April brings one of the most exciting rounds of updates at Scrut this year, with major milestones like the launch of Scrut Teammates — our AI-powered GRC teammate. From faster platform performance to powerful new integrations, this month’s updates are all about making your compliance workflows smarter, faster, and more connected than ever.
- Scrut Teammates – An intelligent, AI-powered GRC teammate
- Authentication upgraded to Auth0 for enhanced security
- Faster performance and loading speed across the platform
- New updates to the frameworks library – New Jersey DPL, CMMC, and Australia ISM
Scrut Teammates: An intelligent, AI-powered GRC teammate
Scrut Teammates is a system of vertical AI agents designed specifically to understand an organization’s GRC needs. It works alongside the GRC or security team – eliminating compliance busywork, prioritizing real risk, and streamlining collaboration.
At its core, Scrut Teammates is powered by these building blocks:
- Proprietary knowledge graph: A proprietary knowledge graph that connects your policies, controls, risks, and assets into a unified, searchable system.
- System of agents: A coordinated system of specialized AI agents — each focused on a specific compliance domain, orchestrated by a supervisor agent — ensures accurate and context-aware actions.
- Trained on real-world data: These agents are trained on thousands of real-world compliance scenarios and best practices curated by Scrut’s in-house security experts, enabling it to handle real-world challenges with practical intelligence.
Get expert recommendations with automated task resolution
Scrut Teammates doesn’t just tell you what to do — it helps you get it done. It gives you expert, tailored recommendations based on your current compliance posture, then takes it a step further by creating detailed tickets, assigning them to the right owners, and tracking progress for you — all within Scrut.
Smarter vendor risk management, faster decisions
Scrut Teammates removes the manual effort from third-party risk management. It evaluates a vendor’s inherent risk based on service criticality and public security data, then builds tailored questionnaires to ensure you’re asking the right questions. Once responses come in, it analyzes them, flags risks, and suggests mitigation steps — helping you complete due diligence faster and with more confidence.
Intelligent prioritization and remediation of cloud tests
Scrut Teammates automatically tracks failed cloud tests across your environment and intelligently prioritizes them based on your audit frameworks, control severity, and risk posture. Instead of leaving you to figure out next steps, it suggests precise remediations — from configuration updates to infrastructure-as-code snippets with pre-filled variables.
Search shortcut for easy access
Scrut Teammates makes finding the right compliance data simple — just hit Cmd/Ctrl + K to search across your risks, controls, policies, evidence, and vendor assessments. Instead of only scanning filenames, Scrut Teammates can search for the right context, helping you surface exactly what you need, even when the answer is buried deep inside a file.
Respond to security questionnaires, faster
Scrut Teammates makes responding to security questionnaires a breeze by intelligently auto-filling answers wherever you receive them—including formats like CSV, Excel sheets, editable PDFs, and even through a Chrome extension. It pulls information from existing materials on the Scrut Platform, such as vault docs, policies, past responses, and more. It also maintains an editable centralized answer library so you can edit and maintain up-to-date answers.
Want a live demo on how Scrut Teammates takes the mental grunt work out of compliance and acts as your always-on assistant? Book a demo with us to see it in action or reach out to your CSM.
Authentication system migration for enhanced security and smoother login
We’ve upgraded Scrut’s authentication system to Auth0, a leading identity management platform that delivers stronger security, cleaner login pages, and a faster user experience.
Here’s what’s new:
- Enhanced security: Auth0’s advanced threat protection offers stronger defense against unauthorized access.
- Dynamic login pages: All your integrated SSO options in one place.
- Smoother experience: Enterprise users get a faster and more intuitive login flow.
- No changes for non-SSO users: Several login measures via Email (OTP), Google, or Microsoft available.
- Action required for Enterprise SSO users: Please add the following redirect URL to your OIDC configuration (in addition to existing URLs):
https://scrut.eu.auth0.com/login/callback
Faster platform performance and seamless navigation
We’ve rebuilt Scrut’s backend APIs to deliver a quicker and smoother experience, eliminating full-page refreshes and reducing loading times across the platform.
- Improved productivity and faster navigation: Move between modules with minimal loading times.
- Smoother workflows: Perform multiple actions with intuitive UI updates factored in.
Looking for custom integrations? Please let us know what you need by filling out this form — we’re continually expanding our integration library to support your workflows better.
Framework updates
This month, we’ve updated one of our existing frameworks in the Scrut Library to reflect the latest regulatory changes, making it even easier for you to stay compliant without adding complexity. Here’s what’s new:
- New Jersey Data Privacy Law (NJDPL): This newly added framework helps businesses comply with New Jersey’s comprehensive data protection regulation. With pre-mapped controls aligned to consent management, user rights, and data security, organizations can streamline privacy operations, reduce manual effort, and strengthen customer trust.
- Australia ISM (Updated Mapping): We’ve updated the Australia Information Security Manual (ISM) framework in the Scrut Library to reflect the latest December 2024 release. As part of this update, the only change is that the number of required policies has been optimized from 39 to 37.
- CMMC Level 2 (Updated Mapping): We’ve updated our mapping to the latest CMMC Level 2 requirements. Control coverage has increased from 126 to 145, with updates to evidence and policy requirements to align more closely with assessment expectations — making it easier to maintain complete and audit-ready documentation.
Want to see what else is new? Explore Scrut’s full framework library or connect with your Customer Success Manager for customized framework support.
For expert tips and updates, subscribe to our newsletter, GRC Wire — your go-to source for practical Governance, Compliance, and Risk insights.
Megha Thakkar has been weaving words and wrangling technical jargon since 2018. With a knack for simplifying cybersecurity, compliance, AI management systems, and regulatory frameworks, she makes the complex sound refreshingly clear. When she’s not crafting content, Megha is busy baking, embroidering, reading, or coaxing her plants to stay alive—because, much like her writing, her garden thrives on patience. Family always comes first in her world, keeping her grounded and inspired.
