Release Notes

April 15, 2026

Enhancements

Functionality

Smart Lists Updates

Added scorecards to the Users and Devices lists, displaying total, authorized, and unauthorized entries.
Enhanced the Sources dropdown with free-form search for easier filtering and selection.

C3PAO Workflow Improvements

Added a Lead Assessor field to the Phase 1 Pre-Assessment tab.
Introduced bulk deletion of cells in grid view for improved data management.
Updated SharePoint artifact handling: synced artifacts now include a toggleable checkbox, allowing assessors to manually confirm which artifacts should be included in the eMASS report.

Walkthrough Experience

Users are now prompted with a confirmation warning when returning to a walkthrough and modifying previously submitted answers.

CMMC L2 Overview

Added a time range selector to the SPRS Score Over Time widget for more flexible historical analysis.

User Interface

Moved the system-level gear icon from the header into the System Selector, where it now appears on hover for a cleaner layout.

Bug Fixes

Fixed an issue where Smart List email notifications could not be disabled.

April 8, 2026

Enhancements

Functionality

Smart Lists Filters

Added filtering to the Users and Devices smart lists for faster, more targeted data views.

Evidence Upload and Permissions Improvements

Users can now rename evidence files directly within the upload modal.
A new File Interaction permission has been introduced. Any user assigned this permission can view and download existing evidence files, giving teams more flexibility in how access is managed.

RPO Workspace Improvements

The flow for marking a control as Partial in the RPO workspace has been updated to be more intuitive, with clearer guidance for users working through partially met controls.

Policy Manager Updates

Policy Manager now supports creating policies without requiring domain grouping, offering greater flexibility in how the policies are structured.

ODP Manager

The ODP Manager has been updated to display objective and control mappings alongside DoD values and reference information, giving users a more complete picture in one place.

Lookup List Sync Detailed Failure Messages

Failure details are now shown when a lookup sync fails, helping users identify the root cause and resolve issues faster.

User Interface

The labels in the Lookup List type column have been updated to be clearer and easier to understand at a glance.

April 1, 2026

Enhancements

Functionality

Smart Lists Updates

Introduced bulk authorization and revocation actions directly within the Users and Devices smart lists.
The Status field is now editable via field enrichment, reducing the need to navigate away.
Improved the toast notification shown when Send Report finds no unauthorized users. The message is now clearer and more actionable.

C3PAO - New Status and SharePoint Integration

A new In Progress score has been introduced, giving assessors a more precise way to indicate when a control is being worked on.
SharePoint is now integrated with the C3PAO edition, making it easier to connect and reference documents stored in SharePoint during assessments.

Evidence Improvements

Improved the evidence upload process to make the choice between uploading a file and adding a link more prominent and intuitive.

SSP Generation - CMMC 2.0 L1 Support

SSP generation is now supported for CMMC 2.0 Level 1.

Bug Fixes

Fixed an issue where users were unable to clear a selection in the "standards acceptance" field.
Resolved a bug where scheduling an automation run or lookup list sync would fail to save.

March 25, 2026

Enhancements

Functionality

Task Manager – Recurring Tasks

Introduced a new recurring task management interface within the Task Manager, enabling users to create and manage tasks that repeat on a defined schedule.

Evidence – Associate Existing Evidence with Objectives

Users can now associate existing evidence directly with objectives, streamlining evidence management and reducing duplication.

Automations – Export Results as CSV

Added the option to export automation results as a .csv file, making it easier to analyze and share automation data outside the platform.

C3PAO – Assessor Workspace Improvements

A new QA Mode has been introduced, visible to the assigned QA reviewer, providing a dedicated view to support quality assurance workflows within the assessment process.
The status field has been moved to a higher level within the Assessor Workspace, making it more prominently visible and easier to reference during assessments.

SSP – System Components: Category Dropdown & Location Field

The Category dropdown has been updated to feature the five standard CMMC asset categories: CUI Asset, Security Protection Asset, Specialized Asset, Contractor Risk Managed Asset, and Out-of-Scope Asset. Users may also enter a custom free-text value, which will be saved and made available as a preset for future entries.
A new Location field has been added, allowing users to designate whether a component resides On-Premise or in the Cloud.

Getting Started Walkthrough & Header Count Improvements

The objective description has been added to the Getting Started Walkthrough to provide users with better context as they onboard.
Header counts in Getting Started have been updated to include N/A controls and objectives for a more complete overview.

System Header – Edit Active System Shortcut

A new shortcut has been added to the header, allowing users to quickly edit the active system without navigating away from their current view.

March 18, 2026

Enhancements

Functionality

Session Timeout Update

The default session timeout has been updated to 30 minutes to improve security and align with best practices.

C3PAO – Assessor Workspace: Artifacts Checklist

A new Artifacts Checklist has been added to the Assessor Workspace, allowing C3PAO users to select which artifacts are exported into eMASS, giving assessors greater control over their export workflow.

User Interface

Renamed License Editions

License editions have been renamed for greater clarity. The updated edition names are ASCERA ConMon and ASCERA Advanced.

Bug Fixes

Fixed an issue where the left navigation bar was cut off on smaller screens when multiple sections were expanded simultaneously.
Resolved an issue preventing users from replacing existing evidence.
Fixed an issue where status icons at the objective level overlapped on smaller screens.

March 10, 2026

Enhancements

Functionality

Email Notifications for User List

Added a new email notification capability for the Users list. Notifications can now be scheduled with daily, weekly, or monthly frequencies, and also support custom cron job scheduling for advanced configuration.

System Log Event Tracking Added new system log events to improve auditability and system transparency:

Organization-Defined Parameter (ODP) values are updated.
Automation readiness status changes.

Policy Manager Improvements

The organization name and system name are now dynamically inserted in the Policy Manager, improving document accuracy and reducing manual updates.

