Release Notes
New updates and improvements
Product update
This release includes significant improvements to both our frontend dashboard and backend infrastructure. We've resolved 24 critical bugs and delivered 3 new features. Our focus has been on improving user experience, system stability, and platform scalability.
API changes
None
New features
Intent classifier 0.9 (Beta)
Users can now easily copy profile IDs directly from the Inventory page for improved workflow efficiency
Revised filtering and settings menus in Monitoring
When users tap the settings icon on the Monitoring page, it will now open a drawer on the right instead of the previous modal. Within the drawer, users are able to toggle between settings and filters with the two icons at the top right.
Fixed bugs
Fixed an issue where longer prompts were not classified correctly.
Resolved an issue where a backend version conflicts were leading to incorrect Jailbreaking signals.
Fixed hover content that was stretching across the screen in one long line on Models page info icons.
Fixed issue where users couldn't delete cannon runs. Resolved filtering functionality issues in the Inventory page.
Fixed layout issue where the "Add New" button was partially hidden on the Profiles page.
Fixed interaction issue with safety signal expansion chevrons in certain scenarios.
Corrected spelling error on the Profiles page interface.
Fixed missing upload confirmation messages when uploading CSV files to collections
Resolved issue where intent functionality was not working properly in new profiles
Fixed missing attack vector information in profile overview pages
Corrected mislabeled signal distribution charts and labels
Fixed attack vector charts that were not displaying data properly
Resolved issue preventing users from changing sentiment settings in profiles
Fixed functionality that was preventing users from creating new profiles
Corrected inaccurate blocked count statistics displayed on the overview dashboard
Removed unnecessary redirect behavior from the blocklist profile page to improve navigation flow
Fixed issue where signal information was incorrectly displayed when users entered invalid profile IDs in the URL
Resolved browser hang state that occurred when users entered invalid collection IDs in the URL
Fixed issue where deleting collections could occasionally cause browser stability problems
Corrected spelling error in system component names throughout the interface
Added proper messaging when no collections are available instead of showing empty state
Improved clarity by displaying full "instruction override" text instead of abbreviations throughout the interface
Improved CSV processing to automatically ignore empty lines during data analysis
Product update
This release includes significant backend stability improvements and user experience enhancements. We've resolved 22 issues focused on system reliability, signal accuracy, and platform functionality. Our focus has been on improving data processing capabilities, fixing critical user workflow issues, and enhancing the overall platform performance.
API Changes
None
New Features
Intent Model (beta) - v1.24
Model Overview Page Redesign - Completely refreshed interface for better model management and visibility
Enhanced Inventory Sorting - Inventory lists now display in alphabetical order for easier navigation
Improved Signal Organization - Streamlined signal categories with Direct Command Injection now categorized under Adversarial signals
Improvements
Enhanced Profile Management - Improved handling of profile settings and configurations
Better Error Messaging - More informative error handling when models aren't properly configured in Enforce mode
Signal Accuracy Improvements - Fixed intent model processing for more accurate classifications
Cannon Interface Updates - Changed "Signals" column to "Flagged" for clearer terminology
Bugs Fixed
Fixed issue where users couldn't delete prompt cannon runs from the interface
Resolved problem preventing cannon runs from being triggered from collection pages
Fixed functionality that prevented users from deleting prompts from collections
Corrected issue where illegality sub-categories didn't match their parent categories in new profiles
Fixed sentiment setting synchronization between profile edit view and profile overview
Resolved API authorization errors when unexpected API keys were used
Fixed prompt classification issues with longer text inputs
Corrected signal categorization conflicts that were causing incorrect security classifications
Fixed collection processing failures that prevented proper execution
Improved text processing to handle semantic chunking without content truncation
Enhanced system stability for prompt cannon operations
Fixed dashboard metric calculations for more accurate pass rate and delta reporting
Resolved issues with profile configuration validation in Enforce mode
Improved error handling for prompt cannon workflow failures
Fixed signal filtering and combination logic for more accurate threat detection
This release delivers substantial improvements across our platform focused on enhanced user experience, system reliability, and backend infrastructure. We've addressed critical production issues, introduced new features for better workflow management, and strengthened our testing and monitoring capabilities.
API Changes
Added override capability for event_type in API calls to orchestrator (future feature)
New Features
MTVS Model (beta) - v1.xx
Improvements
Signal Organization - Refined categorization and removed redundant code illegality signals
Trace Interface - Auto-scaling text boxes and updated pills/intent display
Bugs Fixed
Fixed decode errors occurring during prompt collection CSV uploads
Corrected missing named entities in overview dashboard
Restored profile search capabilities in Profile configuration interface
Fixed PII/PHI/PCI card to show results from all chunks properly
Resolved Named Entity Recognition showing "not_run" status despite generating probabilities
This release significantly improves platform stability and user experience while laying the groundwork for enhanced AI governance capabilities.
This release delivers significant improvements to platform stability, user experience, and backend infrastructure. We've resolved critical issues affecting the dashboard, Trace functionality, and data processing. This sprint focused heavily on production stability and user interface refinements.
