# 2026
29 April **New Features:** * Added customer feedback capture to Just-In-Time Landing Page in Phishing Simulator > Campaign Reports, allowing administrators to view feedback submitted by employees on the landing page directly inside the Phishing campaign report — feedback is visible in the per-user Clicked breakdown, in row-level Export, and in the Summary Export, allowing administrators to capture qualitative response data alongside the click metrics. * Added Activity Timeline access for "Deleted" employees in Company > Target Users, allowing administrators to view the historical activity timeline of any soft-deleted employee — including training enrollments, simulation interactions, and login events — the same way they would for active employees, without restoring the account. * Added multi-category support to Awareness Educator > Training Library, allowing administrators to assign a single training to multiple categories at once and filter the library by any assigned category — existing single-category trainings continue to display unchanged, and content duplication and input validation behave correctly when multiple categories are assigned. * Added Microsoft Teams Notification Templates to Company > Company Settings > Notification Templates, allowing administrators to create, duplicate, edit, and delete dedicated Teams templates per module (Training Enrollment, Reminder, etc.) with Preferred Language localization, merge tags, and customer-brandable content — replacing the previous static HTML flow. * Added `{SURVEYLANGUAGESELECTION}` merge-tag support to Microsoft Teams enrollment notifications, ensuring multi-language survey trainings sent via Teams render the correct localized survey link per recipient's preferred language — previously the tag rendered only in email delivery. **Improvements:** * Improved Agentic AI > Autonomous Campaigns reliability and scale by enhancing how the platform tracks campaign progress, automatically recovers from temporary failures, and dispatches large sends in smaller controlled batches — allowing fully-autonomous campaigns (those that run without administrator approval) to complete reliably for larger employee populations. * Added Strict vs Adaptive Script Mode to Agentic AI > Vishing Campaigns, allowing administrators to choose how strictly the AI agent follows the configured scenario — in Strict mode the agent never asks questions outside the scenario scope (for example, will not ask for city, device, or Wi-Fi after MFA prompts), while in Adaptive mode the agent may dynamically expand scope and the active mode is shown to the employee. Strict is the default; the mode is selected at vishing campaign setup. * Added richer call outcome tracking to Agentic AI > Vishing Reports, replacing the previous binary answered / no-answer logging with five outcome states — "Answered – Hung Up Immediately" (≤3 seconds), "Answered – Refused", "Answered – Partial Engagement", "Voicemail Only", and "No Answer" — all of which are visible and filterable in the reporting screen, allowing administrators to analyse call results with much greater precision. * Added locale and accent locking to Agentic AI > Vishing Campaigns, allowing administrators to choose a region at campaign setup (UK English, US English, Australian English, or Spanish — Spain) — the selected locale locks the voice model and phonetic dictionary so the agent's accent stays consistent for the entire call instead of drifting mid-conversation. * Removed mid-call educational content from Agentic AI > Vishing simulations, ensuring the AI agent stays in-character throughout the call and that all educational content (manipulation tactic explanations, correct-behaviour guidance) is delivered only in the post-simulation review screen — IT Helpdesk and CEO Fraud scenarios no longer route employees to "official IT" channels mid-call. * Improved Agentic AI > Vishing intro timing, turn-taking behaviour, and iPhone call-screening handling, ensuring the AI agent waits for the employee to actually answer (not the screening prompt) before speaking, opens with a natural greeting from the start (for example, "Hi, is this \[Name]?") instead of mid-sentence, applies a configurable 0.5–1.5 second pause for a human-paced opening, and gives the employee time to say "Hello" before responding — voicemail and screening fallback now leaves a persona-consistent message under 20 seconds instead of looping. * Improved Microsoft Teams Notification Templates with smoother content rendering, correct activity-link handling across environments, and clearer required-field validation in the template editor. * Improved Phishing Simulator > Settings > Domains and Landing Page Template > Page Settings by replacing remaining "Blacklist" and "Blacklisted" terminology with "Blocklist" and "Blocklisted", completing the platform-wide alignment with inclusive-language standards. * Improved Phishing, Smishing, and Callback Simulator search and filter performance, dropping the response time from approximately 30 seconds to under 2 seconds on tenants with high scenario counts — the "Your request took too long" error no longer appears. * Improved SMS delivery to Turkish phone numbers for Login one-time codes and Awareness Educator training notifications, ensuring both now arrive with the registered "Keepnet" alphanumeric sender header in compliance with the 1 April 2026 BTK regulation. * Improved Agentic AI search response time across the platform, allowing administrators to find activities, campaigns, and AI-generated content more quickly on tenants with large data volumes. * Improved Vishing Simulator API responses by including the target user's email address in all campaign and reporting endpoints, allowing customers to correlate simulation results with their HRM systems using email as the shared identifier instead of phone number only — change is backward compatible and does not break existing integrations. * Improved Company > New Company and Companies