Skip to Content
ChangelogScanner Releases

Scanner Release Notes

Release history for the slim.io scanner agent. Each entry includes the version number, release date, change type, and a summary of changes.

slim.io-hosted scanners can be updated from the Scanner Fleet page in your dashboard. BYOC scanners: pull the latest image from Docker Hub (slimio/scanner:{version}-{profile}).

0.2.0 — April 3, 2026

Type: Minor

Added

  • Smart Scan mode — Risk-prioritized scanning with change detection. Fairness decay prevents low-risk resource starvation. Priority bucketing stabilizes ordering across runs.
  • Bootstrap Scan mode — Progressive onboarding for large environments. Three-stage flow: metadata enumeration, stratified priority sampling, and public exposure sweep. Memory-safe for millions of objects using heap-based selection.
  • Per-object scan metadata — Tracks last_scanned_at, last_verified_at, and scan_count per object for Smart mode reverification.
  • Reverification with severity weighting — Unchanged resources with prior findings are periodically re-scanned. High-severity findings (SSN, credit card) reverify faster than low-severity (email, phone). Jitter prevents thundering herd.
  • Scanner profiles — Four optimized image profiles: full, cloud-storage, database, saas. Each includes only the SDKs needed for its connector types.
  • Scan completeness score — 0.0 to 1.0 metric quantifying how thoroughly a scan covered the target data. Accounts for access denied, scan errors, and partial enumeration.
  • Scan Profiles (Light / Standard / Deep) — Controls scanning intensity and load on customer infrastructure.
  • Per-object findings drill-down — Click any scanned object to see paginated findings filtered by PII type, with masked evidence.
  • File type detection — Automatic format identification for CSV, JSON, Parquet, Excel, PDF, Avro, ORC, and plain text.
  • Scanner Fleet management — Deploy, monitor, and deregister scanners from the Customer Dashboard.
  • BYOC deployment — Docker Compose and Kubernetes manifests for self-hosted scanning. Scanner images on Docker Hub (slimio/scanner).
  • Connector health alerts — Configurable alerts for credential expiry, authentication failures, and health degradation.

Changed

  • Default scan type changed from Full to Smart (recommended for most use cases).
  • Scanner images now published with pinned version tags only. No :latest tag on Docker Hub.
  • Registration uses direct tenant subcollection queries instead of collection group queries for faster authentication.

Fixed

  • Scanner registration token TTL check for timezone-naive datetime values.
  • Cloud Run label format validation for tenant IDs containing uppercase characters.

0.1.0 — March 15, 2026

Type: Initial Release

Added

  • Core scanning engine with 170 PII classifiers across 4 detection tiers.
  • Support for 17 connector types: AWS S3, GCP Cloud Storage, Azure Blob, PostgreSQL, MySQL, MSSQL, Oracle, DB2, Snowflake, Databricks, Slack, Teams, Salesforce, Google Drive, OneDrive, SharePoint.
  • Agentless cloud scanning with streaming downloads (4 MB default chunk size).
  • Database scanning with server-side cursors and adaptive sampling.
  • SaaS scanning via provider APIs with incremental change detection.
  • Budget enforcement: time, bytes, resources, and findings limits.
  • Finding feedback (confirm/reject) for classifier calibration.
Last updated on
Connect a SaaS Platform