API Changes
None
New Features
Signal Classifier (MTVS) v3.26
Enhanced Trace Interface - Improved scrolling chunk view and Prompt vs Response are now separated
Improvements
User Experience Enhancements:
New Collections and Profiles now consistently appear at the top of lists
Profile form now warns users to save changes before navigating away
Collection selection automatically updated when creating new Collections
Bugs Fixed
Fixed log filters not displaying properly on larger screens
Resolved attack vectors missing from Overview dashboard
Fixed signal distribution graph not showing Security category
Corrected edge case for prompt blocking functionality when Profile is set to block
Fixed Secrets not saving properly in Profiles interface
Eliminated repeated signals under the same chunk in Trace function
Resolved image upload failures to Collections API
Fixed inconsistent sorting behavior in Cannon and Collection lists
Improved overall interface responsiveness and reliability
Profiles now sorted alphabetically
Cannon run lists sorted by date
This release significantly enhances platform reliability and user experience while establishing a stronger foundation for future AI governance capabilities and agentic workflows.
This release focuses on enhancing platform performance, improving user experience, and strengthening monitoring capabilities.
API Changes
None
New Features
Event Type Display - Event types are now visible in monitoring views with improved iconography (available in prompt details in the next release)
Improvements
Enhanced CSV ingestion with immediate record creation, eliminating timing gaps
Bugs Fixed
Fixed periodic inability to delete cannon runs in production environment
Removed duplicate sentiment display from chunk trace results for cleaner interface
Resolved issue where new collections weren't automatically selected after creation
Resolved missing named entities in prompt details
This release significantly improves platform scalability and user experience while establishing better monitoring and tracking capabilities for enhanced AI governance.
This release delivers substantial improvements across our platform focused on enhanced user experience, system reliability, and backend infrastructure. We've addressed critical production issues, introduced new features for better workflow management, and strengthened our testing and monitoring capabilities.
API Changes
Not breaking - this beta API provides a streamlined interface for real-time AI content analysis and risk detection. This single-endpoint API allows you to submit prompts and receive comprehensive analysis results in one call, making it ideal for integration and testing. See documentation for more information.
New Features
Signal classifier (MTVS) v3.28
Intent classifier v1.28
Enhanced prompt details with event type and subtype information for comprehensive agentic interaction analysis
Improvements
Improved date picker functionality in monitoring filters - resolved loading issues when clearing date selections
Enhanced CSV upload process with better status tracking and user feedback
Streamlined profile overview navigation (temporarily disabled as landing page)
Improved collection selector functionality to display all available collections without pagination limits
Streamlined inventory navigation with removal of unused dataset pages from sidebar
Decreased timeout settings from one minute to 10 seconds
Better error handling and tracking for collection processing workflows
Strengthened CSV ingestion process with improved record creation timing
Enhanced failure tracking and reporting for collection analysis runs
Bug Fixes
Fixed historical prompt flagging data display in Cannon runs
Resolved missing creator and flagged prompt information in Cannon interface
Fixed profile search functionality in configuration interface
Resolved CSV upload silent failure issues with improved error reporting and status tracking
Streamlined backend processes for faster response times
This release delivers substantial improvements across our platform focused on enhanced user experience, system reliability, and backend infrastructure. We've addressed critical production issues, introduced new features for better workflow management, and strengthened our testing and monitoring capabilities.
API Changes
Not breaking - this beta API provides a streamlined interface for real-time AI content analysis and risk detection. This single-endpoint API allows you to submit prompts and receive comprehensive analysis results in one call, making it ideal for integration and testing. See documentation for more information.
New Features
Signal classifier (MTVS) v3.28
Intent classifier v1.28
Enhanced prompt details with event type and subtype information for comprehensive agentic interaction analysis
Improvements
Improved date picker functionality in monitoring filters - resolved loading issues when clearing date selections
Enhanced CSV upload process with better status tracking and user feedback
Streamlined profile overview navigation (temporarily disabled as landing page)
Improved collection selector functionality to display all available collections without pagination limits
Streamlined inventory navigation with removal of unused dataset pages from sidebar
Decreased timeout settings from one minute to 10 seconds
Better error handling and tracking for collection processing workflows
Strengthened CSV ingestion process with improved record creation timing
Enhanced failure tracking and reporting for collection analysis runs
Bug Fixes
Fixed historical prompt flagging data display in Cannon runs
Resolved missing creator and flagged prompt information in Cannon interface
Fixed profile search functionality in configuration interface
Resolved CSV upload silent failure issues with improved error reporting and status tracking
Streamlined backend processes for faster response times
This release delivers significant enhancements to user experience, monitoring capabilities, and platform reliability. We've introduced new visualization features, streamlined user workflows, strengthened testing infrastructure, and resolved critical production issues to ensure better performance and accuracy across all platform components.