filter Industry dropdown by adding "Gaming" and "Logistics" options, allowing onboarding teams to classify customer companies into sectors previously missing from the list and filter reporting accordingly. * Improved Agentic AI training delivery by switching to 50-user send batches with delay spacing, enabling per-user retry instead of whole-campaign retry, and raising worker timeout ceilings for campaigns exceeding the default 30-second limit, reducing timeouts on large approval-gated sends. * Improved Agentic AI screen load time by caching the per-tenant enabled-state lookup, reducing database load on heavy-traffic tenants and lowering page-render time on Agentic AI screens. **Bug Fixes:** * Fixed an issue in Awareness Educator surveys where one employee who completed all 40 questions had only 31 of their answers reflected in the session results, ensuring all 40 question interactions are now captured for any survey marked as "Completed". * Fixed an issue in Awareness Educator > Training Library and Enrollments tables where the "Duration" column rendered empty for Learning Path entries, ensuring the duration of every Learning Path is now displayed correctly in both tables. * Fixed an issue in SCIM Department-based sync where deleted department groups could not be reactivated after a customer reset their SCIM configuration, manually deleted the matching groups, and re-ran Restart Provisioning — leaving employees unassigned to their correct department. The fix now reactivates the existing record and assigns employees to the correct department on re-sync, applying to all SCIM-using customers. * Fixed an issue in Awareness Educator > Enrollments > Learning Path where the configured Distribution Day delay caused the next step's enrollment email to never queue even after an employee completed the prerequisite step, ensuring next-step enrollments are now correctly queued and dispatched once the configured wait window elapses. * Fixed an issue in Incident Responder where URL-based threat detections returned by the URL analysis integration as "Blacklisted" were displayed under a non-standard "Blacklisted" Result, ensuring URL-source threats are now normalised to "Phishing" in both the Reported Emails list Result column and the email detail page — attachment-source "Malicious" results remain unchanged. * Fixed an issue in Quishing Simulator > Campaign Manager where the Printout Campaign rendering threw an error when administrators clicked the three-dot menu and then Print Preview, ensuring printout campaigns now render correctly. PDF download is also now available for Quishing campaigns from the same menu. * Fixed an issue in Quishing Simulator > Email Templates where clicking SAVE on a newly-created email template left the button non-functional, ensuring the Save action now persists the template successfully. * Fixed an issue in Phishing Simulator > Campaign Reports > Reporters where simulation reports submitted by employees through the third-party Proofpoint Phishing Add-in Button (PAB) were dropped by the platform's inbound email handler and never appeared under Reporters, ensuring Proofpoint-forwarded reports are now parsed correctly — the original reporting employee is extracted from the inner email headers of the EML attachment and matched to the campaign. Reports submitted directly to the Keepnet add-in continue to work unchanged. * Fixed an issue in Companies grid where applying the "Content Vendor" filter still showed companies that did not use the selected vendor, ensuring the filter now lists only matching companies and clearing the filter restores the full default list. * Fixed an issue when creating a new company where the platform sometimes failed to find existing System certificates due to internal pagination limits, ensuring certificate lookups now work reliably regardless of the certificate count in the system. * Fixed an issue in Agentic AI > Campaign Manager PDF export where the "Scenario Distribution" column was empty for AI-generated campaigns, ensuring exported PDFs now display the correct distribution data. * Fixed an issue in Agentic AI > Activities where sends to an empty target group (zero employees) were marked as "Successful" instead of "Failed", ensuring the activity status now correctly reflects that no delivery occurred. * Fixed an issue in Agentic AI > Activities where approving training campaigns targeting 100 or more employees displayed an "Approve All" timeout error to the administrator even when the underlying job had completed successfully, ensuring administrators now see accurate completion status for large approval batches. * Fixed an issue in SCIM Provisioning where two Entra ID accounts with different Object IDs mapped to the same Keepnet Target User record and could silently overwrite each other during sync, ensuring distinct Entra ID accounts (for example a standard account and an admin account belonging to the same person) now remain as independent Target Users after sync and both receive training campaigns. * Fixed an issue in Awareness Educator > Enrollments > Learning Path where the Sending Report of a later step listed users who had not yet completed the previous step as "In Queue", ensuring only users who have completed the prerequisite step are queued for the next step's enrollment email and the Sending Report reflects actual delivery eligibility. * Fixed an issue in Agentic AI training delivery where approving an enrollment targeting 100 or more employees created a duplicate target group and the send completed with "Delivery 0/0 / Finished" status, ensuring large approval-gated sends no longer create auxiliary groups and campaigns deliver to the intended recipients. * Fixed an issue in Agentic AI Activity reporting where opening an Activity whose scenario type did not match its activity type returned HTTP 404 on the report screen, ensuring mismatched payloads are now validated at submission and the report screen renders a clear error instead of a broken page.