C3PAO – Assessor Workspace Introduced a new Assessor Workspace designed for C3PAO users, including:

Detailed control views
Expandable objective details
Seamless navigation between layouts for easier assessment workflows.

User Interface

Objective Layout Improvements Improved the layout for objectives that include automations and associated tasks. These are now organized into two dedicated tabs:

Automations
Tasks

Evidence Form Simplification

Removed the Name field from evidence to streamline the interface.

Improved ODP Refresh Error Messaging

Enhanced the error message displayed when attempting to refresh an item whose ODP value has not been set, providing clearer feedback to users.

Bug Fixes

Fixed an issue where the Task Assignee dropdown list would not display correctly and users could be replaced while scrolling.

March 5, 2026

Enhancements

Functionality

Getting Started Experience We introduced improvements to help organizations begin their compliance journey faster and with less manual setup.

New Getting Started Flow that guides users through initial setup with a series of questions designed to jumpstart the compliance process.
Enhanced SSP Import that now pulls basic information directly from the System Security Plan to accelerate configuration.
Additional Setup Wizard Fields, including:
- Organization Legal Name
- Organization Short Name

Policy Management We introduced the Policy Manager, a centralized capability for managing compliance policies.

Provides policies for each framework family where policies and related artifacts are supported.
Includes prebuilt templates or the option to upload custom policies.
Supports policy editing using the rich text editor for easier customization.

Evidence Collection

Added a new Evidence Request task type to support structured evidence collection as part of compliance workflows.

Rich Text Editor Improvements

Added support for image insertion.
Added support for dynamically inserting System Name and Organization Name.

Activity Tracking

Updated the Recent Activity section to include additional event types, providing greater visibility into system actions.

February 25, 2026

Enhancements

Functionality

ComplyAI Enhancements

Added reference tags to ComplyAI chat replies when context is used, improving transparency and traceability of responses.

Role Management

Implemented functionality to delete custom roles, giving administrators greater control over role lifecycle management.

List Enrichment

Built enrichment rule functionality for Lists, enabling enhanced data enrichment and customization.

Rich Text Editor Improvements

Added a highlighting feature to the rich text editor to improve content readability and emphasis.

Policy Template Enhancements

Added anchor links in policy templates to simplify navigation within lengthy policy documents.

User Interface

Workspace Naming Improvements

Renamed the Advisory Assessor and C3PAO Auditors workspaces to provide clearer distinction and improve overall usability.

February 18, 2026

Enhancements

Functionality

SSP Import

Updated SSP import to allow partial extracted control data to be successfully imported, reducing failures when source data is incomplete.

Policy Manager

Added Related Artifacts support to improve traceability and documentation linkage.
Enabled ComplyAI within the Policy Manager for enhanced policy analysis and automation.
Improved table editing capabilities within the rich text editor for a smoother editing experience.

ODP Management

Added a new filter for acknowledged values on the ODPs page, making it easier to review and manage confirmed parameters.

C3PAO Tier

Updated the “Requirements in POA&M” column for C3PAO licenses to auto-update based on control or objective scores.

Reporting

Added support for CMMC Level 1 Assessment Reports.

Task Manager Improvements

Enhanced filtering options on the Task Manager page to improve task visibility and navigation.

User Interface

Hidden unrelated pages when operating in the C3PAO tier, providing a more focused and streamlined user experience.

Bug Fixes

Fixed an issue where clicking Create Task from a control menu would not display the creation dialog until the Task menu was expanded.

February 11, 2026

Enhancements

Functionality

Updated Analyst Permissions

Expanded permissions for Compliance Analysts and Security Analysts, allowing them to make system-level edits where appropriate.

User Authorization Dashboard Notifications

Added configurable email notifications and alerts to keep stakeholders informed of authorization-related events.

Task Enhancements & Associations

Introduced control and objective associations for tasks, improving traceability across compliance workflows.
Added a Tasks section to the Control Details page, enabling users to view and manage tasks directly from the control context.

C3PAO Tier Improvements

Implemented new logic for the “Requirement in POA&M” field.

User Interface

CMMC Level 2 Matrix Responsiveness

Improved the behavior and layout of the CMMC Level 2 matrix on smaller screens for a better responsive experience.

Bug Fixes

Fixed an issue where POA&M “Per Page” settings were not functioning correctly.
Resolved a problem where SSP ingestion remained enabled despite an expired license.

February 4, 2026

Enhancements

Updated Users list

Users now include Status, Notes, and Actions fields.
Users can now authorize and unauthorize assets directly from the list.

Improved Error Handling

Error handling has been updated to display explicit, user-friendly error messages.

ODP Manager Updates

The ODP Manager has been updated and improved for a better management experience.
Users can now acknowledge ODP values.

January 28, 2026

Enhancements

Task Management & System Identities

Added the ability to create a System Identity directly from the task form, streamlining task assignment workflows.
Introduced a dedicated email notification type that triggers when a System Identity is assigned a task, ensuring clearer and more targeted notifications.
Updated the Task Manager card design to include a task type icon, with the full task type displayed on hover for improved visual clarity and usability.

Implementation Statements

Added a Review feature for Implementation Statements that analyzes content and provides suggestions to improve clarity, quality, and completeness.

January 21, 2026

Enhancements

Task Manager Improvements

Flexible Card Layout: Task cards can now be positioned vertically, giving users greater control over how tasks are organized and viewed.
Enhanced Email Notifications: Email notifications have been improved so that task creators now receive a detailed email summarizing all changes made by another user, increasing visibility and collaboration.

Bug Fixes

Smart List Merge: Fixed an issue where multi-value key fields were not being split correctly during comparison.
Licensing Page: Resolved a problem where the License Duration field did not display the correct license expiration date.

