Platform changelog

What we've shipped.

Every notable change to AEGIS, newest first. We ship continuously and try to document every change that matters to a user.

New Fixed Improved Infrastructure
v3.5.0
April 2026

Changelog, Content Audit & Mobile Nav

New
  • Public changelog page at /changelog
  • Hamburger menu for mobile — nav no longer overflows on iPhone
Fixed
  • Pricing page prices corrected (Professional $129/mo, Business $349/mo)
  • Comparison table no longer shows "/seat" — pricing is flat, not per-seat
  • Auth page footer no longer claims SOC 2 / ISO 27001 / HIPAA BAA (not yet held)
  • Placeholder company names removed from logo strip
  • Fabricated testimonial replaced with honest founder note
v3.4.0
April 2026

Brand Refresh & Self-Serve Signup

New
  • Self-serve beta request flow — company, team size, use-case captured upfront
  • Request-access flow for domain collision handling
  • Beta Requests link in management portal navigation
  • About page roadmap section — on-deck features and "not building" list
  • Favicon added across all pages (base64 embedded, no CDN)
Improved
  • Full UI revamp — blue-dominant palette, flat stat cards, sober threat indicator
  • Email template redesigned to match Axivum brand (dark, text wordmark, blue/violet gradient bar)
  • Contact page — confirmation email sent to every visitor who submits the form
Fixed
  • Blog index cards showed "NANNAN" — HTML entity rendering bug in JSX (→ Unicode escape)
  • Hero "security tools" italic text clip — added paddingRight
  • Nav width inconsistency and toast z-index overlap on dashboard
v3.2.0
March 2026

PDF Export Fix, Live Data Briefings & Widget Config

Fixed
  • PDF text overlap in AI briefing section (double-wrap bug — jsPDF + splitTextToSize conflict)
  • Dashboard widget config modal — was trapped in CSS transform stacking context, repositioned
Improved
  • AI briefing prompts now fetch live CISA, Hacker News, BleepingComputer headlines at generation time
  • Anti-hallucination rules added — model only cites data in the prompt context
  • Geography-aware threat profiles injected into briefing prompts from tenant data
  • Widget visibility changes applied immediately on save
v3.1.0
March 2026

Geopolitical Threat Intelligence

New
  • 5 Iranian threat actor groups added: APT33 (Elfin), APT34 (OilRig), APT35 (Charming Kitten), MuddyWater, CyberAv3ngers
  • CISA Current Activity and US-CERT alert feeds added to /api/news
  • Atom format parsing alongside RSS for CISA feed compatibility
  • AI geopolitical awareness block in system prompt (Russia-Ukraine, China-Taiwan/US, DPRK context)
Improved
  • News API restructured from sequential fallback to parallel Promise.allSettled()
  • Government alerts prioritized first (up to 8), then cyber news (cap 25 total)
  • Each news item now tagged with source field for frontend filtering
v3.0.1
March 2026

Pricing Model Update

Changed
  • Professional: $129/month (1 seat included, +$39/additional seat)
  • Business: $349/month (1 seat included, +$69/additional seat) — Most popular
  • Enterprise: Custom pricing (contact sales)
  • All 16 sales-kit PDFs regenerated with updated pricing
v3.0.0
March 2026

Phase 3: AI Intelligence & Advanced Analytics

New
  • AI executive briefings — Groq-powered, sector-aware, multi-model fallback chain
  • Threat hunting playbooks — 8 MITRE ATT&CK kill-chain tactics, tenant-aware steps
  • 13 configurable dashboard widgets across 7 categories (intel, tools, compliance, ai, analytics, hunt, admin)
  • Composite risk score (1–10) with letter grade and contributing factors
  • KEV velocity tracking with trend detection (increasing / decreasing / stable)
  • MITRE ATT&CK heatmap with tenant tool coverage overlay
  • D1 trend snapshots for 90-day time-series analysis
Infrastructure
  • 11 new API endpoints across /api/briefing, /api/playbooks, /api/widgets, /api/analytics
  • D1 migration 019: dashboard_widgets, migration 020: trend_snapshots
  • Verification script expanded to 139 checks — all passing
v2.0.0
March 2026

Phase 2: Enterprise Integration & Compliance

New
  • Public REST API v1 at /api/v1/* — API key auth, scoped permissions, 100 req/hr rate limiting
  • STIX 2.1 bundle generation from live KEV + MITRE + tenant data
  • TAXII 2.1 discovery at /api/v1/taxii with 3 collections
  • Sigma rule generation from MITRE ATT&CK techniques (JSON + YAML)
  • YARA rule generation from CISA KEV vulnerabilities
  • NIST CSF 2.0, SOC 2 Type II, HIPAA Security Rule, PCI DSS 4.0 compliance mapping
  • Automated posture assessment — covered / partial / gap per control
Infrastructure
  • D1 migration 018: api_keys table
  • Verification script expanded to 99 checks — all passing
v1.1.0
March 2026

Phase 1: Quick Wins & High Priority Fixes

New
  • AI query rate limiter — 20 queries/user/hour with sliding window
  • Audit logging service — client create/delete with user, tenant, IP, timestamp
  • Centralized input validation (email, UUID, plan, sector)
  • Landing page conversion tracking — page views, CTA clicks, scroll depth
  • GitHub Actions CI/CD — auto-deploy on push to master, health check after
Fixed
  • /api/health only matched /health — now matches both
  • Duplicate migration version numbers (003/004 conflicts)
  • Duplicate tool entries in AI tool descriptions
  • KEV status enum validation missing
v1.0.0
March 2026

Initial Modular Deployment

New
  • Migrated from monolithic 17K-line file to 51-module Cloudflare Workers architecture
  • PBKDF2 auth, TOTP MFA, RBAC, multi-tenant isolation
  • MSSP parent-child tenant model with white-label branding
  • AI threat analysis via Groq (llama-3.3-70b-versatile)
  • PDF and PPTX report generation with email delivery via Resend
  • Live CISA KEV, SANS ISC, EPSS, MITRE ATT&CK v16.1, and news feeds
  • Blog system with admin publishing
  • 17 database migrations, Cloudflare D1
  • Deployed to Cloudflare Workers — axivum.io
Older internal changelogs exist but predate this page. Questions? Email support@axivum.io.