ContraForce Release Notes

With each product release, we document changes to the ContraForce Portal. Product releases can include bug fixes, new features, and performance related improvements. We will send an email each time indicating a new release has occurred.

Version 1.3.0

September 1st, 2022

This release includes the launch of One-Click Response and Gamebooks. With One-Click Response and Gamebooks, IT professionals can manage full-lifecycle security operations from a single interface with a single click. The addition of this capability further advances ContraForce's mission to make cybersecurity easy, affordable, and accessible. 

If you have any questions about version 1.3.0 please feel free to contact us at


  • One-Click Response is available for medium and high severity incidents. 
    • 8 Playbooks are available for One-Click Response. The playbooks can be combined together to create a Gamebook. Gamebooks allow users to respond to incidents with multiple actions using just a single click. 
      • Lockout User
        • This playbook disables a user’s account and prevents them from signing in. 
      • Reset User Password
        • This playbook prevents a user from generating new sign ins without first resetting their password during their next sign in attempt.
      • Invalidate Existing Sessions
        • This playbook ends a user’s signed in sessions, preventing the authorization of additional actions associated with those sessions
      • Isolate Endpoint
        • This playbook disables an endpoint's external networking capabilities.
      • Scan Endpoint
        • This playbook triggers an anti-virus scan on an endpoint.
      • Acknowledge Response
        • This playbook updates an incident, adding a comment containing a timestamp and the username of the user who executed the playbook.
      • Quarantine File
        • This playbook stops a file from being used by other programs and deletes it.
      • Block IP
        • This playbook updates a firewall’s rules to block network traffic from a specific IP address.
  • On the Command Page, the Needs Attention table has an Action column. When an incident with One-Click response is available, a Respond button is shown. 
    • Clicking Add to Gamebook or Go to Gamebook will direct the user to the Investigate page. This is where different playbooks can be combined to create Gamebooks.
    • Playbooks are added to a Gamebook by clicking the green plus (+) sign button. They are removed by clicking red minus (-) sign. 
  • For Medium and High severity incidents, email notifications will include a Respond and a Launch Portal button.
  • Once a One-Click response has been performed, the user receives a confirmation message and are returned to the incident detail page.
  • If a One-Click Response fails, a Run Again message will be shown or you will have the option to contact the ContraForce team.


  • Onboarding Welcome page fields have been streamlined to require less input from the user to start the onboarding process.
  • Error messaging and handling has been improved throughout the onboarding flow.  

Bug Fixes

  • Fixes to the security infrastructure deployment during the onboarding process.   

Version 1.2.0

April 12th, 2022

Today, we are thrilled to announce the general availability of Self-Service Onboarding, Subscription Plans, Billing Management, and the Data Sources management page.  We have seen tremendous growth and interest after 12-months of early access in the market. With today’s release, ContraForce has the ability to bring enterprise-scale cybersecurity to small and medium businesses.


  • Self-Service Onboarding

    • Customers can register, subscribe, and connect security supported data sources completely on their own using a self-service flow.

If you wish to connect a data source but do not see it listed please submit a request to the ContraForce Support Team. We are more than happy to assist with any more detailed connections.

  • New Subscription Plans and Billing Management
    • We now support 4 new subscriptions plans that can be reviewed in the Subscription tab of the Settings page.
      • Freemium Forever, Priority Zero, Priority Cloud, and Priority Network
      • Existing customers will be automatically grandfathered into their current corresponding subscription plan.
  • Billing Management
    • New customers can now manage their subscription payment method in the Billing tab of the Settings page.
  • Data Sources Management
    • Users can now add, edit, and remove data sources connected to ContraForce.


  • Time Filter selection is now persistent across all pages in ContraForce.
    • Time filter updates will now trigger an automatic data refresh on the selected page without needing to click the data refresh icon.
    • The data refresh icon can still be used to refresh fetched data at any time or as needed.
  • Users can now search for ContraForce users in the User Management tab of the Settings page.

Bug Fixes

  • Updated Missing Investigation Graph Icons.
  • Improved client side error handling.
  • Browser card sizing issues addressed.
    • Minor bug fixes throughout the ContraForce Portal.

Version 1.1.3

February 2nd, 2022

This release focused on UI improvements and performance optimization for the ContraForce Portal. A new sorting feature was added to the Endpoint page.


  • On the Endpoints page, the Endpoint Inventory table can now be sorted by “Device Name.”


  • Performance optimization for back-end servers.

  • Minor UI improvements throughout the ContraForce Portal.

Bug Fixes

  • Minor bug fixes throughout the ContraForce Portal.

Version 1.1.2

October 29th, 2021

This release focused on implementing support request functionality into the ContraForce Portal. Additional performance improvements were also made.


  • From any page within the ContraForce Portal, users can now submit a ticket directly to our Support Team. On the bottom right of a page within the ContraForce Portal, there is a “Contact Support” widget. It will prompt the user to ask what type of assistance is needed. From here any relevant support documentation will populate. Alternatively, there will be a support option where details about the issue can be added and submitted for review by our Support Team.


  • On the Incidents page the response time of the Incidents table when viewing a large amount of incidents has improved. This is common when using the 14 or 28 day time period. At the bottom of the table there is now a “Load More” button. By clicking “Load More” an additional 50 incidents will be loaded per click resulting in a much quicker review experience.

  • Minor UI improvements to cards on various portal pages.

Version 1.1.1

October 1st, 2021

This release was focused on bug fixes related to the last product release (1.1).

Bug Fixes

  • The Incident Response card on the Command page now shows correct incident values when the “Last 28 Days” timeframe has been selected.

  • When hovering over the Cloud icon within the Incident Response card on the Command page, the total amount of incidents shown is correct.

  • The count of incidents shown on the Incidents page will match the data shown on the Command page.

Version 1.1.0

September 21st, 2021

Our team is very excited about the 1.1 release! This release was heavily driven by customer feedback. First, you will notice the portal has a new look! Second, you will notice that some pages have been removed. Don’t fret, these pages are not gone forever. Our Development Team will be heavily focusing on these pages to improve the functionality over the coming months. Our goal is to provide our users with effective fully functional tools, and we look forward to showing the new versions of these pages when they are ready.


  • The portal has a new look!

    • Now following industry standard by implementing material design for all portal pages.

  • On the Navigation bar, the tabs for the Compliance, Profiles, Training and Marketplace pages have been removed.

  • Command Page

    • The labeling and layout of cards on the Command page has been simplified to provide a better overview from the Command page. For an overview on the functionality of each of these cards, please visit the Command Page Overview documentation.

      • Open Incidents has changed to Incident Response

      • Critical and High Severity Incidents has changed to High Severity Incidents

      • Incidents Severity has changed to Open Incidents

      • Alerts has changed to Current Alerts

      • MITRE ATT&CK Alert Map has changed to MITRE ATT&CK Threat Detectors

      • Security Events By Source is unchanged

    • Ticketing, Data Source Misconfigurations, and Open Versus Closed Tickets have all been removed from the Command Page.

  • Incidents Page

    • The Investigate page has been renamed to Incidents. For an overview on the functionality of each of the cards on the Incidents page, please visit the Incidents Page Overview documentation. The new cards on this page provide the user with data to assist with investigations and incident management.

  • Endpoints Page

    • This page is largely the same.

  • Settings Page

    • We have removed all functionality except the ability to add and remove Roles assigned to users within the portal.


  • The load times of the portal are twice as fast as the previous version.