January 14, 2026

Enhancements

Functionality

New: Task Manager We’ve introduced a Task Manager to help track, manage, and review work more effectively.

View all tasks in a centralized board
Create new tasks
View detailed task information
Delete tasks when no longer needed
Support for Evidence Request and Required Review task types
Filter the task board by Assignee and Task Type
Email notifications

Framework Improvements

Improved framework persistency throughout the application to ensure a more consistent and reliable experience

C3PAO Enhancements

Added support for copying and pasting data across multiple cells into other rows, improving efficiency when managing tabular data

Bug Fixes

Fixed an issue where adding a long Description or System Summary on the SSP page caused UI elements to render off-screen

December 24, 2025

Enhancements

Functionality

C3PAO Workflow Improvements

Introduced a streamlined C3PAO license flow that allows the assigned QA to set an objective’s status to Pass or Fail, automatically moving the objective to the appropriate column.
Added an Assessor Notes column to the C3PAO page, providing assessors with a dedicated space to capture and review notes during evaluations.
Added a Missing Required Fields counter to the Requirements and Requirement Objectives tabs for C3PAO licenses.
Ensured persistence of pinned fields and column order on the Requirement Objectives view for C3PAO licenses, improving usability across sessions.

Validation & Data Integrity

Added a warning message when importing statuses from a template if control statuses do not align with objective statuses, helping prevent accidental inconsistencies.

Bug Fixes

Fixed an issue where inheritance marked at the child level was not reflected at the parent level, ensuring inheritance is now displayed consistently across hierarchy levels.

December 17, 2025

Enhancements

Functionality

Assessment Status Management

Introduced a new In Progress status for non-assessment statuses.

C3PAO Assessment Improvements

Enhanced the C3PAO Requirement Objectives tab with the following new columns:
- Status
- QA
- QA Comments
Updated role-based permissions for assessment workflows:
- Only the assigned Assessor can move objectives from Not Started → In Progress → Ready for QA.
- Only the assigned QA can move objectives from Ready for QA → Complete.
Implemented automatic generation of overall comments for C3PAO Assessments based on assessor findings.
Added status count cards to the Overview tab of the C3PAO page, providing at-a-glance visibility into assessment progress.

User Interface

Control Details Page Enhancements

Improved the overall design of the Control Details page for better usability.
Repositioned and elevated the Assign Control Owner and Operator fields for improved visibility.
Moved the DoD Weight to a more prominent location.
Expanded the Details section to display more information without truncation.

General UI Improvements

Updated download template buttons across list views to include a clear download icon.
Added a confirmation notification when users upload evidence files without associating them to controls or objectives.

Bug Fixes

Fixed an issue where uploading an evidence file at the objective level incorrectly affected the total evidence file count for other objectives within the same control.
Resolved a layout issue where objective-level POA&Ms could overflow the page, causing UI elements to be cut off or displayed off-screen.

December 3, 2025

Enhancements

Functionality

Updated the Users built-in lookup list to include the following new columns for improved visibility and user context:
- Domain
- Phone Number
- Type
- Display Name

User Interface

Updated the eMASS report template to the latest 3.7 version.

Bug Fixes

Fixed an issue where duplicate connector names were permitted when updating an existing connector.
Resolved a problem that caused users to be logged out when the inactivity timeout was disabled.

November 26, 2025

Enhancements

Functionality

Implementation Statement Management

ComplyAI now supports full interaction with Implementation Statements, allowing users to:
- Create new Implementation Statements
- Update existing Implementation Statements
- Delete Implementation Statements
All changes made to Implementation Statements are now automatically recorded in the Activity Log section on the Control Details page, providing improved traceability and audit visibility.

Session Management

Implemented the ability to turn off the session inactivity timeout, giving administrators greater flexibility in managing user sessions.

Lookup List Improvements

Updated the availability of lookup lists based on license type.
Updated the lookup list schema to support array data types, enabling more flexible data structures.

Navigation Enhancements The main navigation bar has been updated to improve usability and organization:

Control Matrix and Control List are now standalone tabs.
A new ConMon Maintain tab has been introduced, containing:
- Automations
- Connectors
A new Lists tab has been created, containing:
- ODPs
- Lookup Lists
- Users
- Devices

User Interface

Moved the View Default info icon to the left, next to Revert to Default, for better visual alignment and usability.

Bug Fixes

C3PAO dropdown fields now correctly display existing entries.
Fixed an issue with horizontal scrolling on dropdown fields.
Corrected the MFA status indicator on the Users page so that it no longer appears as disabled when MFA is active.
Resolved an issue where a blank screen was displayed during login and logout.

November 19, 2025

Compliance (CUIComply)

Enhancements

Functionality

SSP Generation Updates:
- Updated the Generate SSP functionality to automatically detect the currently selected framework, ensuring accuracy and reducing manual selection errors.
- Implemented a warning message for unsupported frameworks during SSP generation so users are aware when a chosen framework cannot be processed.
ComplyAI (formerly Copilot) Updates:
- Renamed Copilot to ComplyAI, reflecting its expanded role in compliance support.
- Introduced control references and knowledge base search capabilities directly within the chat interface, making guidance more contextual and intelligent.

ACE/CCM Automation (ASCERA)

Enhancements

Functionality

Automation Improvements:
- Added a Run button to the Automation page, enabling users to trigger automations directly with a single action.
- Improved toast notifications for automations to provide clearer, more consistent feedback during automation runs.
Lookup & Smart List Enhancements:
- Improved the lookup list schema editor for a smoother, more intuitive editing experience.
- Smart Lists Updates:
  - Added the ability to sort columns for easier data exploration.
  - Added the ability to rearrange columns to support customizable views.
  - Updated the Smart List page to include three structured tabs: Overview, Sources, and Field Configuration.
  - Added a preview of the selected lookup when configuring it as a source, improving clarity during setup.

