Newsletter - June 2026

June was all about giving you tighter control over who can reach your account and much richer visibility into what happens inside it. Here's everything we shipped.

Single Sign-On with SAML 2.0 - Beta 🪪

You can now sign in to Report URI through your own identity provider. We've added federated authentication built on SAML 2.0, so organisations using Okta, Microsoft Entra or any SAML IdP can wire it up, verify the domains they own and have their whole team sign in via SSO - with the option to enforce it and a break-glass code for recovery if anything ever goes wrong. It's rolling out now behind a beta flag, so if you'd like SSO enabled on your account, reach out to support@ and we'll get you set up.

Lock down account access by IP address - Beta 🔒

We've added two new ways to restrict access to the networks you trust. You can now define a list of allowed IP addresses or CIDR ranges for team access, so anyone reaching one of your teams from an unexpected address is dropped back to their own personal account. We've also added per-key IP allow-listing for API and MCP access, so a key can be pinned to the addresses you expect it to be used from and rejected everywhere else. Both are configured from your Account Settings and are available in beta - reach out to support@ if you'd like them switched on.

Richer, SIEM-ready audit logging 📋

Following on from our Audit Trail to Webhook, we've pushed the audit log further towards SIEM-export standard. Every event now records the requester's IP address, exporting report data is itself logged as an event, and your team and personal trails are cleanly separated. The audit log API now supports pagination for pulling large trails a page at a time, and the request IP is included in both the API responses and the webhook payloads we push to your SIEM.

A new "Suspicious" threat-intelligence tier 🟠

Alongside the confirmed Indicators of Compromise we already flag, we've added a second, lower-confidence tier: Suspicious. These are hosts we're actively tracking on a curated watch-list but can't yet confirm as hostile, shown as an amber badge - versus the red of a confirmed signal - across your CSP, CSP Integrity and Integrity Policy reports. It gives you an earlier heads-up on things worth keeping an eye on, and it flows into your Daily Threat Intelligence digest automatically.

See every watcher's status at a glance 🗂️

The Watch dashboard now shows the status and alerting setup of each watcher right on its row. You'll see at a glance whether a watcher is Active, At capacity or Broken, along with which alert channels are switched on - so you can spot a broken or misconfigured watcher across all of your Watch products from a single screen.

Connection Allowlist reports - Beta 🧩

We've added support for a new browser report type: Connection Allowlist. It ingests Chrome's new Connection Allowlists origin trial reports, letting you monitor the network connections your pages attempt alongside your other policies. It's available now behind a beta flag - reach out to support@ if you'd like to try it during the origin trial.

Download your archived scripts 📦

For customers using JavaScript Integrity Monitoring, where we archive copies of the JS assets loading on your site, you can now download the archived copy of a script directly from a CSP Integrity report row. It's the first step in surfacing the archive in the UI, making it easy to grab and inspect exactly what was loading at the time a report was generated.

A dark theme for your dashboard 🌙

By popular demand, your account dashboard now has a dark theme. It follows your operating system's appearance by default, and a new Light / Dark / Auto toggle in the header lets you pick whichever you prefer - your choice is remembered for next time.

Policy issues, right on your CSP reports 🧠

Building on the deeper CSP analysis we've been adding, your CSP reports now highlight risky hosts found in the policy itself. We check your policy against our threat-intelligence data and flag any Indicators of Compromise or areas of Policy Concern directly on the report, with the specific hostnames listed in the expanded view.

Behind the scenes 🛠️

Not everything we ship is visible on the surface. This month we completed a major re-architecture of the platform, moving the last of the application onto a modern framework for better performance and maintainability, and rebuilt our EU infrastructure. There's nothing for you to do - just a faster, more reliable Report URI built on stronger foundations.

June has been a big month for locking things down and giving you deeper visibility, and it sets the stage for plenty more on the enterprise and security front through the rest of the year. As always, if you have any ideas or feedback, please do let me know, and if you'd like to join the SSO, IP allow-listing or Connection Allowlist betas, or any of our other beta features, reach out to support@ to get involved!

Scott Helme,

Founder.