Skip to main content

2026-02-18 — CMS Improvements & Workspace Management

CMS Updates

  • Improved detection rule reliability by fixing issues with multi-table rule deployment.
  • Improved several detection rules for better accuracy and fewer false positives.

Workspace Management

  • You can now delete a pre-onboarded tenant that hasn’t completed setup, simplifying workspace cleanup.
  • Workspace tags now display more relevant contextual information, replacing the outdated “Configuration (XDR + SIEM)” label.

Gamebook Improvements

  • Added a Workspace column to the Gamebook Activity view, making it easier to identify which workspace each Gamebook execution belongs to.

Bug Fixes

  • Fixed a crash on the incidents list when viewing multiple workspaces caused by a module configuration change.
  • Fixed “Last Modification” in Group Management displaying “0 days ago” instead of the actual date.

2026-02-12 — Gamebook Reliability

Agent Center

  • Improved Security Delivery Agent reliability when investigating workspaces where certain Gamebook extensions are not enabled.

Bug Fixes

  • Fixed an issue where Gamebooks could get stuck in a pending or running status.
  • Fixed visual rendering issues in several portal components.

2026-02-10 — Incident Management Improvements

Incident Management

  • Added an Assign to me quick-action button to incident details and the incident modal, enabling analysts to claim incidents faster.
  • Incident IDs now appear consistently in the breadcrumb, URL, and page header for easier reference and sharing.
  • Consolidated workspace filtering — individual table workspace filters have been replaced by the global workspace filter at the top of the page for a cleaner, more consistent experience.

Gamebook Improvements

  • The Gamebook approval button now displays an informative tooltip explaining why approval is unavailable when prerequisites haven’t been met.

Bug Fixes

  • Fixed an issue in the Agent Center where pressing Enter during agent creation would prematurely submit the form.
  • Fixed a data source usage query failure affecting Google Workspace Reports.

2026-02-07 — Dock Panel Improvements

Dock Panel Navigation

  • The dock panel now opens to the Browse tab by default when expanded, providing faster access to workspaces and navigation.
  • The Recent tab now correctly displays workspaces you’ve recently accessed, improving workspace discovery.
  • Added a visual indicator to the active dock panel tab, making it easier to see which tab is currently selected.

Bug Fixes

  • Fixed an issue where the dock panel collapsed when navigating between workspaces.
  • Reduced unnecessary re-renders when interacting with dock panel tabs.

2026-02-06 — Incident Experience & Data Source Monitoring

Incident Details Redesign

  • The incident details experience has been redesigned with improved entity organization, clearer section navigation, and faster load times.
  • Entity lists in incident details now show enriched context directly in the list view.
  • Incident tabs have been reordered to show Comments first, followed by Audit, improving the workflow for analysts reviewing incident activity.

Data Source Activity Monitoring

  • Data source activity charts now update in real-time, giving administrators immediate visibility into ingestion health without refreshing.
  • Added a new “Last Seen” indicator to quickly identify stale or disconnected data sources.

Agent Center

  • Improved agent investigation messaging — when an agent investigation takes longer than expected, the notification now indicates that the agent will continue working in the background rather than showing a timeout error.

Bug Fixes

  • Fixed time zone display issues in incident timestamps.
  • Resolved entity context panel occasionally not loading for certain entity types.
  • Fixed an issue where the Agent Center failed to display available agent updates.
  • Removed an inaccurate tooltip from the Log Search run button.

2026-02-05 — Agent Deployment & Filtering Improvements

Agent Deployment

  • Simplified agent deployment with a new guided wizard that validates Azure prerequisites before provisioning.
  • Added deployment status notifications so administrators know when agents are ready.

Filter Persistence

  • Filters across the Command dashboard, Incidents, and Gamebooks pages now persist across sessions, reducing repetitive filter configuration.

Bug Fixes

  • Fixed agent configuration page not loading when no agents were deployed.
  • Resolved intermittent failures when saving notification preferences.
  • Fixed Gamebook Activity filter not correctly displaying queued Gamebooks.