November 12, 2025

Compliance (CUIComply)

Enhancements

Functionality

Copilot improvements:
- Enhanced the copilot’s ability to answer user inquiries about multiple controls within a framework.
- Improved the copilot’s accuracy in identifying implementation statements for CMMC Level 2 controls.
- Added support for the copilot to modify implementation statements directly.
Assessor Workspace updates:
- The Assessment Observations field is now pre-populated with the objective letters to streamline assessor workflows.
Connector enhancements:
- Added a Create button to the Connector Profiles – Configured tab.
- Added the ability to create a connector directly from the Security Controls – Available tab by clicking the Security Control you wish to configure a connector for.
System creation updates:
- Removed the POA&M and system videos from the Create System Wizard final page to simplify the workflow.

User Interface

Removed the guidance shortcut card to simplify the interface.
Added control status totals on the Assessor Workspace page for improved visibility into assessment progress.

Bug Fixes

Fixed an issue where the session expiration warning appeared incorrectly when updating the session timeout, causing users to experience spontaneous logouts.
Resolved a caching issue that caused the default implementation statement to persist between pages.

November 5, 2025

ACE/CCM Automation (ASCERA)

Enhancements

Functionality

Added a new Connector column to the ODPs page, making it easier to quickly identify which connector each ODP relates to.
Smart Lists Enhancements
- Increased pagination size to 30 rows per page for improved data visibility and reduced navigation.
- Introduced a priority auto-complete feature when adding sources to streamline workflows and reduce manual effort.
- Renamed the “Key Configuration” tab to “Field Configuration” to better reflect its purpose.
Updated ACE Snapshots to exclude status changes for ACE-only automations, reducing noise and ensuring more relevant status context.

October 29, 2025

Compliance (CUIComply)

Enhancements

Functionality

Improved Assessment Workflow: The Implementation Statement and Control Status fields will now automatically enter read-only mode when users are viewing the Assessor Workspace tab, ensuring data integrity during reviews.
Rich Text Editing for Gap Assessments: Gap Assessment Observations and Recommendations fields have been upgraded with rich text editors, allowing users to create clearer, more detailed documentation.

Bug Fixes

Resolved an issue where users were stuck in trial mode after purchasing a license.
Fixed a bug where closing a POA&M associated with only one objective would incorrectly update the corresponding control status to Met.

ACE/CCM Automation (ASCERA)

Bug Fixes

Eliminated a 500 server error that occurred when running automations with connector-specific inputs.

October 14, 2025

Compliance (CUIComply)

Enhancements

Functionality

Copilot Improvements: Enhanced the copilot’s ability to answer users’ inquiries about multiple controls within a framework, providing more comprehensive responses.
System Security Plan (SSP) Updates:
- Created separate pages for Network Diagrams and Data Flow Diagrams for improved organization and readability.
- Created separate pages for Components and Identities to streamline navigation and editing.
- Improved the SSP Builder for smoother and more efficient plan creation.

User Interface

Assessment Labels: Relabeled assessment-related elements for greater clarity and usability.

Bug Fixes

Fixed an issue where the control picker displayed filtered options.
Fixed the issue where the SPRS line chart was hidden when the score is 0.
Fixed an issue where the copilot displayed an error message after every message following the first.
Resolved an issue where editing a system component caused attachment-related issues.

ACE/CCM Automation (ASCERA)

Enhancements

Functionality

Lookup Connectors: Creating a lookup list–type connector now automatically creates a related lookup list that can be synchronized with the connector.

User Interface

Connector Profiles: Enhanced the connector cards in the Available tab to be more visually appealing and intuitive.

October 7, 2025

Compliance (CUIComply)

Enhancements

User Interface

Added helpful placeholder text and an info tooltip to the Identifier field in the System Security Plan (SSP) to guide users during data entry.
Improved table, text, and link formatting throughout the SSP for a cleaner, more consistent presentation.

Bug Fixes

Fixed an issue where the CMMC framework appeared as an ID number when returning from Stripe after downgrading from an L2 trial to L1.

ACE/CCM Automation (ASCERA)

Enhancements

Functionality

The Security Controls page now includes two new tabs — Configured and Available — providing a clearer view of which controls are active versus ready to be set up.

September 30, 2025

Compliance (CUIComply)

Enhancements

Functionality

Smarter Copilot on Requirements Matrix: Copilot now automatically detects the active framework when used on the Requirements Matrix page, ensuring more accurate and context-aware results.

User Interface

POA&M Closure Modal Update: Fixed the acronym spelling in the Confirm POA&M Closure modal for improved clarity and consistency.

ACE/CCM Automation (ASCERA)

Enhancements

Functionality

Direct Navigation to Splunk: Automations mapped to Splunk now include links that take you directly to the corresponding Splunk instance for faster access and troubleshooting.
Search by Automation ID: On the Connector Profiles – Available tab, you can now quickly locate specific automations using their Automation ID.

September 23, 2025

Compliance (CUIComply)

Enhancements

Functionality

You can now search for a string across all implementation statements, making it easier to find relevant content quickly.
Sensitivity labels are now included when exporting the SSP.
The Artifacts field on the C3PAO page has been updated to an input-type field for smoother data entry.

User Interface

Tutorial videos are now available in two places: for Systems in the final step of the System Setup Wizard and for POA&Ms on the POA&M Management page, helping guide you through setup and management.
The Recent Activity widget on the Overview page now displays up to 5 rows for a cleaner view.
A warning banner has been added to notify you when the accessed domain does not match the license.

Bug Fixes

Resolved an issue where the Control Details page would appear blank when navigating from the Assessor tab to a control that does not display the Assessor tab.

ACE/CCM Automation (ASCERA)

Enhancements

Functionality

Connectors now support multiple categories, giving you more flexibility when organizing them.
Added support for the Test Connection functionality when creating Syncly-associated connector profiles to validate configurations before use.

