Spring 2026 Update: CV Processor, Web Pentest Labs & Security

We are excited to introduce the CV Processor — a brand-new module that automates resume handling within your recruitment workflow. You can now upload CVs in PDF or DOCX format, and the platform will automatically parse their contents and generate standardized documents based on your company templates. The module supports both Polish and English and is designed to save hours of manual formatting work for recruitment teams.

We've launched Web Pentest Labs — a completely new assessment format where candidates identify and report real vulnerabilities in live web applications. Instead of answering theoretical questions, candidates interact with intentionally vulnerable apps, locate security flaws, and submit structured reports. The platform automatically evaluates their findings and generates detailed PDF summaries, making it possible to assess practical offensive security skills at scale.

Security has always been at the heart of our platform, and this release raises the bar significantly:

• OAuth 2.0 Single Sign-On (SSO) with Microsoft Azure AD, including a dedicated admin panel for managing SSO configurations.
• Login rate limiting to protect against brute-force attacks.
• Admin audit log that records all security-relevant actions performed on the platform.
• Automated weekly security scanning powered by Snyk to catch vulnerabilities early.
• RFC 9116 security.txt endpoint for responsible disclosure.
• Hardened Content Security Policies and improved sandbox isolation for coding tasks.
• URL-safe tokens replacing base64 tokens for password reset and registration flows.
• Email Delivery via Microsoft Graph API replacing traditional SMTP with modern enterprise email standard.

Code task evaluation now runs asynchronously via Symfony Messenger, which keeps the platform responsive even during peak usage. Under the hood, we achieved a 400% throughput improvement in the sandbox supervisor and resolved execution issues for C#, Scala, and Go tasks. On the frontend, we optimized PageSpeed Insights scores with responsive images, lazy loading, improved caching, and eliminated N+1 database queries in critical endpoints.

We replaced the legacy Dompdf engine with Gotenberg for generating assessment report PDFs. The new engine produces higher-quality documents with proper icon rendering and better overall layout — giving recruiters polished, professional reports they can share with confidence.

Our lab provisioning backend received major upgrades:

• Migration to Azure Container Instances with simplified VPN configuration.
• A new intelligent Pulumi queue system with automatic error recovery and conflict handling.
• Automated cleanup of zombie stacks and orphaned cloud resources.
• Support for public containers that don't require VPN — perfect for demo and introductory labs.

Administrators now benefit from server-side pagination for questions and assigned assessments, making large datasets easy to navigate. We also added simplified CSV and XLSX report exports, a new Manager role with limited admin access, and country flags next to IP addresses in the audit log for quick geographic context.

We improved WCAG 2.1 accessibility across key UI components and added structured data (JSON-LD), hreflang tags, and canonical URLs for better search engine visibility. We published interactive OpenAPI/Swagger documentation for our public API for our Enterprise customers to make any custom integration much easier. The platform also received a fresh Security & Trust Center page and a dedicated cybersecurity services page.

Behind the scenes, we expanded our automated test suite with new E2E (Playwright), unit (Jest, PHPUnit), and integration (pytest) tests. Post-deployment smoke tests now run automatically, CI/CD pipelines execute builds in parallel for faster delivery, and we migrated to Node.js 24 LTS.

We sincerely thank all our customers, partners, and candidates for their continued trust and invaluable feedback. Every suggestion you share helps us build a better platform. We are committed to delivering even more features, practical labs, and usability improvements in the coming months — stay tuned for what's next!