· intuitem · News · 2 min read
What's New in CISO Assistant — Week 01, 2026 (v3.9.1)
Kicking off 2026 with session security hardening after 2FA enrollment, audit performance improvements, and better implementation group handling.
Happy New Year! CISO Assistant v3.9.1 lands in the first week of 2026 with a focused set of security and performance improvements.
Security & Authentication
Session revocation after 2FA enrollment — Previously, enabling two-factor authentication on your account did not invalidate existing sessions. This meant that an attacker who had already compromised a session could keep using it even after you strengthened your login. Starting with v3.9.1, all active sessions are revoked the moment 2FA is enabled, forcing every device to re-authenticate with the new second factor.
Additional improvements have also been made to the Identity & Access Management (IAM) subsystem, tightening internal guardrails around user and permission handling.
UX Improvements
Extended result donut respects implementation groups — The compliance donut chart in extended-result mode now correctly follows the selected implementation group, so the visual summary matches the filtered scope you are actually reviewing. This is particularly useful for frameworks like CIS Controls where implementation groups define progressive maturity tiers.
Performance
Faster audits — Audit loading and rendering received targeted performance work, reducing wait times when opening or navigating large compliance audits.
Quality & Testing
A new CI/CD test has been added to validate the enterprise backup/restore workflow inside the community edition, ensuring that data portability remains reliable across releases.
For the full list of changes, see the v3.9.1 release on GitHub.