User Interface

Connector profile cards in the Available tab of the Connector Profiles page now feature background colors for easier identification.

Bug Fixes

Fixed an issue where the Automation ID was difficult to see on mouse hover when the application was in dark mode.

September 16, 2025

Compliance (CUIComply)

Enhancements

Functionality

Default Implementation Statement Indicator: You’ll now see an indicator on the Control Details page that shows when a default implementation statement is in place.

ACE/CCM Automation (ASCERA)

Enhancements

User Interface

Security Controls in Objectives: Objectives listed on the Control Details page now include related security controls for clearer context.

September 9, 2025

Compliance (CUIComply)

Enhancements

Functionality

Export POA&Ms as PDF: Users can now export Plans of Action and Milestones (POA&Ms) directly to PDF, making it easier to share and retain documentation in a universally accessible format.
Resizable Evidence Columns: The Name and File columns on the Evidence page can now be resized, giving users greater flexibility when reviewing and managing evidence.
Associate Existing Evidence Across Controls: Evidence can now be linked to additional controls directly from the Control Details page, reducing duplication and improving traceability.
Copilot Window Expansion: The Copilot window is now available on the Overview, Requirements Matrix, and Requirements List pages, bringing AI assistance into more workflows.
Increased Evidence File Size Limit: The maximum supported size for evidence file uploads has been increased to 30 MB, allowing users to store and manage larger supporting documents.
Framework Switching Improvements: When switching frameworks, users will now remain on the Control Details page if the frameworks have similar controls, streamlining navigation and reducing context switching.

Bug Fixes

Resolved an issue where refreshing the Audit Logs page returned a JSON response instead of the expected interface.

ACE/CCM Automation (ASCERA)

Enhancements

Functionality

Search Filter for Lookup Lists: A new search filter has been added to the Lookup Lists page, helping users quickly locate and manage lookup entries.

Bug Fixes

Fixed a bug preventing users from editing custom lookup lists, restoring full edit functionality.

September 2, 2025

Compliance (CUIComply)

Enhancements

Functionality

Closing a POA&M now updates the status of its associations to Met.
Added support for uploading and managing .html files as evidence.
Introduced Control filtering in the Requirements and Requirements Objective tabs on the C3PAO page.

User Interface

Added a spinner to indicate when a page is loading.
Updated the loading skeleton structure on the Overview page for a smoother experience.
Fixed vertical alignment in the Settings dropdown menu.

Bug Fixes

Resolved an issue where the back button did not behave correctly on the Assessments page.

ACE/CCM Automation (ASCERA)

Bug Fixes

Fixed a problem where connectors mapped to benchmark checks automation were not fetching mappings correctly.
Corrected a bug where the breadcrumbs menu was broken on the Automation Details page.

August 26, 2025

Compliance (CUIComply)

Enhancements

Functionality

System Inheritance: Added support for System Inheritance, enabling more flexible assessments.
LLM Copilot: Introduced Ask a CCA, a new feature that lets you interact directly with the Copilot for faster insights.
C3PAO Page Improvements:  Expanded functionality on the C3PAO page to help streamline assessments and reporting:
- Added a control matrix for a clearer view of controls.
- Introduced the ability to generate reports directly from C3PAO data.
- Added start date, end date, and hash date to the Assessment tab.
- Added multiple new input fields on the Requirement Objectives tab.
- Introduced SSP functionality to support system security planning.
- Added search functionality to the Requirements tabs for easier navigation.
Control Details Page: Updated the behavior of the breadcrumbs menu for more intuitive navigation.

User Interface

Refreshed the loading skeleton on the Overview page for a smoother experience.
Updated the shortcut cards on the Overview page to improve usability.

August 19, 2025

Compliance (CUIComply)

Enhancements

Functionality

Custom Compliance Data Import: Users can now import custom compliance data for all supported frameworks.
Expanded Evidence File Support: Added the ability to upload .vsdx files as evidence across Chrome, Firefox, Safari, and Edge.
Improved Evidence Export: Users can now export either all evidence or only filtered evidence for more flexibility.
Assessment Updates:
- Removed the Generate Internal Report feature.
- Updated the Assessment Report template to include the client name and SPRS score.
- Updated the Internal Report to include notes.
C3PAO Access: Tenants with the C3PAO license now have access to a dedicated C3PAO-specific page.
Framework Support: Introduced support for the NIST CSF V2.0 framework.

User Interface

Updated navigation panel icons for a refreshed look.

Bug Fixes

Evidence search now works across all pages.
Fixed an issue where evidence tag order was incorrect.
Resolved wrapping issues for SPRS Score and Met Controls on Safari.

ACE/CCM Automation (ASCERA)

Enhancements

User Interface

Moved the search field on the Security Controls page to improve usability.

Bug Fixes

Fixed the connector input order for Microsoft Defender for Endpoint in the details drawer to match the order in the create window.
Corrected an issue where clicking on a row opened the wrong lookup list.

August 12, 2025

Compliance (CUIComply)

Enhancements

Functionality

Guidance Tab in Control Details: Added a new Guidance tab on the Control Details page, providing expanded information about each control.
SSP Report Authorizing Field: Introduced an Authorizing Official field in the SSP report for clearer documentation.
Matrix View for Assessments: Added a matrix view of assessor statuses on the Assessments page for improved status tracking.

Bug Fixes

Resolved wrapping issues affecting SPRS Score and Met Controls display in Safari.

ACE/CCM Automation (ASCERA)

Enhancements

Functionality

Automation Snapshot History: Users can now view prior snapshot data associated with previous automation runs.
Automation Page Filtering: Added filtering capabilities to the Automations page for quicker navigation and data refinement.

