Doing More of the Work

Prioritizing remediation. Connecting proof. Reducing operational friction.

Last month we said we were investing in security operations, where the platform identifies the fix, dispatches it, verifies it worked, and captures the proof in one closed loop. May is the first concrete down payment on that promise. Not full autonomy, not yet. But the start of something specific: the platform doing more of the connective work for you.

Here's the shift this month. Open a Telivy assessment and the first thing you now see is a Top Actions table that ranks remediation steps by their projected impact on a client's CIS score. The highest-leverage fixes surface ahead of everything else, rather than a flat list to triage manually. Click into a Microsoft 365 policy gap and the Policy Inspect drawer pulls together recommendations, CIS references, Microsoft's own documentation, and admin portal navigation in one panel. If a finding can be fixed from the interface, a "Fix Available" badge shows up in the severity column, and fixable findings sort to the top. Different work, same intent: the distance between knowing what's wrong and resolving it gets shorter every release.

For partners running multi-framework compliance engagements, Crosswalk Review (Early Access in Telivy) extends the same connective work into the compliance side. When a client is being measured against CMMC, HIPAA, and CIS at the same time, Crosswalk Review maps your completed answers from one framework to related controls in the others. You answer once, you apply across many. Pair this with the Evidence Locker in Tentacle, now in production rollout, and the loop from assessment to remediation to defensible proof gets meaningfully tighter.

Behind the scenes, the next big Tentacle bet is active: Cyber Insurance Risk Management and Monitoring. It takes the messy, manual cyber insurance questionnaire (often dozens of pages on multifactor authentication coverage, backup posture, endpoint security deployment, training cadence, and more) and turns it into a continuously monitored mapping between insurance carrier requirements and the Telivy and Tentacle evidence already in place. More on that as we get closer.

The through-line for 2026 remains: Assess. Prioritize. Remediate. Prove. May's contribution sits squarely in Prioritize > Remediate. Every release deepens the loop, and every loop closure is more work the platform does for you instead of work that falls on your team.

Here's what we shipped over the last month.

Product Updates

Telivy: Smarter Prioritization, Faster Remediation

This is the Telivy that gets sharper every month, less about what's wrong and more about what to do next. May's release set is the first installment of a broader prioritization and guided-remediation layer that lands across Q2.

What We Just Delivered

• Top Actions Table on the Overview Tab (GA). The Telivy Overview now leads with a prioritized table that ranks remediation steps by their projected impact on a client's CIS score. The first thing your tech sees on a client assessment is the highest-leverage fixes, not a flat list to triage manually.
• Tabbed Vulnerability Views and Multi-Sheet Excel Export (GA). The Threats and Vulnerabilities dashboard now organizes risk across three lenses: endpoint, user, and Common Vulnerabilities and Exposures (CVE). Vulnerability exports generate a multi-sheet Excel workbook with separate views for each lens. A richer client reporting artifact than the previous flat CSV.
• Endpoint Security Monitoring (GA). A new Endpoints tab in Inventory shows antivirus, firewall, and disk encryption status across managed endpoints. The Overview tab also includes a new Endpoint Security summary card with monitored endpoint counts and coverage percentages, so coverage gaps surface at a glance.
• Crosswalk Review (Early Access). When a client carries overlapping compliance obligations, Crosswalk Review maps completed answers from one framework to related controls in others. Partners review proposed mappings, accept or reject them, and apply answers across frameworks rather than re-entering them manually. Pair this with Framework Similarity Scores (also new this month) for a complete multi-framework view.
• Microsoft 365 Policy Inspect Drawer (Early Access). The Policy Inspect drawer now collects recommendations, CIS references, Microsoft documentation links, and admin portal navigation in a single panel. Combined with automatic policy ingestion on connect, inline recommendations beneath each policy name, and a post-connect Remediate call to action, partners move from "Microsoft 365 connected" to "policy fixed" with far fewer clicks.
• Fixable Findings Sort to Top (Early Access). On the Risk tab, findings with automated remediation available now sort to the top with a "Fix Available" badge promoted within the severity column. Partners see what they can act on directly.
• Microsoft 365 Reporting on Security Defaults Tenants (Early Access). Microsoft 365 multifactor authentication (MFA) enforcement and legacy authentication blocking now report correctly on tenants where Security Defaults are enabled. Eliminates false positives on smaller client environments using Microsoft's baseline.
• Microsoft 365 Overview Remediation Visibility (GA). The Microsoft 365 Overview dashboard now shows a reliable count of available automated fixes and the potential score uplift if those fixes are applied. The signal partners need to triage where automated remediation will move the needle.

