WinSentinel v1.12.0 — Autonomous Threat Hunting & Security Canary

What's New

🎯 Autonomous Threat Hunt Engine

Proactive, hypothesis-driven threat hunting that automatically generates and validates security hypotheses against system telemetry — shifting from reactive alerting to active threat pursuit.

🐦 Security Canary Command (--canary)

Honeypot tripwire network that deploys decoy files, registry keys, and network listeners across the system. Any interaction with these canaries triggers immediate alerts, catching lateral movement and insider threats.

⚔️ Security War Game Command (--wargame)

Interactive adversarial simulation that models attack scenarios against the current security posture, helping identify defensive gaps before real attackers do.

🔍 Shadow IT Detector (--shadow)

Discovers unauthorized software, services, and cloud integrations running outside IT governance — surfacing hidden risk from unapproved tools.

💓 Vitals Dashboard (--vitals)

Medical-monitor-style real-time security health dashboard with vital signs, heartbeat monitoring, and at-a-glance system security status.

📚 Documentation & Testing

• Comprehensive CONTRIBUTING.md with architecture overview, chat command guide, service catalog, and helper reference
• 58 new tests for SecurityCompassService and VitalSignsService
• Documentation for all 30 audit modules (expanded from 13)
• Removed duplicate test files superseded by comprehensive versions

🔧 Dependency Updates

• Bump MinVer 6.0.0 → 7.0.0
• Bump actions/checkout 4 → 6
• Bump actions/upload-artifact 4 → 7
• Bump Microsoft.SourceLink.GitHub 10.0.202 → 10.0.203
• Bump aquasecurity/trivy-action 0.35.0 → 0.36.0

Full Changelog: v1.11.0...v1.12.0