queries.


Agent 5.4.1 Phased Release

Release Date: June 22–30, 2026 (Phased Rollout)

Liongard is releasing Agent version 5.4.1 as a phased rollout from June 22 through June 30. This release includes a targeted fix to improve agent stability.

Fixed

  • Resolved an issue introduced in Agent version 5.4.0 where the agent's signature could be incorrectly validated as invalid or expired, causing the agent to go offline unexpectedly.

New Metrics Added to Liongard

We’ve expanded Liongard’s data coverage by introducing new metrics across key systems and integrations. With these additions, we’re giving you deeper visibility into your environments so you can better monitor performance, detect changes, and generate more meaningful insights.

Release at a glance

InspectorNew MetricsFocus Area
Microsoft 3656Identity, privileged access, directory sync
Axcient x360 Recover3Backup recency, vault capacity, cross-inspector hostname join
Cove Data Protection3Backup coverage, M365 workload protection, storage
Veeam Service Provider Console4Service provider backup operations and capacity
Acronis Cyber Protect Cloud4Backup agent presence, storage, multi-tenant visibility, per-device backup status
Datto BCDR8Backup health, offsite sync, appliance metrics, screenshot verification
Fortinet FortiGate4Network interfaces, security licensing, DHCP
Internet Domain/DNS6Email security — SPF, DKIM, DMARC
SentinelOne3EDR server inventory, activity tracking
Active Directory7Password policy, DHCP scope detail, domain identity
Cisco Meraki3VLAN DHCP summary, switch, and AP IP inventory
Cisco ASA4Interface inventory, SSH access rules, licensing, DHCP
Webroot3Site identity, endpoint activity, and deactivation
Windows Server / Workstation10OS build patch-level detail (UBR), IIS site/app pool/certificate monitoring
VMware ESXi2Datastore capacity thresholds, VIB count
Box.com24User identity, storage, sharing exposure, governance
Cisco Umbrella21Users, roaming devices, network deployment, virtual appliance posture
Datto RMM19Device health, AV/patch posture, stale accounts, warranty
Cisco IOS21Device inventory, VLANs, ACLs, security hardening (CIS-aligned)
Google Drive20User posture, shared drives, folder exposure risk
Dark Web Monitoring13Breach exposure, credential theft, stealer log signals
Addigy14macOS device health, security posture, encryption, and MDM
SonicWall4Security zone policy, gateway AV, intrusion prevention, licensing
CrowdStrike Falcon7Sensor health, enrollment coverage, reduced-functionality-mode detection
Sophos Central6Endpoint and server inventory, protection coverage, product presence
JumpCloud21User MFA posture, system inventory, SSO, RADIUS, disk encryption
StorageCraft SPX24Backup job health, image chain integrity, encryption, retention, disk usage
Ubiquiti UniFi22Device inventory, firmware compliance, WLAN security, admin access, VLANs
Total286

Click this link to view the list of our [new metrics]


Minor Updates and Bug Fixes

Platform and Gen AI Minor Updates and Bug Fixes

  • Improve metric evaluation performance across the Liongard Platform.
  • Improved Liongard MCP tool parameter-level descriptions to optimize token usage.
  • MCP tools now return data exclusively from AI-Enabled environments, ensuring that partner data is properly scoped.
  • MCP Clean up - Resolve issue with SSE connections and session handling.
  • Resolved an issue with the Liongard Agent dashboard where the offline agent count on the tile did not match the agents shown on the Offline Agents listing page.
  • Updated the password reset page to match the styling of the rest of the login flow, providing a consistent experience across all login screens.
  • Improved AI Search Stability: Added input size limits to search requests to prevent oversized queries from impacting search performance and reliability.
  • Fix the issue with the bulk actions menu to display the correct options after enabling AI usage.
  • Enhanced Roar Assistant with the ability to export the last response in HTML, Markdown, CSV, Word, Excel, and PDF formats.
  • Improve AI logic to reference the related assets table(s).
  • MCP security refinement to ensure tokens are properly scoped by environment groups.
  • Fixed UI issues in the HaloPSA asset type Edit Mapping table, where the Overwrite column's search and filter controls and the page size dropdown were missing. They now display and work as expected.