2026-02-04 — Performance & Stability Updates

Platform Performance

  • Optimized incident list queries, reducing load times by up to 40% for high-volume workspaces.
  • Improved caching for workspace metadata, reducing redundant API calls during navigation.
  • The Incidents page now defaults to a 3-hour time filter instead of 24 hours, improving initial load times for high-volume workspaces.

Gamebook Execution

  • Gamebook execution logs now stream in real-time, providing immediate feedback during manual and automated runs.

Bug Fixes

  • Fixed memory leak in the incident polling service.
  • Resolved rare race condition causing duplicate incident entries in the UI.
  • Fixed an issue where pre-onboarding a new workspace did not correctly assign owner access to the administrator.
  • Fixed an issue where administrators could not access agent configuration from the Agent Center.

2026-02-03 — Workspace Manager & Bug Fixes

Workspace Manager

  • Added tooltips to the CMS and Settings icons in the Workspace Manager, matching the tooltip pattern used elsewhere in the portal.

Bug Fixes

  • Fixed an issue where workspace group membership changes were not reflected until page refresh.
  • Resolved CMS rule deployment failures for workspaces with special characters in their names.
  • Fixed entity search returning incomplete results for IP addresses.
  • Corrected tooltip alignment issues in the Command dashboard widgets.
  • Fixed entity context menu in the Gamebooks workbench requiring a second click to show available actions.
  • Fixed an error when viewing the Alert Rule tab for incidents from Microsoft Defender XDR and other non-Sentinel sources.
  • Fixed incident closure failing for Microsoft Defender XDR incidents.
  • Fixed the Configure and save button remaining clickable after completing Microsoft Sentinel configuration.

2026-01-23 — CMS Migration, .NET 10 Upgrade, and Agent Improvements

Content Management System (CMS) Migration

  • Analytical rules, security content, and CMS capabilities are now fully integrated into the IRIS platform, delivering a unified experience for managing detection rules and security content without switching between tools.

Platform Upgrade to .NET 10

  • The platform has been upgraded to .NET 10, improving performance, security, and long-term supportability across all services.

Agent Center Enhancements

  • Administrators can now update agent container images directly from the Agent Center, reducing operational overhead when deploying new agent versions.
  • Agent efficacy improvements: agents now have access to sign-in logs, directory logs, device timelines, and related incidents as investigation tools — enabling richer, more accurate automated investigations.
  • Default AI model capacity increased to 150K tokens per minute, improving agent throughput for high-volume environments.

Gamebook Fixes

  • Resolved an issue where the gamebook approval button was not functioning correctly in the incident detail modal.

Notification Settings

  • Users can now toggle severity-based notifications without requiring recipients to be configured first, simplifying initial notification setup.

Filtering Experience

  • Filters across the portal now persist as you navigate between pages, eliminating the need to re-apply filters repeatedly.

Bug Fixes

  • Fixed an issue where API error responses with empty bodies caused client-side errors.
  • Fixed null reference errors when agents array was uninitialized.
  • Resolved issues with SentinelOne and Azure response module configuration logic.
  • Fixed security rule detail page errors.

2025-12-23 — Command 2.0 Dashboard and Metrics Platform

Command 2.0 Dashboard

  • The Command page has been redesigned with a new dashboard layout featuring at-a-glance operational metrics, giving security teams immediate visibility into their security posture.

New Dashboard Widgets

  • Incident Tracker Overview — Track open, in-progress, and resolved incidents across all workspaces in a single view.
  • Closed Incident Rule Trends — Understand which detection rules are driving the most resolved incidents over time.
  • Workspace Closed Incident Trends — Compare incident resolution performance across workspaces.
  • Gamebook Activity Widget — Monitor active gamebook executions and their current status in real time.
  • Gamebook History Widget — Review past gamebook runs with outcomes and timing for post-incident analysis.