14 April **New Features:** * Added Chat Simulation to Agentic AI > Training Library as a new Microlearning content type, delivering employees an interactive conversation that authentically replicates the interface of SMS, WhatsApp, Teams, Slack, Telegram, Instagram, or LinkedIn — with an AI playing the role of an attacker — allowing organizations to train employees to recognize and resist social engineering attacks in the exact messaging channels they encounter daily. * Added Customer Feedback View to Incident Responder, displaying comments and context that employees submitted alongside their phishing report, allowing administrators to review user-provided details when triaging reported emails. * Added Just-In-Time Landing Page support to Quishing Simulator > Campaigns, enabling an awareness landing page to appear immediately after an employee scans a simulated malicious QR code, allowing administrators to deliver targeted security education at the exact moment of interaction. **Improvements:** * Improved Agentic AI > Activities by enabling individual approval of training batches — administrators can now approve a single batch from the activity list without affecting others in the same autonomous run, allowing precise control over which training content is sent and when. * Improved Agentic AI > Activities by enhancing the activity decline and retry workflow — declined activities now surface clear error details to the administrator, and retried activities are correctly linked to their originating records, allowing administrators to track and manage the full lifecycle of autonomous campaign activities without losing context. * Improved Smishing Simulator > Scenarios and Campaigns by converting preview screens into side drawers, aligning the preview interaction with the consistent drawer-based pattern used across the platform. * Improved Target Users > People > Import From LDAP > Select Users by adding a "Preferred Language" column to the user table, allowing administrators to verify each user's configured language before confirming the sync. * Improved the Download button behavior across all report and list views — the button is now disabled when the table contains no data, preventing the export error that previously occurred when attempting to download from an empty table. * Improved the Target Users import template by adding a Preferred Language format example to the downloadable sample file, allowing administrators to correctly format the column when preparing bulk import files. * Added Egyptian Arabic and Nigerian English language support to the platform, allowing customers to assign and deliver trainings and campaigns to employees in these locales. * Added US phone number support to the platform's SMS sending infrastructure, allowing Smishing simulations and SMS-based notifications to be delivered to employees in the United States. * Added Switzerland and Poland phone number support to the platform's SMS sending infrastructure, allowing Smishing simulations and SMS-based notifications to be delivered to employees in these countries. **Bug Fixes:** * Fixed an issue in Agentic AI > Activities where clicking the approve button rapidly — or triggering concurrent approval requests — caused duplicate campaigns to be created from the same activity, ensuring each activity produces only one campaign regardless of request timing. * Fixed an issue in Agentic AI > Activities where the error tooltip shown for sends targeting an unverified domain was empty, giving administrators no information about why the send was blocked, ensuring the tooltip now displays the correct error message. * Fixed an issue in Agentic AI > Activities where the search field returned no results and the "Set as Default Filter" preference was not retained after saving, ensuring both search and default filter settings now work as expected. * Fixed an issue in Agentic AI > Campaigns where the "Scenario Distribution" column was empty for all campaigns in the list view, ensuring the column now correctly displays distribution data and supports filtering by this field. * Fixed an issue in Agentic AI > Training Library where content generated by the AI was saved without a value in the required "Role" field, causing downstream validation failures, ensuring the Role field is always populated when AI creates new training content. * Fixed an issue in Awareness Educator > Auto-Enroll where Learning Path, Poster, and Infographic content types were not processed by the service and remained stuck in "In Queue" indefinitely, ensuring all supported content types are now enrolled and dispatched correctly. * Fixed an issue in Phishing Simulator > Campaigns where employees who interacted with a simulated phishing link did not receive the follow-up awareness training — the training dispatch job remained stuck in "In Queue" — ensuring post-phishing training is now sent reliably after a click event is recorded. * Fixed an issue in System Settings > Reports where scheduled reports were not delivered for system users whose notification settings were null, causing report dispatches to fail silently, ensuring the platform now falls back to company-level settings when user-level settings are not configured. * Fixed an issue in the Outlook Add-in where a "SyntaxError: Unexpected end of JSON input" error caused the add-in to fail on launch when the API returned an empty response, ensuring the add-in loads correctly regardless of whether the response body is empty. * Fixed an issue in Target Users > Import Users From a File > Step 3: Validate Information where using the search field returned an HTTP 500 error, ensuring the search field works correctly during the import validation step. * Fixed an issue in Phishing Simulator > Campaign Manager where the "Users" column in weekly recurrence campaigns displayed the total recipient pool instead of the users targeted in the current cycle — for example, showing 361 instead of 19 — ensuring the column reflects the correct count for each recurrence. * Fixed an issue in Phishing Simulator > Scenarios where scenarios with multiple Role or Tag assignments appeared duplicated in the list view — the retrieval function was returning the same scenario multiple times — ensuring each scenario appears only once in the list regardless of how many roles or tags are assigned. * Fixed an issue across Phishing, Quishing, Smishing, Callback, and Vishing Simulator where bulk-deleting Templates or Scenarios that were actively used in running campaigns either silently returned zero deletions with no explanation or — in the case of Vishing templates — deleted the records outright, ensuring active resources are now protected from deletion and administrators receive a specific message indicating how many items were deleted and how many could not be deleted due to active campaign usage. * Fixed an issue in Awareness Educator > Sending Report where employees who opened a SCORM training across multiple sessions or on separate days had their completion status and exam results not recorded — the session data failed to save when more than one session was active — ensuring SCORM progress is captured correctly regardless of how many sessions the employee opens. * Fixed an issue in Email Threat Simulator > Scan Report > Sent Attacks where attack records from a completed scan were not displayed in the tab, ensuring all sent attack details are visible once a scan finishes.