Integration and Inspector Minor Updates and Bug Fixes

  • Actionable Alerts
    • Resolved an issue in the Windows Server and Windows Workstation inspectors that caused false change alerts for server name and processor name when those fields returned empty values in the inspection payload.
    • The Remediation actionable alert template and M365 auto-remediation toggle are now disabled by default for all new partner instances. Partners must explicitly enable remediation to ensure no automated system changes occur without intentional configuration.
  • Active Directory
    • Fixed an issue in the Active Directory inspector where Domain Name and Domain Mode were missing from the System Details page.
  • Asset Inventory
    • Fixed an issue where inspector icons in the Related Systems column of the Asset Inventory table appeared visually clipped or truncated. Icons now render fully within the column boundary regardless of the number of inspectors associated with a row.
    • The Asset Inventory table now defaults to displaying items in Inventory state first, followed by Discovery, then Archive. Previously, Archive items appeared at the top of the table on every page load, requiring manual re-sorting to see active inventory.
    • Resolved an issue with the Asset Inventory where devices from different sources with logically equivalent hostnames were incorrectly treated as separate devices, resulting in duplicate entries.
    • Fixed an issue where exporting data from the Asset Inventory > Identities and Accounts table was limited to 1,000 rows regardless of the total record count. Exports now return all available records.
  • BitLyft
    • Fixed an issue where the Cases tab on the BitLyft Inspector displayed an 'Oops!' error instead of loading cases data.
  • Cloudflare
    • Fixed an issue where Cloudflare A-record data could intermittently appear empty between inspection runs, causing false change detections and spurious alerts even when the DNS record had not changed. A-record data is now consistent across inspection runs.
  • Dark Web Monitoring
    • Fixed an issue that caused Dark Web Monitoring inspections to time out. Inspections now correctly surface a setup error when required configuration, such as monitored email addresses, is missing instead of running indefinitely.
  • Domotz
  • Duo
    • Updated the Duo Security inspector to use the Admin API after Duo deprecated the Accounts API on June 11, 2026. New partners can now configure the Duo Security parent inspector and auto-discover child accounts without requiring a Duo Accounts API application.
  • Fortinet FortiGate
  • Halo PSA
    • The HaloPSA integration now uses a parent/child structure that monitors each of your HaloPSA customers/sites individually, providing more accurate per-customer asset visibility.
    • Liongard now automatically syncs inventory changes to HaloPSA only when relevant asset data has actually changed, keeping your HaloPSA assets up to date without unnecessary processing.
    • Added back-end support for storing HaloPSA asset type fields and their mappings to Liongard Asset Inventory fields, powering the new field-level mapping experience.
  • Hyper V
    • Fixed an issue in the Hyper-V inspector where the OperationalStatus field was returned as a numeric value instead of a human-readable status (e.g., "Offline").
  • Inspectors
    • Fixed an issue where an inspector remained visible on the environment page and system page after being disabled.
  • Internet Domain
    • Removed unreliable WHOIS contact fields from the Internet Domain/DNS inspector. Domain lifecycle fields (registrar, creation date, expiration date, and last updated) are preserved.
    • Fixed an issue where the Internet Domain/DNS inspector generated repeated false-positive SPF record change alerts due to inconsistent record ordering.
    • Fixed an issue where the Internet Domain/DNS inspector could incorrectly report a valid DKIM record as invalid.
  • Metrics
    • Fixed a regression where the Metrics API incorrectly returned NoDataReturned for metrics with array-type fields in their JMESPath query.
  • Microsoft 365
    • Fixed an issue where querying the Microsoft 365 Users (VI) metric in Data Print returned incomplete results.
    • Fixed an issue in the M365 inspector where the Users Active Last 30 Days metric on the Assets dashboard displayed inconsistent or missing results across environments. The metric now accurately reflects active user counts.
  • Network Discovery
  • NinjaRMM
    • Fixed an issue where the NinjaRMM inspector failed with a 400 error when retrieving the last-logged-on user for certain devices. Inspections now complete successfully across all affected environments.
  • Roar Inspector
  • SonicWall
  • Sophos XG
  • Ubiquiti Unifi
  • Veeam SPC
    • Resolved an API version compatibility issue with Veeam Service Provider Console (VSPC) v8.1.x that caused inspections to fail with a 400 "UnsupportedApiVersion" error. The inspector now correctly handles API version negotiation for VSPC instances running v8.1.0 and later.
  • Watchguard
    • Fixed an issue where the WatchGuard inspector could fail or get stuck mid-run, preventing inspection data from completing successfully.
  • Windows Server/WorkStation
    • Fixed an issue in the Windows Server inspector where Application Events, Security Events, and Available Updates appeared as empty fields in inspector results. These unsupported data points have been removed from the inspector output to prevent misleading display.
    • Added full OS build number support, including UBR, to the Windows Server and Workstation inspectors. The OS build now displays as Major.Minor.CurrentBuild.UBR for patch-level visibility between cumulative updates.
    • Resolved an issue with the Liongard Agent where installing version 5.3.1 failed during the registration phase with an "agent version is not supported" error.
    • Enhanced the Windows Server and Windows Workstation inspectors with new configuration options to include or exclude active, inactive, and orphaned local users, ensuring direct members of the local Administrators group are accurately reported.
    • Resolved an issue with the Windows Server and Windows Workstation inspectors where warranty data failed to populate for certain Dell systems due to the serial number being returned in a composite format that did not match the expected warranty lookup value.

Visual Insights Minor Updates and Bug Fixes

Features

  • No new features

Improvements.

  • No Improvements

Bug Fixes

  • Resolved an issue in Visual Insights where users with valid dashboard permissions were unable to access the View All Dashboards view because their accounts weren't automatically provisioned for dashboard access.


Did this page help you?