API Changes
None
User Experience Improvements
Navigation & Interface
Eliminated sidebar menu item flickering during page load for smoother user experience
Fixed sidebar menu highlighting to accurately reflect current page location
Added day-level granularity to query count charts for improved trend analysis
Resolved chart key overlap issues that were covering data labels
Improved tooltip positioning for attack vector charts in overview dashboard
Monitoring & Analysis
Enhanced signal distribution chart functionality with proper zero-value handling
Enabled settings access in full-screen chart mode
Added internal on/off toggle for sentiment analysis in profile configuration
Improved Collections dropdown to display more than 50 options during prompt cannon operations
Component Architecture
Redesigned Combobox component to match Select component behavior for consistent user interaction
Optimized inventory page layout to properly utilize screen space when sidebar switches to top navigation
Removed duplicate settings icons from monitoring menu
Implemented intelligent model execution - signals that are disabled no longer trigger unnecessary processing
Bugs Fixed
Resolved incorrect subcategory counting issues affecting code requested, adversarial, and illegality signal categories
Corrected flagged prompts count display discrepancies in cannon run views
Addressed signal distribution chart issues where jailbreaking categories would duplicate when toggling zero-value display
Resolved testing inconsistencies between environments for neutral sentiment classification
This release focuses on enhancing platform security detection capabilities, improving user experience with visual updates, and strengthening system reliability. We've addressed critical monitoring issues, enhanced our PII detection models, and implemented comprehensive testing improvements to ensure consistent platform performance.
API Changes
None
New Features
• Enhanced PII Detection Model: Updated PII model with improved version formatting and enhanced detection accuracy for better personally identifiable information classification.
• Optimized Signal Processing: Secrets detection now intelligently respects profile signal settings, improving performance by skipping unnecessary processing when signals are disabled.
Platform Improvements
• Updated Brand Identity: Refreshed platform logo across all interfaces for a more modern and consistent brand experience.
• Improved Signal Classification: Enhanced signal labeling accuracy with proper categorization of security-related signals for better threat identification.
Bugs Fixed
• Resolved Monitor Sorting Issues: Fixed an issue where sorting Monitoring data by sentiment would cause the interface to hang when using older profile configurations.
• Fixed CSV Upload Functionality: Resolved file upload issues that were preventing users from successfully importing CSV data into collections.
• Corrected Signal Header Display: Fixed missing illegality information in Prompt Signals headers and removed inconsistent labels for accurate threat categorization.
System Reliability Enhancements
Enhanced testing coverage across critical platform components including user management, overview dashboards, and Collections functionality to ensure consistent performance and stability.
This release marks a significant infrastructure milestone with the migration to our new Content Analysis platform, delivering improved performance and reliability for security signal detection. We've resolved critical issues affecting the Cannon, enhanced UI consistency across the platform, and introduced Terms & Conditions acceptance tracking for compliance requirements. These updates strengthen Aiceberg's foundation for enterprise deployments while improving the user experience for security teams monitoring AI interactions.
API Changes
New API Integration: The Cannon now supports the new event analysis API architecture, providing improved performance and reliability for batch testing workflows. The use_new_api parameter has been integrated into Cannon operations.
New Features
Terms & Conditions Acceptance Tracking
Organizations can now track user acceptance of Terms & Conditions with comprehensive audit capabilities including:
Automatic T&C presentation on first login
Version tracking for specific terms presented
Timestamp recording for acceptance
User confirmation via checkbox acknowledgment
This feature provides the compliance documentation required by enterprise security and legal teams, with version control ensuring organizations can prove which specific terms users agreed to in case of disputes or regulatory audits.
Enhanced Copy Operations
Copy buttons throughout the platform now provide visual feedback with success notifications, making it easier to work with Profile IDs, API keys, and other identifiers across your workflows.
Improvements
Content Analysis Platform Migration
Signal Detection Reliability: Completed migration to the new Content Analysis platform, resolving issues where signals were not firing correctly and ensuring consistent security detection across all environments. Attack vectors, named entities, and security signals now display reliably in Overview dashboards.
Performance Optimization: Fixed issues with CAM (Content Analysis Module) naming that were causing missing data in trace views and analytics, improving the accuracy of threat detection and entity extraction.
Cannon Enhancements
API Integration: The Cannon now operates on the new event analysis API, providing better performance and more reliable batch testing capabilities for security policies.
Execution Reliability: Resolved failures in staging environment affecting Cannon runs, ensuring consistent testing workflows for security teams validating Profile configurations.
Trace Data Completeness: Fixed missing trace pills and signal indicators for Cannon-generated prompts, providing full visibility into security signal firing across all interaction sources.
Monitoring & Analytics
Overview Accuracy: Resolved issues where Overview dashboards were missing critical data including:
Attack vectors distribution
Security signals breakdown
Named entities identification
Prompt analysis timing
These fixes ensure security teams have complete visibility into AI security posture across their deployments.
Filter Persistence: Monitoring filters and presets now persist correctly when navigating between views, eliminating the need to reapply filter selections.
UI/UX Polish
Accordion Animations: Added smooth transitions to expanding and collapsing sections, creating a more polished experience when navigating Profile configurations and settings.
Unsaved Changes Warning: Profile edit pages now clearly indicate when you have unsaved changes that would be lost by navigating away, preventing accidental loss of configuration work.
Settings Panel Behavior: Fixed header icon alignment when opening settings panels on wide screens, maintaining consistent layout across different viewport sizes.
