Vessel ownership traversal and sanctions matching
Overwatch can now trace vessel ownership chains through corporate layers and automatically match them against sanctions lists. The traversal walks ownership, operator, and ship-manager relationships up to a configurable depth, flagging any sanctioned entity in the chain. Matching uses IMO numbers first to avoid false positives from name-only lookups, and confidence decays with each hop so you can prioritize the most direct exposures. See the risk API for details.Flag-hopping detection
Overwatch now tracks every flag-state change for each vessel and flags those that switch registries frequently — a common indicator of regulatory evasion. Vessels with high flag churn are surfaced in a dedicated scoreboard, and flagged-vessel status feeds directly into the ownership traversal so sanctions risk scores account for obfuscation patterns.Port state control detention scoring
Vessel risk scores now incorporate port state control (PSC) inspection data from USCG PSIX. Detention counts and deficiency records over the trailing 24 months are rolled into a 0–100 PSC risk component, tiered from low to critical. Scores update daily, so a vessel that picks up a new detention is reflected in your risk view within a day.NOAA port water conditions
Overwatch now ingests real-time water level, current, temperature, and salinity observations from NOAA CO-OPS stations near major US ports. Data refreshes hourly and is available for historical backfill up to 30-day windows on demand. This gives you environmental context alongside vessel movements — useful for understanding delays or anomalies tied to tidal or weather conditions. See the ports API for details.NOAA buoy weather observations
Weather data from approximately a dozen NDBC buoys near major US port approaches is now available in Overwatch. Wind speed, wave height, and temperature readings refresh hourly and provide environmental context for AIS anomaly analysis — helping distinguish weather-driven slowdowns from suspicious behavior.EPA maritime enforcement data
Overwatch now ingests EPA compliance and enforcement records for maritime facilities — including ports, marine cargo handlers, and petroleum refineries — across US coastal states. Each facility is geocoded and enriched with per-violation enforcement detail (action type, penalty amount, violation description), giving you a facility-level view of environmental compliance risk in and around ports.Vessel ownership and manager history
Ownership and ship-manager changes detected through enrichment are now tracked as temporal relationships with full history. When an owner or manager changes, the previous relationship is closed and a new one opens — so you can see not just the current owner, but the full chain of custody over time.AIS behavioral analytics
Overwatch now supports a structured data model for AIS behavioral analytics, covering track gaps, maneuver detection, pairwise vessel encounters, COLREGS assessments, speed profiling, and multi-signal fusion scoring. This lays the foundation for upcoming kinematic anomaly detection features that will flag suspicious vessel behavior patterns.Expanded API with watchlists, alert channels, and emissions reporting
The Overwatch API now includes a significantly wider set of endpoints. You can manage watchlists in bulk, configure alert rules with Slack delivery, generate emissions reports, look up ultimate beneficial ownership (UBO) chains by IMO number, and run sanctions audit queries — all through the REST API. Locus users also gain API access to portfolio management, custom scoring formulas, and scheduled data exports. See the Overwatch API reference and Locus API reference for the full endpoint list.Workspace management and team controls via API
New workspace API endpoints let you create and manage team workspaces, configure SSO providers, set resource-level access controls, manage invitation flows, and define permission scopes — all programmatically. This is useful for organizations that need to automate user provisioning or integrate Axiom access management into existing tooling.Maritime disruption signals in Locus cell scores
Locus cell risk scores now incorporate maritime disruption signals from Overwatch. When a port disruption, congestion spike, or supply chain anomaly is detected, nearby Locus cells automatically reflect the elevated risk. This cross-product signal means your territory assessments stay current with real-world logistics events without any manual adjustment.Cell detail view and scoring improvements
Locus now includes a fully redesigned cell detail panel. When you click into an H3 cell, you can view median income, notable events, nearby points of interest, score history with sparkline annotations, and rent burden data — all in one place.The Discover filters have also been expanded with new sort options and CSV export, making it easier to narrow down territories and share results with your team.AI-powered permit extraction
Building permit records now include AI-extracted work descriptions, so you can quickly understand what construction or renovation activity is happening in a cell without reading raw permit filings. Extraction results stream into the platform as they finish for faster access.FEMA flood exposure scoring
