Vertex SystemsGet started

Changelog

Vertex Systems changelog

Every release, what changed and why it matters. New Apollo capabilities, Constellation building blocks, Nightwatch detectors, and platform hardening.

Get started See how it works
SOC 2-alignedHIPAA-readyRBAC + auditWindows endpoints

The closed loop: incidents, Autopilot, and auto-escalation

v2.3.0 released 2026-06-07. The loop tightens. Real-time alerts and scheduled findings converge into one incident view, recurring fixes become self-healing rules in one click, and critical findings open their own tickets. Deeper security posture detection and new remediation building blocks round out the release.

  • Added: Incidents: one ranked view that correlates real-time Apollo alerts with scheduled Nightwatch findings per host, so you triage by machine instead of by noise. Ask Apollo "what is broken" or open any host to see the full signal timeline.
  • Added: Apollo Autopilot: after diagnosing a recurring issue, ask Apollo to turn the fix into a standing auto-remediation rule. One click creates it, with the blast radius and risk cap spelled out. New rules start disabled for review.
  • Added: Auto-escalation to tickets: Nightwatch can open a ticket automatically for each new critical finding, deduplicated per finding and linked to the endpoint. Off by default, with a single switch in Nightwatch settings.
  • Added: New Constellation remediation building blocks: restart an endpoint, clean up disk space, set a registry value, and disable or run a scheduled task. Each is approval-friendly and fully logged.
  • Added: Apollo can now read installed certificates on an endpoint and flag anything nearing or past expiry.
  • Added: New Nightwatch detectors for low space on secondary volumes and runaway processes that pin CPU or memory.
  • Improved: Microsoft Defender findings now carry a one-click, approval-gated fix to re-enable real-time protection or refresh signatures.
  • Security: New security posture detectors across the fleet: expiring certificates, unmanaged devices with no Entra ID, Intune, or domain join, exposed network services, and BitLocker encryption drift.

Multi-tenant for MSPs, employee self-service, and live forensics

v2.2.0 released 2026-06-06. Vertex now runs at MSP scale: manage many isolated client tenants from one partner console. Employees can safely resolve their own device issues through Apollo without opening a ticket. Apollo also gains live forensic tools, Nightwatch gains new detectors, and Constellation gains new building blocks that turn detection into governed response.

  • Added: Multi-tenant for MSPs: manage many client organizations from one partner console, with a live roll-up of endpoints and alerts across clients. Step into any client to work inside it, then step back out. Each client stays a fully isolated tenant, and partner access is bounded to the clients you manage and re-checked on every request.
  • Added: Apollo Self-Service: give employees a safe slice of Apollo for their own assigned device, with read-only health, a short list of IT-approved one-click fixes, and a clean escalation to a ticket for anything else. Employees cannot run free-form commands and only ever see their own machine. Tenant admins choose which fixes are allowed, set per-user limits, and see exactly who used it, with every conversation and action logged.
  • Added: New live, read-only Apollo forensic tools: pull a one-shot endpoint evidence bundle, check pending-reboot state, review Windows Update history, and run service forensics (recent failures and crashes for a named service).
  • Added: New scheduled Nightwatch detectors for patch debt (endpoints falling behind on updates), service flapping (a service that keeps restarting), and security posture drift (protection turned off or weakened).
  • Added: New Constellation building blocks: start a workflow from a Nightwatch finding, collect a diagnostic evidence bundle as a step, and open a ticket as an action, so detection flows straight into a governed, logged response.
  • Security: The new multi-tenant and self-service surfaces were penetration-tested before release. Cross-tenant isolation, bounded partner access, per-user device scoping, and the fixed safe-action allow-list were verified and hardened.

Endpoint diagnostics, log triggers, and platform hardening

v2.1.0 released 2026-06-05. Microsoft diagnostic tools come to the whole platform: see why a Windows upgrade failed, surface unsigned autostarts, and scan for unsigned binaries from Apollo, Constellation, and Nightwatch. The day also brings log-file automation triggers, per-trigger cooldowns, and a leaner edge runtime.

  • Added: Endpoint diagnostics powered by Microsoft SetupDiag and Sysinternals. Find out why a Windows feature update or upgrade failed, enumerate everything that auto-starts and flag the unsigned entries, and scan a folder for unsigned executables. Each tool is downloaded on demand and signature-verified before it runs.
  • Added: Run diagnostics wherever you work: ask Apollo in plain language, drop a diagnostic step into a Constellation workflow, or let Nightwatch run them on a schedule and open findings for you.
  • Added: New Nightwatch detectors for unsigned autostart entries (a common persistence technique) and failed Windows upgrades.
  • Added: Log file match trigger: watch a file or glob (e.g. C:\ProgramData\App\logs\*.log) for a string and fire when a matching line is written. Contains, exact, or regex matching, case sensitivity, tail-new vs scan-existing, and surrounding context lines in the event.
  • Added: Per-trigger cooldowns on every agent trigger: throttle a repeating condition (the same error line, a flapping service) to at most one workflow run per window.
  • Changed: The visual automation builder is now Constellation.
  • Added: A public, versioned changelog (this page).
  • Improved: Re-architected the Cloudflare edge worker from a single oversized module into focused, independently-testable modules. Cold starts stay in the low single-digit milliseconds.
  • Security: Centralized request-identity resolution and re-verified cross-tenant isolation across every route during the re-architecture.