Bugs Fixed
Resolved timeout handling in Step Functions that was incorrectly categorizing legitimate timeouts as generic errors
Fixed secrets detection probability displaying as null instead of showing actual confidence scores
Corrected prompt analysis time calculations that were showing zero seconds for valid processing durations
Resolved Collections CSV status navigation to properly link to import history
This release delivers substantial improvements to platform usability and data handling across Aiceberg. The Playground now operates on our new API infrastructure, and we've resolved critical issues with PII redaction and data display. These updates reflect our commitment to building enterprise-grade AI security infrastructure that scales with your organization.
API Changes
Output-Only Mode: The event analysis API now supports providing only an output for analysis scenarios where the prompt is not available, expanding flexibility for post-hoc security analysis and compliance scanning.
New Features
Enhanced Collections Management
Drawer-Based Navigation: Collection selection and management now uses a streamlined drawer interface, reducing context switching and improving workflow efficiency when organizing and running security tests.
CSV Import Improvements: The CSV status indicator now functions as a clickable button that navigates directly to the import history page, making it easier to review and troubleshoot data imports.
Bulk Operations: Bulk delete operations have been moved to the top right for consistency with enterprise application conventions, and CSV status displays only when import history exists.
Improved User Management
Display Name Priority: The platform now displays user first and last names (when available) instead of email addresses, creating a more professional experience for security teams and administrators.
Alphabetized Listings: User lists are now automatically sorted alphabetically for easier navigation in organizations with large security teams.
Full-Screen Layout: User management pages now utilize full-screen layout, providing more space for managing permissions and role assignments.
Improvements
Playground Modernization
Profile Deletion Safeguards: Users can no longer enter prompts in the Playground when viewing deleted profiles, preventing confusion and invalid test submissions.
PII Redaction & Privacy
Listen Mode Redaction: Resolved critical issue where private information wasn't being redacted in Listen mode when prompts weren't sent to the LLM, ensuring consistent data protection across all monitoring modes.
Named Entity Display: Fixed rendering issues where named entities were displaying on top of redacted content, maintaining proper privacy controls throughout the interface.
Monitoring Enhancements
Session Visualization: Session view now maintains proper tab highlighting when navigating between conversation threads, making it easier to track context across multi-turn interactions.
Attack Vector Accuracy: Resolved discrepancies between Overview charts and Monitoring views for attack vector flags, ensuring consistent security posture visibility.
Cannon Integration: Fixed issue where Cannon runs were missing prompt details, restoring complete visibility into batch security testing results.
Performance & Reliability
Data Handling: Improved handling of null-type probabilities in signal detection, preventing crashes when analyzing edge cases in model outputs.
Lambda Deployment: Added provisioned Lambda deployment option for CAM services, improving response times and reducing cold start latency for high-volume deployments.
Bugs Fixed
Resolved issue where Overview charts weren't matching Monitoring data for attack vector flags
Fixed missing highlight shading on Monitoring tabs that made it difficult to identify the current view
Corrected prompt details left-justification alignment in test environment
Eliminated issue where Collections list wasn't showing proper highlighting to match other list pages
Fixed long email addresses overflowing or malforming text boxes in User Management modals
Fixed retry logic for pending Cannon runs that was creating duplicate test executions
UI/UX Refinements
Visual Consistency:
Standardized disabled field indicators across all forms
Re-centered "no items found" messages throughout the platform
Fixed tooltip alignment on Cannon run displays
Adjusted settings menu width to prevent unnecessary horizontal space
This release focuses on dramatic performance improvements and infrastructure optimization, delivering up to 10x faster response times through direct Step Function orchestration and aggressive caching strategies. We've enhanced Listen mode capabilities, improved trace data accuracy, and made significant strides in test coverage and observability. These updates position Aiceberg for zero-latency security monitoring at enterprise scale while maintaining comprehensive visibility into AI interactions.
API Changes
Listen Mode Expansion: Listen mode now supports the new event analysis API, enabling real-time security monitoring without active enforcement, perfect for organizations starting their AI security journey or testing new policies.
Performance Improvements
Zero-Latency Architecture
Aiceberg has implemented several architectural enhancements that deliver dramatically faster response times for security monitoring:
Streamlined Request Processing: Optimized our request routing architecture to eliminate unnecessary processing layers, reducing latency by up to 70% for security analysis workflows.
Intelligent Caching: Deployed smart caching strategies that reduce redundant database lookups and authentication overhead, with extended cache durations for frequently accessed security policies providing near-instantaneous response times for repeat operations.
Optimized AI Models: Updated our semantic analysis engines with performance-optimized models that maintain detection accuracy while processing content significantly faster.
Efficient Data Flow: Minimized data transfer between security analysis components by eliminating duplicate information, reducing network overhead and accelerating overall processing time.
Always-Ready Infrastructure: Implemented always-warm compute resources for critical security paths, eliminating initialization delays that previously affected first requests in high-priority workflows.
Combined Impact: These optimizations work together to deliver up to 10x faster response times compared to our previous architecture, enabling true zero-latency security monitoring at enterprise scale.