18 March **New Features:** * Added a Reporters flow to the Reports > Advanced Reports > Executive Summary of Social Engineering Campaigns diagram, displaying the number of users who submitted phishing reports alongside other campaign flows, allowing admins to track reporting behavior within a single campaign overview. * Added department-level ranking and comparison to Security Growth Employee Dashboard, displaying each employee's rank within their department and each department's rank relative to others, allowing admins and employees to track competitive security awareness performance across the organization. * Added +100 points to the Gamification Report > User Timeline when a user completes the Just-In-Time Learning page after a phishing simulation, allowing admins to reward employees who engage with security awareness content delivered through the phishing simulation flow. **Improvements:** * Improved Awareness Educator > Enrollments > Sending Report by displaying active certificate configuration on the Summary page, allowing admins and support teams to confirm whether certificate delivery was enabled and which settings were applied when the enrollment was sent. * Improved Just-In-Time Landing Page by displaying a more descriptive Untrusted Domain warning and showing the full simulation URL on the same screen, allowing admins to deliver a clearer phishing awareness message and reducing ambiguity about the simulated link. * Improved Agentic AI to return an explicit fallback response when a question falls outside its knowledge scope or when confidence is insufficient, preventing fabricated answers and ensuring users receive transparent guidance instead of incorrect information. * Improved AI agent behavior for phishing email template and landing page creation, editing, and updates, ensuring templates are generated and applied correctly so admins can use phishing scenarios without encountering generation or save errors. * Improved GrapeJS Email Template Editor by enabling merge tag insertion at the cursor position within text boxes, allowing admins to add tags such as {FIRSTNAME} accurately at the intended location and personalize email templates without manual workarounds. * Improved Awareness Educator > Training Library > Grid View and Drawer by displaying multiple language options in a cleaner, more structured layout, making it easier for admins to browse and filter training content by language. * Improved Phishing Reporter > OWA Add-in by showing a clear user-facing message when the browser blocks the reporting popup, adding an automatic redirect fallback, and logging technical details for monitoring, allowing users to understand and resolve the issue without contacting support. * Improved Phishing Simulator > Phishing Scenarios by displaying a Duplicate option instead of an Edit option in the scenario preview modal for users without edit permission, ensuring read-only users can create copies of scenarios without encountering a permission error. * Added three new US sender phone numbers to Smishing Simulator > Campaign Manager > SMS Settings > Sender Phone Number, allowing admins to select additional US numbers when targeting US-based users in smishing campaigns. * Improved Phishing Simulator > Phishing Scenarios > Scenario Preview by displaying the Red Flag indicator for the From Email Domain field, allowing admins to identify suspicious sender domains directly within the scenario preview without opening the full editor. **Bug Fixes:** * Fixed an issue in Phishing Simulator > Campaign Manager where creating a New Instance returned a server error when the campaign’s Clicked User Group had been deleted, ensuring campaigns that reference an active Smart Group prevent its deletion and New Instance creation completes without errors. * Fixed an issue in Phishing Simulator > Phishing Scenarios > Landing Page editor where selecting an option from the AI Ally Suggestions dropdown caused the editing drawer to close unexpectedly, ensuring the drawer remains open so admins can continue editing the page. * Fixed an issue in Security Growth Employee Dashboard where users who passed an exam on a non-first attempt were displayed as failed, ensuring any user who has passed on any attempt is shown with a Passed status and admins can review accurate training completion data. * Fixed an issue in Awareness Educator > Training Library where the page crashed with a "Cannot set properties of undefined" error when no matching learning path filter was found, ensuring the Training Library loads without errors in all filter states. * Fixed an issue in Company > Target Users where selecting a status widget such as Active Users and then applying a Status column filter returned no results, ensuring both the widget filter and the column filter work together and display the correct subset of users. * Fixed an issue in Smishing Simulator, Quishing Simulator, and Callback Simulator > Campaign Manager where the Users column in Instance and Recurrence detail tables appeared empty, ensuring the column displays the correct user count for each campaign instance. * Fixed an issue in Company > Target Users > Groups where deleted users appeared in the Add Users To Group list with an Active status, and saving a group containing these users resulted in an empty group, ensuring only active users are listed and groups are saved with the correct members. * Fixed an issue in Company > Target Users > Groups where using the Select All option while creating a new group returned an "Invalid Request" error, ensuring admins can add all users to a group in a single action without errors. * Fixed an issue in Awareness Educator > Enrollments where users were not automatically included in an enrollment when Auto-Enroll was enabled, ensuring newly added users are enrolled as expected without requiring manual intervention. * Fixed an issue in Awareness Educator > Enrollments where the Status field remained stuck as Sending and the Delivery column did not update after an enrollment completed, ensuring admins see accurate delivery progress for all enrollments. * Fixed an issue in Company > Companies where the Reseller Name column was visible in the table but absent from exported reports, ensuring all exports include the Reseller Name column populated with the correct data. * Fixed an issue in Reports > Phishing Simulator where a specific phishing campaign report failed to load, ensuring all campaign reports open correctly and display complete statistics. * Fixed an issue in Security Growth Dashboard where enrollments marked as test were included in dashboard metrics, ensuring test enrollments are excluded so the dashboard reflects only real training data.