Safety scores in Locus now incorporate FEMA NFIP flood exposure data. Cells in flood-prone areas are flagged automatically, giving you a more complete picture of location risk when evaluating territories.311 complaint sentiment signals
Locus ingests 311 complaint narratives and converts them into H3-level sentiment signals. This adds a new layer of neighborhood quality data to your cell scores, surfacing areas with recurring resident complaints.Civic upzoning signals
The dashboard now surfaces civic upzoning activity, helping you spot areas where zoning changes may signal future development or shifts in land use.Audit log
Layer now includes a tenant-scoped audit log that records every significant action in your workspace — integration connections, asset changes, user role updates, data exports, and more. Each entry captures who performed the action, what was affected, and when it happened. Events are immutable and retained for six years to support HIPAA and SOC 2 audit requirements. View the log at Settings → Audit log.One-click OAuth for Google Workspace and Microsoft 365
Connecting Google Workspace and Microsoft 365 to Layer no longer requires creating a service account or registering an Azure AD app. Admins now click Connect, sign in once, and grant consent — Layer handles the rest through a streamlined OAuth flow.The same one-click experience extends to Intune, Microsoft Teams, and M365 Mail connectors.HRIS integrations
Layer now connects to popular HRIS platforms including Rippling, Gusto, BambooHR, Deel, HiBob, and Workday. Employee lifecycle events, department mappings, and workforce status flow directly into your asset graph — so onboarding and offboarding workflows stay in sync with your HR system. See integrations for setup details.Integration health banner on dashboard
The Layer dashboard now displays a health banner at the top of the connections grid whenever any integration is failing or needs re-authorization. The banner shows the number of affected connectors along with an amber Resolve button that takes you straight to the integrations page to fix them.Daily integration health email
Layer now sends a daily email digest to workspace admins whenever integrations are failing or need re-authorization. The email lists each affected connector with its status and a direct link to resolve the issue in your integrations dashboard. No setup is required — the digest is sent automatically at 09:00 UTC each day and only goes out when there are connections that need attention.Reconnect prompt for expired integrations
Connectors that need re-authorization now display a colored status badge and an amber Reconnect button directly in the integrations page. Clicking it reopens the OAuth flow so you can re-authorize in one click — no need to delete and re-add the connection.Top employees by spend on dashboard
The Layer dashboard now highlights your top three employees by cost, giving you a quick snapshot of where the highest spend is concentrated without navigating away from the main view.Brand icons and setup hints on integration cards
Connector cards in the integrations page now display real brand logos. Credential forms for popular connectors — including Okta, AWS, Slack, Jamf, and GitHub — now show placeholder examples and info tooltips that explain what each field expects and where to find the value.Cross-product navigation bar
The Axiom navigation bar now appears at the top of every dashboard page, so you can switch between Layer, Overwatch, Locus, and Codex without leaving your current session. The bar matches the marketing site layout and stays pinned as you navigate.Guided onboarding on the integrations page
The integrations page now shows a guided onboarding prompt when you haven’t connected any integrations yet. It recommends starting with Google Workspace or Microsoft 365 — both one-click OAuth, no API tokens required — and highlights key trust signals: no agents on devices, read-only by default, and tokens encrypted at rest. The prompt disappears automatically once your first integration is connected.Envelope coverage dashboard
Codex now includes an envelope coverage dashboard at Admin → Codex coverage that tracks APRSrecord_id adoption across every catalog table. The dashboard shows summary cards (tables tracked, fully compliant, empty, in progress), a color-coded sortable table with per-table row counts and backfill status, and an overall compliance percentage. Data refreshes nightly at 05:00 UTC.APRS data envelope
Codex now applies a standardized data envelope (APRS) across all ingested records. This ensures consistent shape and metadata compliance for audit evidence, making exports and compliance checks more reliable.Automatic APRS backfill for existing records
Codex now automatically backfills existing data sources with the APRS envelope, so historical records are wrapped in the same standardized format as new ingestions. Backfill jobs run on staggered schedules to avoid load spikes, and each record receives a unique URN for traceability. No manual migration is required — your full dataset will be APRS-compliant without any action on your part.Data source catalog tracking