Reliability Improvements

• Browser password results sort by whether passwords exist rather than by nickname, so accounts with stored credentials surface first.
• Cloud token health checks are more reliable, with improved token refresh handling and clearer disconnect emails explaining why reconnection is needed.

Why This Matters

The Top Actions table makes the highest-leverage fix the first thing your tech sees on a client assessment. The Microsoft 365 Policy Inspect drawer collapses what used to be a multi-tab research project into a single workflow. Crosswalk Review turns "fill out five questionnaires" into "fill out one, map to five." Each of these shaves real time off the work between finding a risk and resolving it.

If you're running compliance programs across regulated verticals, Crosswalk Review and Framework Similarity Scores together change the economics of multi-framework work. Pull these together with the Evidence Locker in Tentacle (now in production rollout) and the loop from assessment to remediation to defensible proof gets meaningfully tighter.

Tentacle: Evidence Locker Rolling, Insurance Risk Management Coming

The Evidence Locker we announced in April is now in production rollout. Partners using compliance-as-a-service in healthcare and financial services are beginning to populate live evidence timelines, with Telivy scans flowing into source-attributed evidence snapshots and 90-day compliance heatmaps lighting up across client workspaces. If you have not yet had the conversation with your partner manager about wiring it into your existing client programs, this is a good month to do it. The depth of the timeline grows with every weekly Telivy scan, which means partners who start in May will be sitting on three full months of source-attributed, auditor-ready evidence by August.

Behind the scenes, the next major Tentacle capability is moving: Cyber Insurance Risk Management and Monitoring.

This is the surface that takes a client's cyber insurance application questionnaire (often dozens of pages full of questions on multifactor authentication coverage, backup posture, endpoint security deployment, training cadence, and dozens of other controls), ingests it, maps each question to the underlying Telivy and Tentacle controls that already have evidence, and surfaces a continuously updated compliance picture against the carrier's specific requirements. The bet: most MSPs are answering insurance questionnaires manually today, often inaccurately, with no continuous monitoring of whether the answers stay true between renewals. Tentacle plus Telivy can change that.

Why This Matters

The Evidence Locker's value compounds with time. Every additional week of scan data is another week of evidence in the timeline. For service lines tied to regulated verticals, the timeline is the differentiator. And as cyber insurance carriers increasingly demand continuous attestation rather than annual paperwork, the Tentacle + Telivy story becomes the cleanest answer in the MSP market.

If compliance-as-a-service or cyber insurance support is a service line you're building, reach out to your partner manager to walk through how to wire Evidence Locker into existing client programs and how to be on the early access list for Cyber Insurance Risk Management when it lands.

ControlOne: Fail-Open Tuning and Portal Polish

ControlOne in May continued the polish trajectory, with one substantive shift around fail-open configurability that is worth calling out for partners managing larger or more uptime-sensitive deployments.

What We Just Delivered

• Configurable Fail-Open Sensitivity with Presets (GA). Fail-open sensitivity can now be configured at the bridge and tenant levels using preset options of 30 seconds, 2 minutes, or 5 minutes. Each preset applies appropriate health check intervals and thresholds. Advanced settings (probe intervals, probe counts, timeouts, recovery thresholds, and custom health check endpoints) are also exposed for environments that need finer tuning. Combined with the configurable fail-open triggers shipped in March, partners now have meaningful control over how a bridge behaves when connectivity disruptions occur.
• Site Zone Failover Control (GA). Site zones can now be disabled during failover, giving partners tighter management of traffic behavior during network events.
• License Usage on the Users Page (GA). Agent license consumption now appears directly on the Users page. Partners can review allocations, identify overprovisioning, and manage consumption without leaving the portal.
• Site Zone Bridge Assignment Indicators (GA). The Zones page now displays a visual indicator on site zones assigned to bridges, even when devices are not connected. Bridge assignments are identifiable at a glance rather than by cross-referencing configuration records.
• Resizable Admin Columns (GA). Columns in the admin section of the portal are now resizable, so partners can surface more record detail directly in table views.
• AI Traffic Category Support (GA). Web filtering and application filtering now support a Fortigate AI category labeled "Artificial Intelligence (AI)." Partners gain visibility into AI-related traffic and can apply fine-tuned filtering policies as their clients adopt more AI tools.
• Teleport Search Restoration (GA). The Teleport page search field now retains input as partners type, restoring live filtering for zone searches.
• Portal Modernization Continues (GA). Legacy portal pages have been updated with the current ControlOne theme and modern table components. Gateway usage displays for Unity Platform partners now show total allowed gateways at a glance rather than a separate minimum gateway count.
• Access Permission Correction (GA). Users without partner tenant admin permissions now see the correct portal views for their access level rather than being redirected incorrectly.