User Interface

Collapsible sections and snapshots now span the full width of the page for better readability.

Bug Fixes

Fixed an issue where the Items per page selector was not functioning on the ODPs page.
Corrected a problem preventing deletion of connector profiles linked to existing lookup lists.

August 5, 2025

Compliance (CUIComply)

Enhancements

Functionality

New Filter: Added a “Has POA&M” filter to both the Requirements Matrix and Requirements List, making it easier to identify items with associated POA&Ms.

User Interface

SSP Table Enhancements:
- Centered the text in Control Owner and Control Status cells for a cleaner look.
- Now displays the user’s email address for added context.
Owner/Operator Selector: Updated to show the user email, improving clarity when assigning responsibilities.

Bug Fixes

Fixed an issue where the Owner/Operator modal was missing a loading state and didn’t automatically close or update after saving.
Resolved a bug where the Change Password functionality was not working.

ACE/CCM Automation (ASCERA)

Enhancements

Functionality

Lookup List Improvements:
- Added sorting by name for faster navigation.
- Introduced a new Type column to clearly distinguish between custom and default lookup lists.
Search Enhancements: Improved the search functionality on the Security Control Details page for more accurate and relevant results.
Automation Feedback: Formatted automation feedback for workflows created using the builder for clearer insights and easier debugging.

User Interface

Scorecard Styling: Refreshed the color for the Info type scorecard to improve visual distinction.

Bug Fixes

Fixed a problem where lookup list connectors were not appearing as selectable options in the External Sync dropdown.

July 29, 2025

Compliance (CUIComply)

Enhancements

Functionality

Single Sign-On (SSO) Support: We've introduced SSO to streamline authentication and make access management easier for your organization.

User Interface

Lookup Edit Modal Improvements: Updated external sync fields to enhance clarity and usability.
Synchronize Button Tooltip: Revised the tooltip text to better reflect the button’s purpose and improve user understanding.

Bug Fixes

"Renew Your License" Link: This link now correctly redirects users to the Licensing page.
Evidence File Replacement: Replaced evidence files are no longer compromised during uploads.

ACE/CCM Automation (ASCERA)

Enhancements

User Interface

Control Mapping: Enhanced the description to provide clearer context when mapping controls.

Bug Fixes

Connector Modal Issue: Fixed an issue where the "Create Connector" modal appeared blank.

July 22, 2025

Compliance (CUIComply)

Enhancements

Functionality

New Notes Section: A collapsible Notes section has been added to the Control Details page, giving users space to record context or comments.
Evidence Replacement: Users can now replace existing evidence files, streamlining document updates.
Tab Key Support: The Implementation Statement field now supports the Tab key for better text formatting and accessibility.
Expanded File Support: Users can now upload .ics, .vsdx, and .md files as evidence, supporting a wider range of documentation types.
Persistent Tab Selection: The Active tab now remains selected when navigating between controls, improving user workflow.
Default Audit Log Range: The audit logs date picker now defaults to a 7-day range, providing quicker access to recent activity.

User Interface

Updated Word SSP Template: The Word SSP template has been refreshed for improved structure and readability.
Removed Internal Tab: The Internal tab has been removed from the Control Details page to simplify the interface.
Menu and Header Icons:
- All menu items now have icons for better visual navigation.
- The icons for Documentation, Settings, and User have been reduced in size to declutter the header.

Bug Fixes

Recent Activity Widget: Fixed an issue where the Recent Activity widget appeared as loading indefinitely for users without log access.
System Name Duplication: Addressed a bug that allowed duplicate system names, ensuring system uniqueness is maintained.

ACE/CCM Automation (ASCERA)

Enhancements

Functionality

Smart Lists Introduced: Introduced Smart Lists, which enable the dynamic generation and management of reusable content within the system.
Connector Profile Search & Filter: Added a search bar and a category dropdown filter to the Connector Profiles page to support more efficient navigation and filtering of connector configurations.

User Interface

Improved Connector Error Messages: Error messages when testing connectors have been reformatted for clarity, helping users troubleshoot issues faster.
ODP Dropdown Icons: Added intuitive icons for lookup lists and smart lists in ODP dropdowns, making list types instantly recognizable.

July 15, 2025

Compliance (CUIComply)

Enhancements

Functionality

System Creation Wizard: The system creation process has been updated to use a step-by-step wizard, making it easier and more intuitive to build systems from the ground up.
Copilot Default Prompts: Introduced a set of default prompts for Copilot to help users get started quickly and improve overall usability.

User Interface

SSP Numbered Flow: Added a numbered flow to the System Security Plan (SSP) interface, providing users with a clearer visual guide through each section of the plan.

ACE/CCM Automation (ASCERA)

Enhancements

Functionality

Connector Profile Page Improvements : We've updated the Connector Profile page to improve usability and organization. It now features two tabs:
- Configured – Displays all currently configured connector profiles.
- Available – Displays cards for all connector profiles that users can configure.
- This streamlined layout helps users easily distinguish between what’s already set up and what’s available for setup.

Bug Fixes

Resolved Lookup List Data Error for Compliance Analysts : Fixed an issue where Compliance Analysts encountered a data error when accessing lookup lists. This fix ensures accurate and consistent data visibility.

July 8, 2025

Compliance (CUIComply)

Enhancements

Functionality

Quick Synchronization for Assessor Objectives: Added a new feature to quickly synchronize assessor objective statuses with their associated controls, streamlining the assessment process.
CAGE Code Character Requirement Updated: Updated the CAGE Code field to enforce a strict 5-character requirement for improved data accuracy.
Persistent Copilot Chat: The Copilot chat window now remains open and continues generating responses even after navigating away from and back to the page.
Rich Text Editor Table and Hyperlink Support: Implementation statement editors now support tables and hyperlinks, allowing for more structured and readable content.
PowerShell Evidence Support: Users can now upload PowerShell scripts as evidence, expanding the types of acceptable file formats.