Agent Deployment Improvements

  • Added support for selecting preferred AI models in the Agent Center.
  • Continued support for standard agent deployment alongside newer deployment options for existing customers.

CrowdStrike Integration Enhancements

  • Incident descriptions from CrowdStrike are now automatically generated with richer context.
  • CrowdStrike incident comments are now fetched from audit logs, providing a complete conversation history within IRIS.

SentinelOne Integration Enhancements

  • Added support for SentinelOne threat classifications (verdicts), giving analysts clearer disposition information.
  • Fixed incident description formatting for SentinelOne incidents.

Bug Fixes

  • Fixed workspace filter not resetting to “All Workspaces” correctly.
  • Resolved inaccurate time filtering for the 24-hour filter option.
  • Fixed custom time filter unable to change from an existing custom selection.
  • Fixed duplicate rule entity mapping errors.

2025-11-18 — Agent GA Readiness, Audit Trail, and Gamebook Improvements

Audit Trail System

  • A comprehensive audit trail is now available for incident updates, entity investigations, and status changes. Security teams can review a full history of who did what and when — critical for compliance and post-incident review.
  • Audit logs for user sign-in and directory events are now queryable within the platform.

Agent Improvements for General Availability

  • Agents now automatically trigger investigations on new incidents, reducing mean-time-to-respond without manual intervention.
  • Real-time gamebook status updates are now streamed to the UI — no more refreshing to see investigation progress.
  • Gamebook execution results are now visible directly on the Gamebook page.
  • Agent response flow improved with better error handling and detailed comments when issues occur.
  • Prevented duplicate agent investigations on the same incident.
  • Agent UI refined for general availability readiness.

Workspace Group Management

  • Group member details, including member lists, are now visible in the group viewing slider within workspace settings.

Data Source Activity

  • The data source activity graph has been enhanced for better readability and alignment.

Bug Fixes

  • Fixed time filter refresh behavior on the incidents page.
  • Fixed agent response button remaining active when agent is not properly configured.
  • Fixed Defender incident comment creation for comments exceeding 1,000 characters.
  • Resolved incorrect log search results for Microsoft Defender data sources.
  • Fixed data source query results mapping to use column names instead of index positions, improving reliability.

2025-10-17 — Ticketing Orchestrator, Agent Optimization, and Time Filters

Ticketing Orchestrator

  • Introduced a new ticketing orchestration layer that improves reliability and consistency when creating and managing tickets across integrated ticketing systems (Jira, ServiceNow, Autotask).

Agent Flow Optimization

  • The agent investigation and response flow has been optimized for performance, with improved classification mapping and enriched logging for better troubleshooting.

Time Filter Improvements

  • Time filters throughout the portal now correctly display in local time instead of UTC, and the refresh behavior has been improved.

Bug Fixes

  • Fixed ticket creation for Microsoft Defender incidents in Autotask.
  • Resolved entity context menu appearing for non-Microsoft sourced incidents.

2025-09-04 — CMS 3.0, Notification System, and Agent Center

CMS 3.0 Release

  • The Content Management System has been finalized with an updated user interface, improved rule details pages, and refined commenting capabilities for security content collaboration.

Notification System

  • A new notification settings system allows workspace administrators to configure alert recipients, severity thresholds, and notification preferences per workspace — ensuring the right people are notified about the right events.
  • Notification recipients can be added and removed directly from workspace settings.

Agent Center

  • A redesigned Agent Center creation experience with step validation, an Azure region picker for selecting agent resource locations, and an improved configuration details view.
  • Agent deployment reliability has been significantly increased with improved error handling and processing time.

Feature Flag Cleanup

  • Gamebooks 2.0 and Workspace Management features are now generally available — feature flags have been removed, making these capabilities available to all users by default.

Bug Fixes

  • Fixed deployment table routing when switching workspaces.
  • Fixed notification delivery issues identified during QA.
  • Resolved IAM management component flag check issues.
Questions about the release notes? Contact us at support@contraforce.com.