04 March **New Features:** * [Added Microsoft 365 Defender Integration](/next-generation-product/platform/phishing-reporter/integrating-microsoft-defender-with-keepnet-phishing-reporter.md) to Phishing Reporter > Settings > Email Settings, allowing organizations to automatically forward user-reported suspicious emails to Microsoft Defender's Submissions portal for native threat analysis, while simultaneously sending them to Keepnet's Incident Responder for deeper investigation and simulation tracking — so SOC teams benefit from both platforms' threat analysis and investigation capabilities. * Simplified adding a second page to landing page templates across Phishing, Smishing, and Quishing Simulators by introducing a template picker for Page 2 — admins can now select any existing Click-Only or Data Submission landing page as a second page with a single click, instead of building it manually from scratch. **Improvements:** * Improved Agentic AI by adding a Vishing Call Agent that runs realistic voice phishing simulations directly from the Agentic AI’s chat interface. After each call, users receive a Summary, full Transcript, and personalized Next Steps — along with a clear outcome showing whether sensitive data was disclosed during the simulation. * Improved Awareness Educator > Enrollments > Sending Report by adding a User Status column to the enrollment sending table, making it easy to identify why certain users remain stuck in "In Queue" — such as being Inactive or Deleted — giving admins full visibility into enrollment delivery status at a glance. * Improved Phishing Simulator > Phishing Scenarios > Landing Page Templates by adding a Stop Bot Activity toggle that allows admins to enable or disable the A4 bot detection rule per landing page, giving organizations the flexibility to turn off bot filtering for specific landing pages when false positives are not a concern in their environment. * Improved Agentic AI by allowing admins to directly edit the email templates generated within the chat using the built-in email editor, so they can customize content, adjust text, and save changes before launching a campaign. * Improved Phishing Simulator > Campaign Manager by simplifying the campaign list view — campaigns with a single run now show a direct View Report button instead of a "1 Run" instance indicator, allowing admins to access reports faster with fewer clicks. * Improved Agentic AI by adding a Phishing URL merge tag option to the email editor's Component Settings, allowing admins to assign the phishing URL to any text or button element with a single click — without needing to type the merge tag manually. * Improved Awareness Educator > Enrollments > Learning Path > Summary > Users by including the Current Step column in the exported report, allowing admins to filter and analyze each user's progress within a learning path directly in Excel without relying solely on the platform view. * Improved Awareness Educator > Training Library by adding OT Security and ICS Security as new training categories, allowing organizations to create and filter training content specifically tailored to operational technology and industrial control system security awareness. * Improved Company Settings > Notification Templates by ensuring CC recipients are included when sending training enrollment notifications via DEC delivery method, so all designated recipients now receive the notification email as expected. * Improved Awareness Educator > Training Library by adding ISO 14001, ISA/IEC 62443, NIST SP 800-82, and NIS2 Directive (EU) as new compliance options, allowing organizations to create and filter training content aligned with a broader range of industry and regulatory standards. * Improved Phishing Simulator > Campaign Report > Summary by adding a Phishing Reporters widget that displays the number of users who reported the simulation email and their percentage of total target users — giving admins instant visibility into reporting behavior alongside other key campaign metrics without navigating to a separate tab. * Improved Reports > Gamification Report by optimizing the Leaderboard data loading performance, ensuring admins can now access leaderboard rankings and top performer data significantly faster. * Improved Awareness Educator > Training Library and Enrollments by adding Training Level and Duration columns to the list view, allowing admins to quickly see and filter training content by difficulty level and estimated completion time without opening each item individually. * Improved Awareness Educator SCORM Proxy compatibility with third-party LMS platforms such as TalentLMS by ensuring the API now accepts the learner ID field in both string and number formats — allowing organizations to seamlessly deliver Keepnet SCORM training content through their existing LMS platforms without integration errors. * Improved Company > Companies by adding a month selector to the Monthly Users column, allowing MSSP partners and Reseller admins to view historical monthly user data for past months (e.g., December 2025, January 2026) instead of only seeing the current month's figures — enabling more accurate billing reviews, usage tracking, and capacity planning across all managed companies. * Improved the Languages column across Awareness Educator > Training Library, Awareness Educator > Enrollments, and Phishing Simulator > Phishing Scenarios > Landing Page Templates by replacing the oversized language tooltip with a compact, searchable dropdown — preventing it from covering the page and improving readability when materials support many languages. * Improved Phishing Reporter > Download Add-in by redesigning the drawer with a structured layout that organizes add-in options by Integration Type (Microsoft 365, Google Workspace, Outlook, Diagnostic Tool) and adds a Check Platform Compatibility table — helping administrators quickly identify the correct add-in for their environment and avoid installing unsupported versions. * Improved Phishing Simulator > Campaign Manager export (PDF) to correctly display "-" in the Target Users column for campaigns in Scheduled or Idle status — ensuring exported reports accurately reflect that target user counts are not yet determined for campaigns that haven't started. **Bug Fixes:** * Fixed an issue in Incident Responder > Analysis Details where clicking Download Email and confirming the zip password prompt returned an "Invalid request" error instead of downloading the file, ensuring analysts can now successfully download reported emails as password-protected zip files. * Fixed an issue in Quishing Simulator, Phishing Simulator, Smishing Simulator > Scenarios where filtering scenarios by language caused the page to freeze and return no results, ensuring language-based filtering now works correctly and displays matching scenarios as expected. * Fixed an issue in Reports > Gamification Report > Leaderboard where a user's Total Points shown in the list view did not match the points displayed in the user detail view, ensuring point data is now consistent across both views. * Fixed an issue in Phishing Simulator > Phishing Scenarios where the AI Ally button remained visible in the Email Template and Landing Page editors even when AI Ally was disabled in Company > Company Settings > AI Ally Settings, ensuring the editor correctly reflects the enabled/disabled state of the AI Ally feature. * Fixed two LDAP synchronization issues in Company > Target Users > Import from LDAP where (1) users' PreferredLanguage attribute set in Active Directory was not being synced to the Keepnet platform — preventing accurate language-based targeting in phishing campaigns — and (2) the Sync All Users option failed to list and import all users from the AD, causing incomplete user synchronization. Both issues are now resolved, ensuring full and accurate LDAP imports.