Codex now maintains a live catalog of every active data source across the platform. The catalog tracks record counts and last-loaded timestamps, refreshing automatically each night. Any ingestion source that isn’t registered in the catalog is flagged so gaps are caught early — you no longer need to audit data coverage manually.Redesigned Overwatch landing page
The Overwatch landing page has been refreshed with an interactive hero map featuring live vessel markers, location shortcuts for major shipping lanes (Gulf Coast, English Channel, Singapore, Bosphorus), and a video walkthrough. The page now gives a clearer overview of the platform’s capabilities before you sign in.Improved cargo estimation accuracy
Hydrostatic cargo estimates now use vessel-class-specific displacement thresholds tuned from industry standards (IMSBC for bulk, OCIMF for tankers). Previously, uniform thresholds placed most observations into a single bucket. Vessel type sampling is also stratified so less-common classes like chemical tankers and LNG carriers are properly represented in cargo validation models.Self-healing enrichment pipeline
The vessel enrichment pipeline now automatically detects and recovers stuck jobs. Previously, a crash during enrichment could leave records in a stalled state until someone manually reset them. Overwatch now sweeps for stalled jobs every 30 minutes and requeues them, so enrichment data stays current without manual intervention.Refreshed Locus landing page
The Locus landing page has been redesigned with a cleaner light theme, larger typography, and a new video hero section. The signal journey now uses a vertical timeline with story cards for a more intuitive walkthrough of the product.OSHA data source updated
The OSHA workplace safety data feed has been migrated to the current bulk data source, replacing the retired API. Score calculations that depend on OSHA data are now up to date.80+ integrations
The Layer integration catalog has grown to over 80 connectors spanning identity, device management, cloud infrastructure, ITSM, security, finance, HRIS, and collaboration categories. Most connectors use admin-consent OAuth, so there are no API tokens to copy or service accounts to configure.Redesigned dashboard and core pages
The Layer dashboard has a new layout with spend trend charts, sparkline metrics, and a two-column view for savings opportunities and upcoming renewals. The apps, people, spend, contracts, and renewals pages have also been refreshed with updated card layouts, filters, and urgency indicators across the board.Improved integrations grid
The integrations page now uses colored tiles with status rings so you can quickly see which connectors are active, pending, or disconnected.Automatic token refresh for OAuth integrations
Google Workspace, Microsoft 365, Intune, and M365 Mail connections now automatically refresh their access tokens in the background. Previously, tokens could expire after the initial OAuth setup, causing syncs to fail silently. Layer now detects expired tokens and refreshes them on every sync, so your integrations stay connected without any manual intervention.Live last-synced timestamps
The “Last synced” label on the integrations page now refreshes automatically every 30 seconds. Previously, the timestamp could go stale if the tab stayed open.Continuous APRS compliance validation
Every change to Codex data collectors and ingestion pipelines is now automatically validated against the APRS standard before it goes live. If a data source falls below the compliance threshold, the update is blocked until the issue is resolved. This guarantees that all records flowing into Codex maintain consistent envelope metadata, so your audit exports and compliance checks stay reliable over time.Source provenance on entity relationships
Every relationship in the Codex entity graph — ownership chains, flag history, sanctions links — now carries provenance metadata showing which data feed and system produced it. This makes it easier to trace the origin of any connection during audits or investigations.Overwatch bug fixes
- Fixed an issue where vessel departures could go undetected for several days due to a silent failure in the event processing pipeline. Departure detection is now handled by a dedicated scheduled job for improved reliability.
- Fixed hydrostatic cargo estimates returning empty results for all vessel visits due to a data type handling issue.
- Fixed vessel visit draft readings sometimes arriving as text instead of numbers, which could cause downstream cargo estimates to fail silently.
- Improved vessel enrichment reliability by reducing batch sizes and adding timeout safeguards to prevent failures on large fleets.
Locus bug fixes
- Fixed an issue where the maintenance risk score endpoint returned a 404.
- Resolved a bug in the council legislation monitor where recent updates could be missed.
Atlassian connector fixes
- Fixed an issue where the Jira/Atlassian connector form collected the wrong credentials, causing all syncs to fail with a 401 error. The form now asks for the correct Organization ID and Org Admin API Token.
- Fixed pagination for large Atlassian organizations so all users are synced, not just the first 200.
Layer bug fixes
- Fixed an issue where the Apps page incorrectly redirected to the login screen when an organization was not yet linked. It now shows a helpful message instead.