Skip to main content
Documentation changes and product updates, newest first. For longer-form posts see blog.guardway.ai.

2026

2026-07-12
Updated
Guardway CLI: guided setup, environment doctor, finding accepts, and traffic correlationThe CLI Reference now documents the newest gw-cli commands:
  • setup — one guided command installs NVIDIA SkillSpector (the authoritative scan engine) pinned to a reviewed commit, with full disclosure and confirmation. Scans then report engine Built-in + SkillSpector, and SkillSpector works without a provider key.
  • doctor — reports the scanning environment: which engine a scan will actually use, SkillSpector / Python / uv status, and the current air-gap and LLM modes.
  • accept — mark reviewed findings as trusted so they stop counting against OWASP compliance; per-skill accepts are pinned to the skill’s content hash and re-surface if the skill changes.
  • The serve page now explains the correlation engine: live LLM traffic that matches a flagged skill is recorded as a correlation — runtime-confirmed risk, visible on the dashboard and in report.
The Overview risk-scoring section was updated to recommend gw-cli setup over the manual SkillSpector install.
2026-07-07
Added
Guardway CLI docs, with OWASP Agentic Skills Top 10 coverage & governanceNew Discovery → Guardway CLI section documenting the endpoint agent (gw-cli): inventory, risk scoring, the local dashboard, and vetting.
  • Full CLI Reference including the new approve command (records a governance baseline so new or changed artifacts are flagged GOV-UNAPPROVED) and vet provenance (HEAD commit, signature, pin class).
  • Inventory & Risk Scoring now documents OWASP Agentic Skills Top 10 (AST01–AST10) coverage, the PASS / ATTENTION / FAIL compliance model, and the new metadata / isolation-posture / MCP-EXFIL detections.
  • Clarifies the two OWASP agentic frameworks Guardway uses: AST (Agentic Skills — installed artifacts at rest, on the endpoint) vs ASI (Agentic Security Initiative — a running agent, on the Agents page).
  • The Local Dashboard page documents the OWASP compliance panel.
2026-06-04
Updated
Agents, Topology, and Integrations docs aligned with the current dashboardDocumentation now matches the live sidebar and workspace layout.
  • New Topology page for the gateway → provider → model → agent graph.
  • New Dashboard → Agents page for org-wide agent metrics (stat rail and breakdowns). The Agents workspace documents Inventory and Findings only — no Dashboard tab on that page.
  • Settings → Integrations rewritten for the catalog hub, category filters, View integration dialog (Overview / Connect), plus Azure AI Foundry, Amazon Bedrock, and Microsoft Entra ID (including Identities on agent detail).
  • Platform sidebar order in the docs now includes Topology and Playground → Agents → Logs.
2026-05-23
Added
OWASP Top 10 for Agentic Applications findings on the Agents pageThe Platform → Agents page now surfaces OWASP Agentic Top 10 findings detected on each discovered agent.
  • The Dashboard tab has a new tile row covering Total findings, Critical + High, and ASI categories hit, plus a Findings by ASI category card that links into the filtered Findings tab.
  • The Inventory tab has a new Risk column showing each agent’s worst severity and open finding count.
  • A new Findings tab lists every open finding across the org with linkable filters by Category (ASI01–ASI10) and Severity (Critical / High / Medium / Low / Info).
  • The Agent detail page shows the worst-severity chip in the header and a new OWASP Top 10 findings card directly below it, grouped by ASI category with collapsible Remediation and Evidence per finding.
  • Five categories are evaluated in this release — ASI02 Tool Misuse, ASI03 Identity & Privilege Abuse, ASI04 Supply Chain, ASI05 Unexpected Code Execution, ASI07 Insecure Inter-Agent Communication. See the new OWASP Top 10 categories section on the Agents page for the rule reference, severity meanings, and finding lifecycle.
2026-05-17
Added
Agents page and Azure AI Foundry integrationNew runtime-discovery surface for AI agents running in your cloud providers.
  • New Platform → Agents page covering the Dashboard tab tiles, the Inventory table, the per-agent detail view, and how gateway-routing classification works (routed / direct / unknown).
  • The Azure AI Foundry connector discovers both prompt agents (the new Foundry experience) and legacy Assistants-API agents in a single inventory.
  • Settings → Integrations now covers Azure AI Foundry alongside GitHub: the four Service Principal fields, a step-by-step Azure portal walk-through, and a corrected permissions matrix showing why Azure AI User (or Azure AI Developer) must be assigned at the AI Services account scope — subscription-level alone leaves the data-plane agents API returning 401.
  • A Resync button on the integration card triggers an immediate discovery refresh after adding new accounts, projects, or agents in Azure.
2026-05-08
Updated
Docs sidebar now mirrors the dashboard menuEvery page label, sub-group, and order in the docs now matches what you see in the dashboard. Highlights:
  • New Dashboard sub-group (Overview, Usage, Spend, Security) under Platform.
  • Configuration sub-group consolidates Providers, API Keys, Models, Security (MCP + Guardrails + SLM), Routing, and Members.
  • Settings sub-group covers Organization, Members, Roles, Pricing, Notifications, Integrations, Audit Log, Traffic, and Console.
  • Logs, Playground, and gateway-deployment pages are reachable from the sub-group that matches the dashboard.
  • Old gateway-section URLs (Connect Provider, Sync Models, Playground, Routing, MCP, Guardrails, Logs and Traces, Access, Webhooks, Session, Audit) redirect to their new homes.
  • Gateway → Deploy rewritten end-to-end against the Register Gateway dialog; Environment is now the canonical env-var reference.
  • New Discovery → Repositories page covering the per-repo inventory view.
2026-04-17
Updated
Docs v1 — gateway onboarding rewrite
  • Rebuilt navigation around the real onboarding path: sign up → deploy → activate → connect provider → sync models → playground → logs.
  • New Platform section covering orgs, teams, keys, and usage.
  • Moved glossary and limitations into Resources; added a Support page.
  • API reference marked Coming soon until the public management API ships.
  • Reskinned with Inter and the Guardway orange primary.