18 February **Improvements:** * Improved Gamification Report > Leaderboard by calculating and displaying user badges asynchronously in the background (instead of computing them instantly for all users), improving page load performance and scalability for large organizations while ensuring badges appear reliably as they become ready. * Improved Phishing Simulator > MFA Data Submission scenarios to follow a real-world authentication flow by validating email/password first and then prompting for the MFA code (Click Only MFA scenarios are unchanged), resulting in a more accurate simulation and training experience aligned with common MFA standards. * Improved Phishing Simulator > Campaign Manager to show an accurate Total Target Users value by preventing the user count from being multiplied by the number of “Random scenarios for each user” scenarios, ensuring campaigns display the correct target audience size. * Improved Phishing Simulator > Campaign Manager > Scenarios > Training by prioritizing training results based on the company’s Preferred Language and sorting them by Created Date/Time (DESC), so users see the most relevant (and newest) trainings in their language first and can select content faster. * Improved Company Settings > Notification Templates by ensuring CC recipients are included correctly in Training Enrollment notifications sent via DEC settings, so users added to the CC field receive the email as expected. * Improved Company > Target Users by clearly indicating users who have been deleted from the system (e.g., disabled/greyed rows with a “This user has been deleted” status), making it easier to distinguish deleted users from active users during user management and targeting. * Improved Company > Target Users by automatically clearing the Active Users / Inactive Users widget filter when the filtered user count drops to 0 (e.g., after deleting the last listed user), preventing the widget from remaining selected and unclickable and allowing admins to continue filtering normally without needing to use Clear Filtering Options. * Improved O365 Investigation reliability when scanning large mailboxes by reducing Microsoft Graph message fetch page size for requests that include the Body field (to prevent oversized/truncated JSON responses and parse errors) and adding a retry mechanism with exponential backoff for initial fetch and pagination calls. * Improved Awareness Educator > Training Library duplication so that when a training material is cloned/duplicated, the original Vendor information is preserved on the new copy—maintaining content ownership and enabling consistent vendor-based reporting and management. * Improved the Security Growth Login notification template by adding support for Direct Email Creation (DEC) in the Email Delivery configuration, allowing organizations to send these notifications via DEC in addition to SMTP. * Improved the License Warning pop-up target user calculation to count only target users with Active status, excluding Inactive and Deleted target users for more accurate license usage warnings. * Improved Awareness Educator > Training Library grid view to correctly display poster thumbnails even when the uploaded poster file name contains Turkish/special characters, preventing URL parsing issues and ensuring posters render reliably. * Improved Company > Companies export (Excel/CSV) by including the newly added user metrics columns—Inactive Users, Deleted Users, and Monthly Users—in the generated report for more complete company-level reporting. * Improved Awareness Educator preview drawers by updating cover image requirements and validation (1:1 format, 320–1024 px, JPG/PNG), showing an in-app warning when dimensions don’t meet the criteria, and enhancing card/preview rendering for more consistent visuals across responsive layouts. * Improved the Just-in-Time (JIT) training flow by showing users how many points they will earn before they start reviewing the red flags, and confirming the points earned after they complete the training—making rewards clearer and the experience more motivating. **Bug Fixes:** * Fixed Awareness Educator > Enrollments > Sending Report where Date First Sent, Date Last Sent, and Email Delivery columns could appear blank for some users, ensuring delivery details are displayed consistently across all enrollments. * Fixed an issue in MSSP multi-company Phishing Campaigns where selecting “First Use Company’s DEC config then fallback to default SMTP” could fail for sub-companies without a DEC configuration, causing the campaign to throw the “Unknown direct email creation type: 0” error instead of correctly falling back to SMTP delivery. * Fixed an issue in SCIM PATCH where email comparisons were handled case-sensitively, which could trigger a false-positive 409 Conflict (e.g., vs ) and prevent user updates/synchronization; email matching is now case-insensitive and UpdateAsync includes improved error handling for more reliable SCIM updates. * Fixed an issue where some users could not see their assigned trainings in the Security Growth Dashboard; assigned enrollments are now displayed correctly so end users can view and start their trainings from the dashboard. * Fixed an issue in the public Free Phishing Email Analysis tool where uploading a valid .eml/.msg file and clicking Analyze could return an HTTP 500, ensuring analyses now complete successfully and return results as expected. * Fixed an issue where a number of training enrollments could remain stuck in “In Queue”, ensuring queued users now receive their training emails/content successfully and enrollment sending progresses as expected. * Fixed an issue in Quishing Simulator > Campaign Manager where the Printout/Individual Printout PDF download action could remain disabled (showing “PDF file not available for download yet”) for previously started campaigns in production, ensuring customers can reliably download campaign PDFs from the campaign instance Actions menu. * Fixed an issue where users who reported a simulation email were not appearing in the Campaign Report’s Reporters tab (and related Reported views) for some tenants, ensuring reporting activity is accurately reflected in campaign analytics.
