PocketSOC 1.6.0 introduces Personal Use mode — a new way to monitor your own security environments directly from your phone, without a portal or organization setup. NEW: Personal Use Mode Connect your own vendor API keys (CrowdStrike, Microsoft Defender, Defender for Cloud, AWS GuardDuty) directly inside the app. • No portal required • No team admin required • Credentials stay in the iOS Keychain • No PocketSOC server ever receives Personal Use credentials • Optional iCloud Keychain sync across your Apple devices Perfect for consultants, researchers, home labs, and small-team operators who want a lightweight mobile pane of glass. Trial & Subscription • 7-day free trial (no credit card required) • $4.99/month or $49.99/year via the App Store • Cancel anytime from inside the app or iOS Settings Real detections only - no sample data and no feature gating. Mode Selection Improvements Choose your workflow on first launch: • My Organization (existing portal flow) • Personal Use (new local-only mode) • Try Demo (no credentials required) Switch modes anytime from Settings. Switching securely clears local credentials and cached detection data. New WeaveHub Brand System PocketSOC now ships with an updated navy-and-gold visual system: • Improved light and dark mode surface hierarchy • Updated typography across the entire app • Cleaner severity presentation and detection lists • Consistent visual identity across all screens Improved Launch Experience A new branded launch animation provides a smooth transition from app icon to interface with no visual flash between system launch and app content. Subscription Management Improvements Manage your subscription directly from inside Settings: • View renewal status • Cancel or reactivate plans • Switch between monthly and annual options • Clear status messaging synced with App Store subscription state Security & Reliability Improvements • Rebuilt credential storage layer for improved iCloud Keychain compatibility • Fixed repeated Face ID prompts during detection refresh in some configurations • Added migration logic to clean up legacy keychain access settings • Additional stability and performance improvements across detection views and profile management Coming Next • Additional dashboard polish updates

What's New - Alert correlation - related detections are now automatically grouped together - Attack chain detection - identity compromise followed by endpoint activity highlighted with a visual timeline - Correlation timeline - tap "View timeline" on any correlated alert to see the full sequence - Configurable correlation window - choose how far back to look for related alerts (15 min to 24 hours) - Comprehensive accessibility improvements - VoiceOver, Dynamic Type, Reduced Motion, improved contrast - Fixed a layout shift when navigating back from detection details - General stability and performance improvements

- Accept updated terms of service directly in the app without being signed out - Improved connection handling when setting up your first vendor integration