Monitoring & Observability
Latency Measurement: Added granular timestamps throughout the processing pipeline, enabling precise measurement of sources of latency and supporting SLA adherence verification.
New Features
Enhanced PII Detection
Full Name Accuracy: PII detection now requires multiple tokens for full name identification, preventing false positives when single names (first or last only) appear in content. This reduces alert fatigue while maintaining protection for genuine personal information exposure.
Improvements
Monitoring Enhancements
Collection Management: Completely revamped collection drawer with improved design and logic, streamlining workflow for organizing and managing security test suites.
User Column Positioning: Moved "user" column in Monitoring view to precede prompt content, making it easier to identify which team members or systems are generating flagged interactions.
Trace Data Quality: Fixed multiple issues affecting trace display:
Resolved missing named entities in trace views
Corrected label display issues showing incorrect signal categories
Fixed intent data missing from trace data sources
Session Tracking
Background Session Resolution: Session ID resolution now occurs as a background task rather than blocking progress, improving throughput for multi-turn conversation monitoring while maintaining complete session tracking capabilities.
Created_at Attribute: Updated content_resolve_prep to pass created_at as integer when session tracking is enabled, ensuring proper temporal ordering of interactions.
Bugs Fixed
Resolved issue where monitoring page wouldn't load in test environment due to data retrieval errors
Eliminated AWS authentication errors in sample composition page
Fixed issue where reporting links in prompt details led to non-existent pages
Resolved problem with trash icon not displaying correctly in production and staging environments
This release introduces Use Cases for managing complex multi-profile agentic workflows, expanding Aiceberg's capabilities for securing sophisticated AI agent deployments. We've added the Discount Seeking intent signal for e-commerce security, resolved critical blocking issues with Code Requested signals, and enhanced the Monitoring interface with improved session visualization. These updates strengthen Aiceberg's position as the premier platform for monitoring and securing autonomous AI agents in production environments.
API Changes
Use Case Support: The event analysis API now accepts use_case_id parameters, enabling security monitoring for complex agentic workflows that span multiple profiles and interaction types. Use Cases support agent-to-agent, agent-to-LLM, and agent-to-tool interactions within unified security policies.
New Features
Use Cases for Agentic Workflows
Organizations deploying autonomous AI agents can now configure Use Cases that apply multiple security profiles across complex interaction flows:
Multi-Profile Orchestration: Define security policies for agentic systems where different profiles apply to:
Agent-to-LLM communications (instruction generation, knowledge retrieval)
Agent-to-tool interactions (API calls, database queries, external system access)
Agent-to-agent collaboration (task delegation, information sharing)
User-to-agent head messages
Unified Monitoring: Track security signals across all interaction types within a single Use Case, providing complete visibility into agentic workflow behavior and security posture.
This feature addresses the emerging market need for security visibility into autonomous agent systems where traditional single-profile monitoring is insufficient.
Discount Seeking Intent Detection
Added new intent signal specifically designed for e-commerce and customer service applications to detect when users are attempting to manipulate AI agents into providing unauthorized discounts or price reductions. This capability helps organizations:
Protect revenue by identifying discount manipulation attempts
Monitor for social engineering attacks targeting customer service agents
Ensure AI agents follow pricing policies consistently
The signal is fully integrated into Profile configuration and displays in prompt details with probability scores.
SIEM Integration
Added integration point for SIEM providers, enabling organizations to forward Aiceberg security data to their existing data warehouses and analytics platforms for centralized security operations and compliance reporting.
Improvements
Monitoring & Visualization
Session Indentation: Session views now use visual row indentation instead of left-side blue lines, creating a more intuitive conversation thread visualization that makes multi-turn interactions easier to follow.
Radar Chart Completeness: Resolved issue where security signals were missing from the radar chart on the Dashboard, ensuring complete at-a-glance visibility into security posture.
Collection Last Fired: Added "last fired" timestamps to collection displays in Monitoring, making it easier to identify which test suites have been recently executed and need attention.
Signal Detection
Code Requested Blocking: Fixed critical issue where Code Requested signals weren't properly blocking interactions in Enforce mode, closing a security gap for organizations preventing code generation in sensitive contexts.
Sentiment Trace Data: Resolved issue where sentiment analysis was creating traces with empty text, which was cluttering trace views and affecting analysis accuracy.
Intent Data Visibility: Corrected missing intent data in trace views, restoring complete signal detection visibility for security analysis.
Illegality Signal Display: Removed redundant "illegality" pill from trace views that was showing "no refs" alongside specific subcategory indicators (e.g., cyber crimes). This eliminates confusion and maintains consistency with other signal categories that display only their specific subcategory flags.
LLM Security Label: Corrected signal labeling where "LLM Security" was appearing instead of the more specific "Instruction Override" designation. Trace views now consistently display the appropriate instruction override pills at the top level, improving clarity when analyzing adversarial attack attempts.