User Interface

Copilot Elements Labeled as Beta: Added a Beta label to all Copilot-related UI elements to reflect their current development status.
Refined Association Column: Improved the visual design of the Association column in both the Evidence page and the Evidence section for better readability.

Bug Fixes

Consistent Association Order: Fixed a bug where associations were not consistently displayed in order.
Matrix/List Load Issue with DoD Weights: Addressed a problem preventing the Matrix and List views from loading when both DoD weights 3 and 5 were selected.

ACE/CCM Automation (ASCERA)

Enhancements

Functionality

Lookup List Synchronization Notifications: Introduced notifications to keep users informed when lookup list synchronizations occur, improving transparency and awareness of background updates.

July 1, 2025

Compliance (CUIComply)

Enhancements

User Interface

Control Wizard Updates: The Confirmation step in the control wizard now includes optional system fields, giving users more visibility and control during final review.

ACE/CCM Automation (ASCERA)

Enhancements

Functionality

Expanded External Sync Support: The Lookup List External Sync option now supports all lookup connectors, offering greater flexibility and integration with your data sources.

User Interface

Improved Lookup List Window: Users can now see additional details in the Lookup List window, including the last sync date and time, as well as the number of elements displayed versus the total — making it easier to assess sync status at a glance.

June 24, 2025

Compliance (CUIComply)

Enhancements

Functionality

Copilot Availability: The LLM Copilot is now enabled for all users, enhancing accessibility across the platform.
- LLM Copilot Onboarding: Introduced a welcome message for the LLM Copilot to help users get started quickly.
- Copilot Settings Management: Created a new section in Settings for enabling or disabling the Copilot.
ODPs Link Visibility: The ODPs link has been hidden to streamline navigation and reduce unnecessary clutter for users.

User Interface

Evidence Page Buttons: Updated the button styling for the "Upload Evidence" and "Export Evidence" buttons on the Evidence page for improved visual consistency and usability.

Bug Fixes

Unexpected Logout: Fixed an issue where the user was logged out after accessing the Assessor tab, ensuring a more stable user session.
Documentation Links: Resolved broken documentation links to restore access to support resources and reference materials.

ACE/CCM Automation (ASCERA)

Enhancements

Functionality

Users Default Lookup Schema: Added a new "Enabled" field to the schema for the Users default lookup, allowing better control over user status.
Domain Overview Enhancements: Updated domain labels in the Domain Overview chart and linked them to the Requirements List for improved navigation and context.

User Interface

Button Styling: Updated the button styles in the Edit Lookup List dialog to remove the primary button appearance, improving visual consistency.

Bug Fixes

Failed Login Attempts: Corrected the response sent when failed login attempts are exceeded, ensuring proper handling.
Tenant Deletion Issue: Fixed an issue where the system was not found after the active tenant of a user was removed by a super admin.
Lookup List Creation: Resolved an error encountered when creating a Lookup List.
Automation Navigation Error: Fixed a bug where users encountered a 500 error when switching systems while on an automation’s details page.
SSP Generation: Addressed an issue where the SSP could not be generated, ensuring smoother documentation processes.

June 17, 2025

Enhancements

Functionality

ASCERA Copilot
- Input fields are now enabled while receiving LLM responses.
- Added a Stop Streaming button to give users more control during interactions.
Evidence File Support
- Users can now associate evidence files at the domain level, enhancing traceability and flexibility in documentation.

Bug Fixes

Edit ODP Modal
- Resolved an issue where the Edit ODP modal failed to load data on the Security Controls page.
POA&Ms Page
- Fixed a bug causing data on the POA&Ms page to not load successfully.
LLM Copilot
- Addressed an intermittent issue where the Copilot failed to fetch data correctly.
Set Password Page
- Fixed visibility issues with text on the Set Password page when the application is in dark mode.
Captcha Validation
- Resolved a problem where a Captcha error message appeared even after successful verification on the Registration and Forgot Password pages, particularly under slow internet conditions.

June 10, 2025

Enhancements

Functionality

Added Mock Connector support for Falcon Spotlight.
Updated the Rapid7 Snapshots section for better accuracy.
Curricula: Updated mock server to support positive snapshots.
Clarified that certain 1-Point Controls cannot be POA&Med.
Improved CI/CD with enhanced code quality checks.
SSP Generator: Now uses the actual control status in generated .docx documents.
Added Test Connector support for CrowdStrike.
Elasticsearch:
- Added support for CCM Workflow and Snapshots for ASC.AU-0002 automation.
- Added support for ACE Workflow for ASC.AU-0002 automation.
- Developed a POC for AU-0002 automation.
LLM Copilot:
- Integrated Single Source of Truth (SSoT) context into LLM responses.
Enabled users to associate evidence files with an entire domain.
Persisted the last selected tenant/system/framework across login sessions.
Added audit logging for control status changes made by automations.

User Interface

Renamed Test Connectors to Mock Connectors for clarity.
Renamed Created At column to Created on the Connector Profile page.
Added a thank-you message for users after license purchases.
Redesigned the Security Controls page as a single unified table, with color coding for each domain.
Rolled out several UI improvements on SSP pages for better usability.

Bug Fixes

Fixed an issue where the POA&Ms page failed to load.
Resolved loading errors in the Edit OPD modal on the Security Controls page.
Fixed inability to update Assessor fields on control detail pages.
LLM Copilot: Restricted access to assessor data for non-assessor users.
KnowBe4: Resolved mock data duplication issues.
Fixed failures in Curricula automations.
Corrected wording on the Assessments page.
Made the Set Password page text visible in dark mode.
Fixed UI stretching issues when zooming in on browsers.
Ensured exported SSP files include complete information.
Resolved issue where users were logged out after completing a subscription payment.
Fixed Captcha error messages that appeared despite successful verification under slow internet conditions on the Registration and Forgot Password pages.