05 February **New Features:** * Added Duration and Level details to the Training Preview in Awareness Educator > Training Library, allowing admins to instantly see a training’s estimated completion time and difficulty level while previewing, making it easier to select the right content before sending. * Added Agentic AI Settings to Company > Company Settings, allowing admins to enable/disable Agentic AI, choose the Execution Mode (Approval-Gated or Autonomous), and configure Safeguards and Behavioral Policies through expandable sections and toggles for centralized control of AI actions across the organization. * Added Agentic AI Microlearning support for Vishing role-play trainings, enabling admins to generate a complete vishing training in minutes, preview it via an auto-created training URL, and publish/share it directly to the platform (and to a selected group) for fast, hands-on learner delivery through an interactive call simulation experience. **Improvements:** * Improved Phishing Reporter > Download History by renaming unclear add-in labels to more descriptive names (e.g., “Spam Integration” → “Ribbon View”, “Legacy Version” → “Page View”), making it easier for customers and support teams to immediately understand which Microsoft 365 add-in version was downloaded. * Improved Gamification Report > User Timeline by awarding +500 points when a user reports a real email that is confirmed as Phishing or Malicious by Incident Responder, and displaying the earned points clearly within the Activity Timeline card to better recognize secure behavior and encourage reporting. * Improved Phishing (Smishing, Quishing) Simulator > Campaign Manager > New by fixing the Select Training dropdown behavior so it remains properly anchored to the input field while scrolling, preventing the list from shifting out of place and making training selection more consistent during campaign creation. * Improved Phishing Simulator > Landing Pages by enhancing Custom Scripts handling so JavaScript runs reliably on published landing pages (including when scripts are imported), ensuring interactive elements (e.g., password visibility toggle and language selection) work consistently without requiring manual script placement adjustments. * Improved Company > Target Users by preventing actions on already deleted users—disabling Delete User and Add Group operations for deleted records—ensuring admins no longer encounter “Not Found” errors and clearly understand that deleted users cannot be removed again or added to groups. * Improved Awareness Educator > Training Library by adding “Secure Coding” as a selectable Category during training creation and editing, enabling admins to better classify and manage secure coding–focused training content. * Improved Company > Companies by enhancing the Monthly Users column with clearer UX, including an info tooltip that explains the metric (users added during the selected month, regardless of current status), helping MSSPs interpret monthly billing figures more confidently. * Improved Vishing Simulator by adding a new Australia (+61) caller phone number option for vishing campaigns, enabling customers to run more realistic local-call simulations for users in the +61 region. * Improved Company > Target Users (Monthly Users) reporting by extending the monthly user summary to also include December (end-of-year / 31 Dec) data, so admins can view a complete month-over-month baseline across the year instead of seeing results starting only from January. **Bug Fixes:** * Fixed an issue in Company > Target Users where the Monthly Users widget could incorrectly include users deleted in the previous month after switching to a new billing month, ensuring the Monthly Users count accurately reflects the unique users for the selected month. * Fixed an issue in Phishing Simulator > Scenarios where scenario tags were not visible for customer companies after sharing a scenario with “Available For: All Companies”, ensuring the Tags column displays the tags correctly. * Fixed an issue in Phishing Simulator > Campaign Manager > Campaign Reports where the Groups field could display duplicate group names for users (e.g., after being added/removed multiple times from the same group), ensuring the Groups column and downloaded report outputs list each target group only once for accurate campaign reporting. * Fixed an issue in Company > Company Settings > Notification Templates where the CC field could disappear in the Enrollment Notification Template, ensuring admins can again add and manage CC recipients and the CC addresses are included correctly in outgoing enrollment emails. * Fixed an issue in Awareness Educator > Poster & Infographic enrollments where Download links in enrollment emails could incorrectly display the Keepnet domain (e.g., api.keepnetlabs.com) instead of the customer’s whitelabeled domain, ensuring recipients always see and access content through the correct branded domain. * Fixed an issue in Company > Companies (Create/Edit) > License where selecting “Custom” for License Expiry Date showed the calendar days as disabled, preventing admins from choosing an expiry date; ensuring custom license end dates can now be selected successfully. * Fixed an issue in Company > Target Users > Groups where selecting users via checkbox in SCIM-managed groups incorrectly enabled the “Remove Users” bulk action and could result in an HTTP 500 error; ensuring SCIM group members cannot be removed manually and the bulk remove action is now properly disabled. * Fixed an issue in Company > Target Users where after filtering via the Active Users or Inactive Users widget, deleting the last user could drop the widget count to 0 while the filter remained selected (and became unclickable), preventing users from clearing the filter from the widget; ensuring the widget filter is now automatically cleared when the count reaches zero. * Fixed an issue where reminder emails could still be sent after a company was deleted, ensuring all active enrollment reminders are automatically stopped during the company deletion process so users no longer receive notifications for removed companies. * Fixed an issue where saving a Scheduled Report could return an HTTP 500 error when the System User timezone was set to UTC and a different timezone was selected in the report schedule, ensuring scheduled reports can be created and saved reliably regardless of timezone combinations. * Fixed an issue where searching within a Target Group could cause an error in Company > Target Users > Target Group Users, ensuring admins can reliably search and filter users inside target groups without interruptions. * Fixed an issue where Microsoft Teams training notifications could fail for specific admin users, ensuring admins can resend and successfully deliver Teams-based training messages without system errors from the Awareness Educator > Enrollments > Training Report > Sending Report (Microsoft Teams Notifications) flow. * Fixed an issue where exported Phishing Campaign reports could miss the “Target Group” column in downloaded Excel/CSV files, ensuring Download/Export outputs for Submitted MFA Code, Reporters, Sending Report, Replied, and Summary tabs now include the user’s associated target group for accurate reporting and analysis.