Bugs Fixed
Resolved HTML rendering errors after profile deletion that were preventing proper page display
Fixed slash/circle icon overuse throughout the UI, improving visual clarity
Corrected checkbox rendering issues in Cannon page that were preventing proper run selection
Fixed API key checkbox rendering problems in API Management
Eliminated duplicate data queries for collection "last fired" dates, improving page load performance
Resolved invalid input handling that was causing unclear error messages
Fixed test environment issues affecting Cannon execution and prompt classification
UI/UX Enhancements
Profile Action Icons: Made each profile action icon visually distinguishable, reducing errors when users need to quickly access specific profile management functions.
Profile Defaults: Changed default profile settings on creation to better align with common enterprise security requirements, reducing initial configuration time.
This release delivers critical performance improvements and data optimization that reduce processing overhead and accelerate security analysis workflows. We've resolved major issues affecting the Cannon and CSV upload functionality, enhanced trace visualization with sentiment analysis, and streamlined our data architecture for faster processing. These updates strengthen platform reliability while preparing the infrastructure for upcoming role-based access control features.
New Features
Sentiment Analysis in Trace
Trace views now display sentiment analysis results directly in the conversation flow, providing security teams with emotional context when investigating potentially problematic interactions. This capability helps identify:
User frustration patterns that may precede social engineering attempts
Emotional manipulation tactics in multi-turn attacks
Behavioral anomalies that correlate with security incidents
Sentiment data appears alongside other security signals in trace views, enabling holistic analysis of interaction patterns.
Intent & CPVS Neighbors in Trace
Trace now displays semantic neighbors for Intent and CPVS (Content Policy Violation Signals), showing related content chunks that share similar characteristics. This feature helps security analysts understand the broader context of flagged content and identify patterns across similar interactions.
Improvements
Cannon Reliability
Production Execution: Resolved critical issue preventing Cannon runs from executing in production environment, restoring batch testing capabilities for security teams.
Run Navigation: Fixed navigation bug where tapping a Cannon run was applying filters instead of directing to monitoring results, improving workflow efficiency when reviewing test outcomes.
CSV Upload Restoration: Resolved CSV uploader failures across test and staging environments, restoring the ability to bulk import prompts for security testing.
Monitoring Integration: Cannon runs now properly display in monitoring views when filtering by Cannon log group, ensuring complete visibility into batch test results.
Monitoring & Display
Overview Population: Fixed issue where Overview pages weren't consistently populating with data, particularly affecting Playground and Cannon activity summaries.
Profile Name Handling: Resolved layout breaks caused by long profile names in Overview displays, maintaining clean interface regardless of naming conventions.
Debug Mode Feedback: Improved UI feedback in debug mode with proper loading states and toast notifications, making it easier for developers to troubleshoot integration issues.
Event Icons: Updated event type icons for better visual distinction between different interaction types in monitoring views.
Bugs Fixed
Resolved prompts missing from monitoring when filtering to Cannon view
Fixed CSV uploader functionality across test and staging environments
Corrected email verification warning display in User Management
Eliminated sticky selector column setting issue in staging monitoring
Fixed blocklist toggle issue where enabling turned off blocklists and prevented re-enabling
UI/UX Enhancements
Mobile Optimization: Implemented VirtualizedInfiniteList in Cannon page for mobile devices, improving performance and scroll behavior for security teams working from tablets or phones.
Dashboard Clarity: Removed system actions from dashboard donut charts, focusing visualization on user-initiated interactions that are more relevant for security analysis.
Infrastructure & Security
API Gateway V2 Verification: Completed verification that Cannon and Playground functionality remains intact with new API Gateway v2 endpoints, ensuring smooth transition to improved infrastructure.
Onboarding Enhancement: Aiceberg onboarding emails now include company name, improving brand recognition and reducing confusion for new users during account setup.
Authentication UX: Fixed issue where incorrect customer ID submission would resubmit on every keystroke change, improving login experience and reducing accidental lockouts.
This release introduces comprehensive Role-Based Access Control (RBAC) infrastructure, marking a major milestone in enterprise readiness. We've expanded session tracking capabilities across all API versions, enhanced Use Case functionality with validation and filtering improvements, and significantly improved Listen mode flexibility. These updates enable organizations to implement fine-grained permissions across security teams while ensuring consistent user experience and supporting diverse deployment scenarios.
API Changes
Session Tracking in V1 API: The v1/events API now supports session tracking, enabling conversation context maintenance across all API versions. This enhancement provides consistent session management regardless of which API endpoint organizations integrate with.
Listen Mode Flexibility: Listen mode now accepts payloads containing both input and output without requiring an event_id. The event_id is only required when providing output without input, enabling more flexible integration patterns for organizations performing security analysis on existing interaction logs.
New Features
Language Detection Signal
Aiceberg now detects the language(s) used in prompts and responses, enabling you to identify potential data exfiltration risks or policy violations when unexpected languages appear in AI interactions. This capability is particularly valuable for organizations operating in regulated environments or those requiring language-specific content policies.
Language detection data is available throughout the platform:
Profile configuration allows language-based policy enforcement
Prompt details display detection per interaction
Integration with Code Present signal for enhanced filtering accuracy
Agent Instruction Signal
Monitor when LLMs provide instructions or directives to agents in your agentic workflows. This new signal specifically classifies the response side of agent-LLM interactions, helping you detect when models are issuing unexpected commands or guidance that could indicate alignment issues or security concerns.