Multi-OS, autonomous operations, and a security audit

v2.0.0 released 2026-06-04. Linux endpoints join Windows as first-class citizens, two operational features arrive (the Nightwatch scheduled scanner and opt-in Auto-heal), and the platform completes a white-box penetration test with a published security whitepaper.

  • Added: Linux endpoint support: a cross-compiled agent with a systemd service and a one-line installer (curl | sudo bash). Constellation triggers and remediation run on Linux too.
  • Added: Nightwatch: per-org scheduled fleet scans across a suite of detectors (resource saturation, disk-fill forecasting, SMART failures, slow boot, failing or suspicious scheduled tasks, stale policy, crash loops, stale agents, and more).
  • Added: Fingerprint de-duplication with an open, then continuing, then auto-resolved finding lifecycle, plus per-host incident correlation.
  • Added: Nightwatch portal tab with findings triage. Off by default, with per-org configurable cadence and sensitivity.
  • Added: Auto-heal policy engine: pre-authorized, risk-capped, blast-radius-budgeted fixes apply automatically. High-risk actions never auto-apply, and everything is audited.
  • Added: Auto-heal settings with a dry-run simulator so you can see exactly what a policy would do before enabling it.
  • Added: Nightwatch findings can hand off directly to Auto-heal for closed-loop remediation (for example, OS-aware disk cleanup before a drive fills).
  • Added: Public knowledge base and an enterprise security whitepaper, readable without signing in.
  • Security: White-box penetration test and hardening: tenant isolation, gated RBAC-controlled approvals (the requester is never the approver), SSRF protection on outbound webhooks, signed inbound webhooks, privileged-write path guards, and full security headers (HSTS, CSP, nosniff).

Self-serve onboarding & billing

v1.5.0 released 2026-05-21. Sign up, pick a plan, pay, and get a workspace provisioned automatically, then a guided wizard walks you through installing your first agent.

  • Added: Self-serve signup with Stripe Checkout, a plan catalog, and automatic org + admin provisioning.
  • Added: Guided onboarding wizard: generate an enrollment key, copy the install one-liner, and watch your first endpoint come online.
  • Added: Billing & usage settings: plan, status, usage meters against entitlements, and invoices.

Constellation: visual automation builder

v1.4.0 released 2026-05-07. Build trigger → action workflows visually on a canvas, or just describe what you want and let Ask-AI assemble it for you.

  • Added: Constellation: a drag-and-drop canvas to wire triggers to actions, with endpoint-group fan-out via reusable profiles.
  • Added: Ask-AI: describe a workflow in plain language and Constellation builds a valid, ready-to-run graph.
  • Added: 15 agent triggers spanning app/service state, resource thresholds, the Windows Event Log, files, network ranges, port health, certificates, and desired-state config drift.

Richer telemetry & policy insight

v1.3.0 released 2026-04-23. Deeper hardware and policy signal from every endpoint, and new Apollo diagnostics built on top of it.

  • Added: SMART disk health, boot timeline, problem-driver detection, and GPO/RSOP + scheduled-task visibility in the telemetry bundle.
  • Added: Apollo diagnostics for failing disks, slow boots, and persistence-risk scheduled tasks.

Fleet operations & durable approvals

v1.2.0 released 2026-04-09. Take action across the whole fleet at once, with durable role-based approvals and a full audit trail.

  • Added: Fleet-wide gated actions and durable, RBAC-controlled approvals with an audit timeline (survives refreshes; works as a team queue).
  • Added: Trends and ≥2σ anomaly detection, plus ticket and CVE cross-referencing over real installed-software inventory.
  • Improved: Apollo evaluation harness and tool-call observability (success rate, p50/p95, token usage).

Apollo on real telemetry

v1.1.0 released 2026-03-19. An agentic Apollo that diagnoses real endpoints, proposes gated fixes, and surfaces proactive alerts.

  • Added: Apollo: agentic diagnose → evidence → plan → verify over live endpoint telemetry, with deterministic tools so it can never invent data.
  • Added: Gated on-demand collection, a proactive alert inbox, and one-click (approval-gated) remediation through the agent.

Vertex Systems: general availability

v1.0.0 released 2026-02-27. The first public release: a modern RMM portal backed by a lightweight Windows agent streaming real telemetry.

  • Added: Portal: dashboard, tickets, devices, fleet, and endpoint groups.
  • Added: Windows RMM agent with live metrics, software inventory, and a secure outbound-only command channel.

Put Apollo on your fleet

Diagnose on real telemetry, automate gated fixes, and keep every Windows endpoint healthy, from one place. Self-serve, transparent pricing, one-line install.

See plans & startExplore the platform

Keep reading

AI RMMAI RMM software with Apollo that actually fixes thingsRead →Endpoint automationEndpoint automation anyone on the team can buildRead →ResourcesResources for modern IT operationsRead →