Changelog
What's new in LeakIQ
Recent releases, new connectors, and platform improvements.
- New
Activation checklist
A five-step getting-started checklist now appears on your Command Centre until your workspace is fully set up — connect a system, detect a gap, invite a colleague, close a case, and connect a second system. Progress is tracked live against your workspace data.
- New
First recovery milestone celebration
When your first recovery case is confirmed, a milestone card appears on the Command Centre acknowledging the verified revenue — a clear signal that the platform is working.
- New
Team invite prompt
Once you've connected your first system, a contextual prompt on the Command Centre encourages you to bring a colleague in so recovery work has an owner and an approver.
- New
Onboarding detection email
After your first connector sync completes, LeakIQ emails a summary of detected gaps — including amounts at risk and one-click Recover links — so you can act immediately without logging in first.
- New
Inactivity re-engagement
If your workspace has been quiet for seven days, LeakIQ sends a summary of open gaps and a prompt to return — sent at most once per week per workspace.
- New
NPS pulse at day 14
Two weeks into your evaluation, LeakIQ sends a single-question feedback prompt. Scores are recorded against your workspace and feed directly into our roadmap.
- New
Technical documentation
A comprehensive /technical-documentation page now covers architecture, connectors, authentication, MFA, data handling, encryption, audit trail, GDPR, enterprise SSO, Zapier webhooks, and operational automation — written for tech, IT, security, data, compliance, and legal teams.
- New
api.leakiq.io subdomain
All public API endpoints are now reachable at api.leakiq.io — a clean subdomain that routes cleanly to the underlying /api/* handlers without the double-prefix.
- New
MFA (TOTP)
Workspace members can enrol in time-based one-time password (TOTP) authentication via any authenticator app. Enrolment generates a QR code and 8 one-time backup codes stored in hashed form.
- New
Immutable audit trail
Every platform event — RBAC changes, billing events, SSO configuration, escalations, workflow transitions, roll-out approvals — is written into a tamper-evident hash-chain audit log. Full evidence export available.
- New
Weekly gap report
Every Monday at 8am UTC, workspace admins receive a digest of open issues, estimated value at risk, and recent recovery activity — keeping the team aligned without requiring daily logins.
- New
Trial expiry warnings
Automated emails at 7 days and 3 days before trial end remind workspace admins to upgrade or request an extension before access is restricted.
- New
Zapier webhook integration
Outbound webhooks at api.leakiq.io/integrations/zapier/webhook allow third-party tools to push events into LeakIQ. Includes timing-safe secret verification and deduplication on (connectionId, externalId, eventType).
- Improved
Connector credential encryption
All connector credentials are now encrypted at rest using AES-256-GCM with a 12-byte random IV and a 16-byte authentication tag. Keys are derived from CONNECTOR_CREDENTIAL_SECRET — never stored alongside the encrypted data.
- New
Three-tier RBAC
Workspace access is governed by three roles — Viewer (read-only), Operator (can action cases), and Admin (full control including billing and member management). Role changes are written to the audit trail.
Have a feature request?
Reply to any email from LeakIQ or reach us at hello@leakiq.io. We read everything.
Back to Command Centre →