The signal displays:
All detected instructions with their categories and subcategories
Percentage probabilities for each instruction type
Full visibility regardless of enforcement mode
Single unified view in monitoring for streamlined analysis
Role-Based Access Control (RBAC)
Aiceberg now provides comprehensive RBAC infrastructure enabling organizations to implement fine-grained access control:
Role Management:
Create custom roles with specific permission sets tailored to organizational needs
Assign users to roles programmatically via API or through the user interface
Define role hierarchies that align with security team structure
This capability enables organizations to implement principle of least privilege, ensuring team members have exactly the access they need for their security responsibilities.
Enhanced Use Case Management
Name Validation: Use Cases now prevent duplicate names, eliminating confusion when managing multiple agentic workflow configurations. The platform validates uniqueness both at creation and save, ensuring clear identification of security policies.
Description Handling: Long Use Case descriptions no longer expand the width of creation screens, maintaining consistent layout and readability when documenting complex multi-agent workflow configurations.
Filtering Improvements: Resolved Use Case filtering issues in monitoring views, ensuring proper isolation of interactions by workflow type when analyzing security signals.
Profile Navigation Enhancement
Profiles now include direct navigation links to their filtered Monitoring logs, reducing clicks required to investigate security signals and improving workflow efficiency for security analysts moving between configuration and analysis tasks.
Improvements
Signal Distribution Accuracy
Instruction Override Inclusion: The Signal Distribution spider graph on Overview pages now properly includes Instruction Override flagged counts. Previously, this critical adversarial signal category was missing from the visualization despite being detected and logged.
The fix ensures security teams have complete visibility into all signal categories when assessing overall security posture at a glance.
User Management
User Retrieval Reliability: Resolved critical issue preventing user retrieval in test environment, restoring full user management capabilities for security administrators.
Tools Menu Completeness: Fixed missing items in tools menu, ensuring all platform capabilities are properly accessible to users based on their permissions.
Monitoring Experience
Color Persistence: Resolved issues with signal color highlighting remaining consistent across page interactions, improving visual continuity when analyzing security patterns.
API Key Management: Fixed checkbox rendering in API key management interface, restoring ability to properly select keys for bulk operations.
Bugs Fixed
Resolved user retrieval failures in test environment
Fixed missing tools menu items affecting feature discoverability
Corrected Use Case filtering not properly isolating workflow interactions
Eliminated checkbox rendering issues in API key management
Fixed persistent color highlighting for signals across page interactions
Infrastructure & Integration
Session Context Maintenance: With session tracking now available across all API versions, organizations can maintain conversation context regardless of integration approach, supporting both modern and legacy implementations.
Role Data Models: Established robust data structures for RBAC, providing foundation for future permission enhancements including resource-level access control and custom permission definitions.
Listen Mode Integration: The enhanced Listen mode flexibility supports organizations that:
Perform batch security analysis on historical interaction logs
Analyze outputs from systems where the original prompt isn't available
Conduct post-hoc security assessments of AI interactions from third-party platforms
This change simplifies integration for retrospective security analysis use cases.
This release focuses on strengthening enterprise infrastructure with enhanced session management capabilities, language detection features, and shadow AI analysis foundations. We've improved integration management, expanded developer tooling for safer deployments, and resolved critical bugs affecting monitoring and user experience. These updates prepare Aiceberg for expanded AI security monitoring across diverse deployment environments.
API Changes
Sessions Monitoring Endpoint
New endpoint enables comprehensive session tracking and conversation context maintenance, supporting both real-time monitoring and retrospective analysis of multi-turn AI interactions.
New Features
Language Detection Signal
Aiceberg now detects the language(s) used in prompts and responses, enabling organizations to identify potential data exfiltration risks when unexpected languages appear in AI interactions. This capability supports regulatory compliance and language-specific content policies.
Language detection data is available:
Profile Configuration: Language-based policy enforcement settings
Monitoring Display: Language shown in monitoring drawer prompt context
Signal Configuration: Updated profile language signals for accurate detection
Shadow AI Analysis Infrastructure
Initial infrastructure for shadow AI analysis has been established, laying the groundwork for detecting unauthorized AI service usage across organizations. This foundation enables future SIEM integrations for comprehensive AI usage visibility.
Improvements
Integration Management
Revamped Integration Page: Complete redesign of the integration interface improves usability for configuring third-party security tools and SIEM connections.
Documentation & Developer Experience
Enhanced Documentation Links: Updated links throughout monitoring empty states and sidebar to ensure users can quickly access relevant documentation:
Monitoring page guidance
API usage instructions
Use cases, profiles, collections, models
Tools: cannon, integrations, users, roles, API keys
OpenAPI Specification Management: Created shared GitHub action to automatically upload OpenAPI specs to S3 on test deployments, improving API documentation accuracy.
