Methodology v1.3.0
Methodology changelog
Every release that affected scan output. Use this to compare an old report against today's methodology, or to evidence what changed for a procurement review.
Older Vantyris reports carry the methodology version in their footer. Cross- reference that version with the matching entry below to know what the scanner could and could not see at the time. Methodology decisions are documented in /methodology.
2026-05-25
Subdomain enumeration (passive)
v1.3.0
Added
Verified scans now include a passive subdomain-discovery pass via Certificate Transparency logs (crt.sh) plus a curated wordlist. Discovered hosts get a DNS A-lookup; only resolving names appear in the report.
- New scanner module: subdomains (12 in-process modules now, was 11).
- Output is capped at 100 hosts; wildcard A records surface a separate finding.
- Sensitive labels (admin, dev, staging, internal, etc.) emit a Medium-severity finding citing the staging-on-public-internet risk.
- Attack Surface Map gains a Subdomains block.
2026-05-25
Premium report transformation (S1-S4)
v1.2.0
Extended
Verified-scan reports gain six new sections: Top Actions, Score Breakdown by Category, Attack Surface Map, Business Risk View, Fix Roadmap, and Methodology. Server-rendered branded PDF replaces the browser-print fallback. CSV gains category / owner / effort / roadmap_bucket columns.
- Findings now carry typed category (9 axes), owner (7 values), effort (6 values).
- Eight new in-process scanner modules: DNS depth + DNSSEC + RDAP, email depth (DKIM/BIMI/MTA-STS/TLS-RPT), cookies, tech fingerprint, privacy/GDPR, reputation (Safe Browsing + RBL), supply chain (SRI), sensitive-file exposure (verified-only).
- ~95 new authored remediation entries (total ~180).
- New PDF outputs: full report, per-finding work order, Compliance Readiness one-pager.
2026-05-24
Workflow + Cyber Essentials alignment + sharing
v1.1.0
Extended
Findings gain workflow state (open / fixed / accepted / ignored / assigned), assignee email, due date, and threaded comments. Cyber Essentials A1-A5 alignment section ships. Public share links and trust pages go live.
- Finding cards show workflow controls.
- /share/<token> public viewer in three modes: full, executive, redacted.
- /trust/<slug> public trust page with controls-in-place matrix.
- Continuous monitoring enrollment with weekly re-scan and alert email.
- Workspace API keys + read-only /api/v1/* endpoints.
2026-05-23
Initial release
v1.0.0
Added
Four in-process modules - TLS handshake, HTTP security headers, DNS hygiene, email authentication (SPF + DMARC). Editorial scan-report renderer with gauge + radar + plain-English executive summary. 80 authored remediation entries.
- Teaser: TLS + headers only (free).
- Verified: 4 modules behind ownership verification.
- Severity-floor scoring (SSL Labs-style): worst finding caps the grade tier.
Versioning policy
We use semantic versioning at the methodology level. vMAJOR.MINOR.PATCH:
- MAJOR bumps when a finding category is removed or the scoring model changes such that historical reports cannot be directly compared.
- MINOR bumps when a new module ships or a new category of finding becomes possible.
- PATCH bumps for tuning, false-positive fixes, or curated-list refreshes that don't change the surface shape.