June 3, 2025

Enhancements

Functionality

Control Weights Support: Added control weights for frameworks that utilize them, enhancing scoring accuracy and prioritization.
New Filters: Introduced DOD weights and Is POA&M-able filters in both the Requirements List and Requirements Matrix for applicable frameworks.
LLM Copilot Improvements: Refined Copilot responses to be more concise, improving readability and reducing noise.

User Interface

Connector Details: Removed pagination from the Connector Details page for a smoother navigation experience.
Label Update: Renamed "Readiness Status" to "Automation Status" for better clarity.
CUIComply Styling: Updated the color of the Buy Now button for improved visual consistency.

Bug Fixes

Framework Selector: Resolved an issue where the last selected framework was not retained upon login.
Assessment Saving Errors: Fixed errors that prevented users from saving content in the Assessments and Recommendations fields on a control’s Internal and Assessor tabs.

May 27, 2025

Enhancements

Functionality

Objective Status Updates: The assessor report now includes the Partial status for objectives, offering a more detailed view of assessment progress.
Improved Connector Usability: The Test Connection button has been repositioned for better visibility on connectors that support this feature.
Expanded Evidence Support: Users can now associate evidence files with all controls available in the system while on the Control Details, ensuring more comprehensive documentation.

User Interface

Splunk Connector UI: Updated the post creation modal for improved clarity and usability.
LLM Copilot Enhancements: Introduced response animations in the chat interface, providing a more dynamic user experience.
Assessment Reporting: Added the SPRS score to the summary chart sheet of the assessment report for supported frameworks.
171 Rev 3 Support: Control descriptions have been added for NIST 800-171 Revision 3 to improve context and clarity.
Navigation Updates: The Overview page path now reflects the selected system and framework, improving consistency across the app.

Bug Fixes

ODP Label Correction: Fixed the label for Number of Days ODP to ensure accuracy.
UI Alignment: Corrected the misaligned label displaying days left in trial.

May 20, 2025

Enhancements

Functionality

Quick Access Dropdown: Added a dropdown menu to the Control Details page, making it easier to quickly navigate to other controls.
Breadcrumbs Navigation: Introduced a breadcrumbs menu on both the Automation Details and Control Details pages for smoother, intuitive navigation.

User Interface

ODP Styling Improvements: Updated the box and font size for ODPs in the Description column on the Security Controls Configuration page to improve readability.
Radar Chart Updates: Updated domain IDs in the Domain Overview radar chart to align with NIST 800-171A Rev2.
Control Wizard Enhancement: Introduced a landing page step in the Control Wizard to guide users through the process.
Trial Info Display: Added a “Days left in trial” text element in the header to keep users informed about their trial period.

Bug Fixes

Fixed a typo in the "Identifier" column header on the Systems page.

April 15, 2026​

Enhancements​

Functionality​

User Interface​

Bug Fixes​

April 8, 2026​

Enhancements​

Functionality​

User Interface​

April 1, 2026​

Enhancements​

Functionality​

Bug Fixes​

March 25, 2026​

Enhancements​

Functionality​

March 18, 2026​

Enhancements​

Functionality​

User Interface​

Bug Fixes​

March 10, 2026​

Enhancements​

Functionality​

User Interface​

Bug Fixes​

March 5, 2026​

Enhancements​

Functionality​

February 25, 2026​

Enhancements​

Functionality​

User Interface​

February 18, 2026​

Enhancements​

Functionality​

User Interface​

Bug Fixes​

February 11, 2026​

Enhancements​

Functionality​

User Interface​

Bug Fixes​

February 4, 2026​

Enhancements​

January 28, 2026​

Enhancements​

January 21, 2026​

Enhancements​

Bug Fixes​

January 14, 2026​

Enhancements​

Functionality​

Bug Fixes​

December 24, 2025​

Enhancements​

Functionality​

Bug Fixes​

December 17, 2025​

Enhancements​

Functionality​

User Interface​

Bug Fixes​

December 3, 2025​

Enhancements​

Functionality​

User Interface​

Bug Fixes​

November 26, 2025​

Enhancements​

Functionality​

User Interface​

Bug Fixes​

November 19, 2025​

Compliance (CUIComply)​

Enhancements​

Functionality​

ACE/CCM Automation (ASCERA)​

Enhancements​

Functionality​

April 15, 2026

Enhancements

Functionality

User Interface

Bug Fixes

April 8, 2026

Enhancements

Functionality

User Interface

April 1, 2026

Enhancements

Functionality

Bug Fixes

March 25, 2026

Enhancements

Functionality

March 18, 2026

Enhancements

Functionality

User Interface

Bug Fixes

March 10, 2026

Enhancements

Functionality

User Interface

Bug Fixes

March 5, 2026

Enhancements

Functionality

February 25, 2026

Enhancements

Functionality

User Interface

February 18, 2026

Enhancements

Functionality

User Interface

Bug Fixes

February 11, 2026

Enhancements

Functionality

User Interface

Bug Fixes

February 4, 2026

Enhancements

January 28, 2026

Enhancements

January 21, 2026

Enhancements

Bug Fixes

January 14, 2026

Enhancements

Functionality

Bug Fixes

December 24, 2025

Enhancements

Functionality

Bug Fixes

December 17, 2025

Enhancements

Functionality

User Interface

Bug Fixes

December 3, 2025

Enhancements

Functionality

User Interface

Bug Fixes

November 26, 2025

Enhancements

Functionality

User Interface

Bug Fixes

November 19, 2025

Compliance (CUIComply)

Enhancements

Functionality

ACE/CCM Automation (ASCERA)

Enhancements

Functionality