22 January **New Features:** * Added Monthly Users widgets in Company > Target Users, which displays the total number of unique users included in the selected billing month regardless of their current status (Active, Inactive, or Deleted), allowing MSSPs to clearly track billable user counts and use this view as an auditable reference for monthly billing. * Added Security Culture Score (Survey Gauge) widget to Reports > Executive Reports, visualizing the organization’s overall security culture as a single, participant-weighted survey score, with trend vs previous period and industry benchmark comparison for quick executive-level insight. * Added Target Group visibility in Phishing Campaign Reports so each campaign report tab (e.g., Clicked, Opened, Data Submitted, No Response, etc.) now shows which selected target group(s) a user belongs to from the groups chosen when the campaign was launched. Admins can open the Groups field to view the exact group names, making it easier to review results by groups without manual cross-checking. **Improvements:** * Improved Company > Target Users search and sorting behavior by enabling proper sorting when filtering users with “Deleted” status, ensuring deleted users are now listed and ordered correctly alongside other statuses when sorting is applied. * Improved Company > Target Users sorting by fixing an issue where sorting/filtering by UpdateTime (Status Updated) failed, ensuring users can now reliably sort the Target Users list by the latest update time without errors. * Improved Safari browser behavior to ensure the correct company-specific favicon is displayed on browser tabs when switching between different customers, preventing previously visited customer icons from appearing incorrectly and providing a consistent, accurate brand experience across company switches. * Improved Company creation by automatically setting the default Date Format and Time Format based on the selected Country, while still allowing admins to manually override these formats when needed, so companies start with the correct regional formatting and avoid inconsistent date/time display. * Improved Incident Responder > Manual Investigation filtering by renaming the “URL” filter to “Domain” and keeping the placeholder aligned with domain-only input, so users clearly understand the filter expects a domain value and avoid failed searches caused by past label confusion. **Bug Fixes:** * Fixed an issue in phishing campaigns using the “Start Training Immediately” option where users clicking the “Start Training” button on the landing page were shown a “This training is not available for you” error, even though the training was correctly assigned. * Fixed an issue in Company > Companies where the column renamed to “License Limit” in the UI was still exported as “User Limit” in downloaded reports (PDF/CSV/Excel), ensuring column names are now consistent between the interface and exported files. * Fixed an issue in Campaign Reports (Opened, Opened Attachment, and No Response tabs) where exported reports did not correctly list all Target Groups for users who belonged to multiple groups, ensuring all associated groups are now fully and consistently included in downloaded files. * Fixed an issue in Awareness Educator > Training Library where duplicating a training assigned to multiple roles failed with a “Training role not found” error, ensuring multi-role training content can now be duplicated successfully. * Fixed an issue in Smishing Simulator > Smishing Report where the associated training name was displayed as “undefined” in phishing-related reports, ensuring the correct training name is now shown consistently across smishing and phishing report views.
07 January **Improvements:** * Improved Content Language selection ordering in Awareness Educator > Send Training by sorting available languages alphabetically, so admins can find and select the desired content language faster and experience a more consistent and predictable selection flow. * Improved Direct Email Creation (DEC) error messages across Awareness Educator and DEC-enabled modules by validating domain selection before sending and displaying clearer, actionable error messages, so admins can immediately understand why a delivery failed and resolve domain configuration issues without confusion or unnecessary support tickets. * Improved Phishing Scenario preview for multi-language landing page templates by ensuring merge tags (such as user name fields) are correctly resolved in all supported languages, not only the company’s preferred language, so admins can accurately preview localized landing pages without missing or empty placeholders. * Improved simulation email template import handling to prevent unnecessary HTML duplication during repeated imports, eliminating redundant \
nesting, reducing code bloat, and ensuring imported templates remain clean, performant, and visually consistent across multiple save or import actions. **Bug Fixes:** * Fixed an issue where system reminder emails were not sent to users in Awareness Educator trainings, even when reminder settings were enabled, ensuring reminder emails are now delivered correctly based on the configured schedule and completion conditions. * Fixed an issue where users could access and complete trainings while the email delivery status was still “Queued” or failed, which caused reporting inconsistencies and missing activity timeline logs, ensuring trainings become accessible only after valid delivery and user activities are now logged correctly. * Fixed an issue where values entered in IP Addresses, URLs, and Attachments fields were not saved in Incident Responder > Integrations > Advanced Settings, including Batch Import entries, ensuring all manually added and bulk-imported data is now persisted correctly after saving. * Fixed an issue in the Security Growth Dashboard user info endpoint by adding proper null checks when the target user record is missing, ensuring deleted target users are handled correctly and receive an appropriate unauthorized response instead of unknown errors. * Fixed inaccurate status, progress calculation, and error messaging in the Job Log page by correctly reflecting completed and failed processes, capping progress at 100%, and displaying real failure reasons only when jobs are genuinely stuck or errored, ensuring users can clearly understand job outcome. * Fixed an issue where setting a default filter in the Trash tab also affected the Enrollments tab in Awareness Educator, ensuring filters applied in Trash no longer impact active enrollment listings and each tab now preserves its own independent filter state. * Fixed an issue where “Set as default filter” stopped applying correctly when switching tabs in Simulation and Training Reports, ensuring saved default filters are consistently applied to both the filter interface and report data after page refreshes or tab changes. * Fixed an issue where adding a second page to landing page templates triggered a “Landing page orders need to be unique” error, ensuring multi-page landing pages can now be created and saved successfully across phishing scenarios and data submission templates. * Fixed an issue where the “Create Scenario” button was incorrectly positioned on the Campaign Manager > Training tab when using the AI Ally scenario selection, causing confusion in the training configuration flow.
--- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://doc.keepnetlabs.com/resources/release-notes/2026.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.