Reliability Improvements

• Tunnel encryption settings now display correctly on the VPN connector configuration page when GCM encryption is in use, preventing misinterpretation during setup.
• API performance is improved across connector, IPsec NAT, FWaaS, and device posture check endpoints, resulting in quicker portal interactions and more efficient automation.
• Bridge websocket reliability is improved, so bridges receive configuration updates consistently without errors.

Why This Matters

Fail-open configurability is the substantive headline. The fail-open story across March (configurable triggers), April (state preservation through migration), and May (preset sensitivity options) gives partners progressively more control over recovery behavior rather than forcing every deployment into the same defaults. License visibility, zone indicators, and admin column flexibility are the kinds of operational improvements that do not make headlines but remove daily friction across the portal.

A Quick Look at What's Ahead

• Cyber Insurance Risk Management lands in Tentacle. As called out above, this is the bet that takes the messy, manual cyber insurance questionnaire process and turns it into a continuously monitored mapping between insurance requirements and Telivy plus Tentacle evidence. Active build now, with Early Access conversations starting soon.
• Telivy's prioritization layer continues to harden. Risk-based prioritization, custom security reports, and security gap action plans remain on the Q2 roadmap. The Top Actions table and Crosswalk Review released this month are the first installments of a larger "what to do next" intelligence layer.
• The Evidence Locker grows up. Audit package export, cross-framework evidence mapping, and the "Continuously Monitored" certification badge are in active design, building on the V1 surface released in April.

The through-line for 2026 remains: Assess. Prioritize. Remediate. Prove. Every release deepens that loop. May's contribution is in the Prioritize > Remediate segment, with the platform handling more of the connective work that used to fall on your team.

Visit releases.cytracom.com for more details on these and other updates. You can also subscribe there for real-time updates as releases are shipped.

Upcoming Events: Let’s Connect

We’re looking forward to connecting with partners and peers at several industry events this summer. If you’ll be attending any of the events below, we’d love the opportunity to meet and catch up in person.

• Pax8 Beyond | June 7-9 | Salt Lake City
• Huntress Roadshow | June 11 | Atlanta
• Rewst FLOW | June 23-25 | Nashville
• XChange Security | July 15-17 | Dallas
• TruPeer | July 20-23 | Virtual
• TMT Producers Club | July 23-34 | Nashville
• ChannelCon | August 3-5 | San Diego

Attending Pax8 Beyond? Let us know! We’d love the chance to meet up, say hello, and connect with our valued partners while we’re all in Salt Lake City.

Join Our Q2 Product Update Webinar

What’s new across the Cytracom platform, and what’s coming next? Join our executive leadership team on June 17 for a Q2 Product Update Webinar featuring the latest updates across Telivy Assess, Telivy Monitor, Tentacle, ControlOne, and UCaaS, plus a look ahead at the innovations shaping the future of MSP service delivery.

Register now to reserve your spot.

TeamLogic IT Exclusive

Limited-Time Offer: Get One FREE Month of Tentacle + Telivy Monitor

Only available through June 30, 2026.

Compliance pressure is increasing, client expectations are rising, and manual tracking is not scalable. This exclusive TeamLogic IT offer gives you a faster way to deliver ongoing risk visibility, structured compliance management, and reportable security insights without adding more operational overhead.

For a limited time, deploy Tentacle Compliance Management for an end customer and receive one additional month of Telivy Monitor free.

Why This Matters

Most clients are still relying on spreadsheets, point-in-time assessments, and inconsistent reporting. Tentacle and Telivy Monitor help you deliver a more continuous, defensible approach to compliance and security monitoring that strengthens trust and creates higher-value recurring services.

Included in the Offer

• Tentacle Compliance Management
  Automate evidence collection, simplify insurance workflows, and map controls across frameworks.
• Telivy Monitor
  Continuously monitor vulnerabilities, detect security drift and control changes, and validate posture over time with clear reporting.

Don’t wait. Claim your free month before the offer ends.

Supporting Your Success

At Cytracom, we’re committed to helping you stay informed, supported, and equipped to better serve your clients and grow your business.

As the needs of MSPs continue to evolve, we want this newsletter to deliver practical insights and resources that are relevant to your day-to-day operations, customer conversations, and long-term goals.

If there’s a topic, challenge, or business conversation you’d like us to cover in an upcoming edition, send us a note at swise@cytracom.com. We’d love to hear what would be most valuable to you and your team.

Thank you for your continued partnership and leadership within the TeamLogic IT community.

— The Cytracom Team