Bugs Fixed
Incorrect Prompt Reporting: Resolved issues preventing prompt reporting functionality across all environments
Synqly Integration: Fixed NoneType error in Synqly event posting that caused integration failures
Session Tracking: Resolved session data accuracy issues affecting conversation context
Infrastructure & Integration
Session Management Foundation
Established robust session tracking capabilities that will enable:
Conversation context maintenance across API versions
Multi-turn interaction analysis
Agent workflow monitoring in future releases
This release delivers significant performance enhancements through GPU-accelerated PII detection, comprehensive session management improvements, and critical infrastructure optimizations. We've strengthened deployment pipelines with enhanced safety checks, improved monitoring capabilities with better session filtering, and resolved key issues affecting alert delivery and data persistence. These updates advance Aiceberg's enterprise readiness while optimizing operational costs.
New Features
Enhanced Session Management
Automatic Session Filtering for Use Cases: When filtering to a specific use case in monitoring, the sessions view now automatically enables with visual feedback. The "only sessions" toggle has been repositioned beneath the Profile picker with a color pulse animation for clarity.
Time-Based Sessions: Re-added time-based session tracking, enabling organizations to analyze conversation patterns and user interaction timing across their AI systems.
Sessions Monitoring Endpoint: New dedicated endpoint provides comprehensive session data retrieval for advanced analytics and reporting.
Monitoring Experience
Signal Detection Accuracy: Fixed Code Requested signal detection, ensuring proper flagging of prompts requesting code generation or code-related assistance.
Named Entities Resolution: Resolved query failures affecting Named Entities detection after migration to prompt log dynamic table.
Documentation Access: Updated help documentation links in monitoring interface for improved user guidance.
Alert Management
Conditional Alert Delivery: System now verifies alerting is enabled before sending notifications, preventing unwanted alert spam and respecting user preferences.
Bugs Fixed
Session Data: Resolved EventSessionData saving failures
Named Entities: Fixed query failures after database schema migration
Code Requested Signal: Corrected detection logic for code-related prompts
Alert Delivery: Fixed alerts sending when alerting is disabled
Synqly Integration: Resolved NoneType errors in event posting
Session Intelligence
Comprehensive session management enables:
Use Case Isolation: Automatic filtering shows only relevant conversation flows
Temporal Analysis: Time-based session tracking reveals usage patterns
Alert Intelligence
Conditional alert delivery ensures:
Respect User Preferences: Only send notifications when explicitly enabled
Reduced Noise: Prevent alert fatigue from misconfigured systems
Operational Efficiency: Teams receive relevant security alerts only
This release resolves critical production issues affecting prompt visibility, enforce mode functionality, and integration reliability. We've strengthened test automation infrastructure, improved monitoring accuracy for RAG-enabled workflows, and enhanced security with upgraded dependency versions. These updates ensure consistent data visibility across environments while advancing platform stability for production deployments.
Critical Fixes
Prompt Visibility Resolution
Missing Prompts Restored: Resolved critical issue where prompts typed into the playground and collections processed through the cannon were not appearing in monitoring views. This affected data visibility across staging and impacted customer-facing demonstrations.
Enforce Mode Stability
500 Error Resolution: Fixed critical error in ENFORCE mode where string/dictionary type mismatch caused HTTP 500 failures. System now properly handles content analysis with forward_to_llm enabled, ensuring reliable enforcement of security policies.
New Features
Performance Analytics
RAG Timing Separation: RAG and Prompt Analysis timing now tracked separately. This prevents long RAG processing times from skewing prompt analysis statistics, enabling accurate performance monitoring for both RAG-enabled and standard workflows.
Dashboard RAG Metrics: Added dedicated RAG timing outputs in dashboard statistics, providing visibility into retrieval-augmented generation performance impacts.
Improvements
User Interface
Light Mode Text Readability: Fixed text rendering issues in light mode, ensuring consistent readability across all theme preferences.
Documentation Links: Updated help documentation links throughout monitoring interface and sidebar navigation for improved user guidance.
Security & Dependencies
PII Model Updates:
Upgraded PII model version in test environment
Validated PII detection on both CPU and GPU instances
Maintained detection accuracy while improving performance
Integration & External Services
Synqly Integration Stability: Fixed NoneType iteration error in Synqly event posting, ensuring reliable security event forwarding to external SIEM platforms.
Monitoring & Analysis
Session Filtering Enhancement: Improved automatic session view toggling when filtering by use case, with repositioned controls and visual feedback for better user experience.
Bugs Fixed
Prompt Visibility: Resolved missing prompts in playground and cannon results
Enforce Mode: Fixed HTTP 500 errors in ENFORCE mode with forward_to_llm
Synqly Integration: Corrected NoneType iteration error in event posting
Light Mode: Fixed text rendering and readability issues
Code Requested Signal: Improved detection accuracy and reliability
Infrastructure & Integration
Enforce Mode Reliability
Enhanced enforcement capabilities ensure:
Policy Application: Reliable blocking/flagging of security violations
Error Handling: Proper type checking prevents service disruptions
LLM Forwarding: Stable operation with forward_to_llm enabled
Performance Observability
RAG timing separation provides:
Accurate Metrics: True prompt processing performance visibility
Workflow Optimization: Identify RAG vs. analysis bottlenecks
Capacity Planning: Data-driven infrastructure scaling decisions
Last updated