

Company name Transforms now support AI-generated aliases. Each Transform suggests up to two aliases, helping identify legitimate company references while reducing false positives caused by short or ambiguous names. Customers can accept the suggested aliases or request alternatives.
SharePoint vulnerability detection (CVE-2026-32201)
Breach Risk and Vendor Risk now include vulnerability detection for CVE-2026-32201, a remote network spoofing vulnerability with no available mitigation beyond patching. Customers with SharePoint in their attack surface will see this appear in Breach Risk, and Vendor Risk customers will now see this on their vendors where detection confirms exposure.
Excel export for control templates
Vendor Risk administrators can now export any control template to Excel to share it for review when setting up Security Profile control templates. The file lists each check with its domain, control family, control, and the framework mappings selected for that template.
Expiry reminders for shared resource access
Trust Exchange now emails users seven days before their access to shared vendor assets expires. Users can request an extension from the notification itself.
App access automation workflows for User Risk
Security and IT teams can now automate app access requests and usage reviews in User Risk via Risk Automations. Users can request access to an app directly from the User Risk browser extension, and the automation notifies the admins via Microsoft Teams, Slack, or an ITSM ticket. Administrators can survey selected users about their app usage, sending each user a chat message or ticket through the same connected tools to inform app policy decisions.
Detected vendors from app usage
For customers using both User Risk and Vendor Risk, a new Detected vendors tab in Vendor Risk surfaces the vendors behind approved apps that User Risk has detected in use but are not yet monitored. Security teams can quickly spot coverage gaps and decide which vendors to monitor.
FortiBleed exposure detection
Breach Risk and Vendor Risk now flag assets affected by FortiBleed, a credential-exposure campaign targeting internet-facing Fortinet devices. The risk is raised when a customer's own asset appears on the impacted list, or when a monitored vendor has an asset on it, giving teams fast visibility to prioritize validation and remediation. It is a temporary signal and stays active until 29 July 2026.






