Release Notes

Changelog

The latest updates and improvements to Optimux.

v0.3.40

2026-06-11

Login brute-force protection on the agent

Repeated failed authentication attempts against the monitoring agent now trigger an automatic, escalating temporary block, and connection bursts are rate limited. Legitimate access recovers on its own.

TLS 1.3 only

The agent now accepts only TLS 1.3 connections, dropping older protocol versions entirely.

Tighter permission rules

The agent's built-in permission rules were narrowed further, with an extra deny layer on top of the existing allow-list. Defense in depth, no change in what the agent can do for you.

Latest Go toolchain

Rebuilt on the newest Go release to clear three recently published standard-library CVEs affecting TLS and certificate handling.

CVE scans on large servers

Application CVE scans get much more time to finish on heavily loaded hosts - shared servers with hundreds of sites no longer risk cut-off scans and incomplete results.

v0.3.39

2026-05-29

Application CVE scanning

Dependency-level vulnerability scanning from your app lock files - npm, Composer (PHP), PyPI (Python), yarn, pnpm, and bun - matched against OSV.dev, alongside the existing OS package CVE scan.

Project-scoped read-only access

Grant a teammate read-only access to specific projects without organization membership - they see only what you share, and can never make changes.

Deeper DNS scanning

DNS scan now also covers CAA records, nameserver validation, TTL analysis, MX reachability, SPF lookup counting, and record-change detection.

Agent hardening

Agent rebuilt on the latest Go toolchain to clear standard-library CVEs, plus firewall-aware exposed-port detection to cut false positives.

v0.3.32

2026-04-06

Disk I/O utilization monitoring

Full threshold pipeline for Disk I/O - notice, warning, critical levels with chart screenshots in alert notifications.

Stripe billing integration

Self-service subscription checkout, plan upgrades/downgrades, add-on management, and invoice history.

Client dashboard

Full client portal with profile management, billing, plan control, 2FA security, and GDPR data export.

v0.3.20

2025-11-10

DNS security scanning

SPF, DMARC, DKIM validation, RBL checking, CAA records, NS validation, and record change detection.

5-channel alert notifications

Email, Slack, Telegram, Discord, and Webhook notifications with escalation schedules and per-project templates.

Threat detection

Fast-path detection of reverse shells, crypto miners, suspicious processes, and C2 connections.

v0.3.4

2025-01-15

AlmaLinux & Rocky Linux support

Full support for AlmaLinux, Rocky Linux, RHEL, CentOS, Oracle Linux, Amazon Linux, and Fedora.

Enhanced integrity checks

SHA-256 hash verification for security configuration files on startup.

Port monitoring

TCP/UDP port monitoring with banner grabbing and 112 known ports database.