2026
04 March
New Features:
Added Microsoft 365 Defender Integration to Phishing Reporter > Settings > Email Settings, allowing organizations to automatically forward user-reported suspicious emails to Microsoft Defender's Submissions portal for native threat analysis, while simultaneously sending them to Keepnet's Incident Responder for deeper investigation and simulation tracking — so SOC teams benefit from both platforms' threat analysis and investigation capabilities.
Simplified adding a second page to landing page templates across Phishing, Smishing, and Quishing Simulators by introducing a template picker for Page 2 — admins can now select any existing Click-Only or Data Submission landing page as a second page with a single click, instead of building it manually from scratch.
Improvements:
Improved Agentic AI by adding a Vishing Call Agent that runs realistic voice phishing simulations directly from the Agentic AI’s chat interface. After each call, users receive a Summary, full Transcript, and personalized Next Steps — along with a clear outcome showing whether sensitive data was disclosed during the simulation.
Improved Awareness Educator > Enrollments > Sending Report by adding a User Status column to the enrollment sending table, making it easy to identify why certain users remain stuck in "In Queue" — such as being Inactive or Deleted — giving admins full visibility into enrollment delivery status at a glance.
Improved Phishing Simulator > Phishing Scenarios > Landing Page Templates by adding a Stop Bot Activity toggle that allows admins to enable or disable the A4 bot detection rule per landing page, giving organizations the flexibility to turn off bot filtering for specific landing pages when false positives are not a concern in their environment.
Improved Agentic AI by allowing admins to directly edit the email templates generated within the chat using the built-in email editor, so they can customize content, adjust text, and save changes before launching a campaign.
Improved Phishing Simulator > Campaign Manager by simplifying the campaign list view — campaigns with a single run now show a direct View Report button instead of a "1 Run" instance indicator, allowing admins to access reports faster with fewer clicks.
Improved Agentic AI by adding a Phishing URL merge tag option to the email editor's Component Settings, allowing admins to assign the phishing URL to any text or button element with a single click — without needing to type the merge tag manually.
Improved Awareness Educator > Enrollments > Learning Path > Summary > Users by including the Current Step column in the exported report, allowing admins to filter and analyze each user's progress within a learning path directly in Excel without relying solely on the platform view.
Improved Awareness Educator > Training Library by adding OT Security and ICS Security as new training categories, allowing organizations to create and filter training content specifically tailored to operational technology and industrial control system security awareness.
Improved Company Settings > Notification Templates by ensuring CC recipients are included when sending training enrollment notifications via DEC delivery method, so all designated recipients now receive the notification email as expected.
Improved Awareness Educator > Training Library by adding ISO 14001, ISA/IEC 62443, NIST SP 800-82, and NIS2 Directive (EU) as new compliance options, allowing organizations to create and filter training content aligned with a broader range of industry and regulatory standards.
Improved Phishing Simulator > Campaign Report > Summary by adding a Phishing Reporters widget that displays the number of users who reported the simulation email and their percentage of total target users — giving admins instant visibility into reporting behavior alongside other key campaign metrics without navigating to a separate tab.
Improved Reports > Gamification Report by optimizing the Leaderboard data loading performance, ensuring admins can now access leaderboard rankings and top performer data significantly faster.
Improved Awareness Educator > Training Library and Enrollments by adding Training Level and Duration columns to the list view, allowing admins to quickly see and filter training content by difficulty level and estimated completion time without opening each item individually.
Improved Awareness Educator SCORM Proxy compatibility with third-party LMS platforms such as TalentLMS by ensuring the API now accepts the learner ID field in both string and number formats — allowing organizations to seamlessly deliver Keepnet SCORM training content through their existing LMS platforms without integration errors.
Improved Company > Companies by adding a month selector to the Monthly Users column, allowing MSSP partners and Reseller admins to view historical monthly user data for past months (e.g., December 2025, January 2026) instead of only seeing the current month's figures — enabling more accurate billing reviews, usage tracking, and capacity planning across all managed companies.
Improved the Languages column across Awareness Educator > Training Library, Awareness Educator > Enrollments, and Phishing Simulator > Phishing Scenarios > Landing Page Templates by replacing the oversized language tooltip with a compact, searchable dropdown — preventing it from covering the page and improving readability when materials support many languages.
Improved Phishing Reporter > Download Add-in by redesigning the drawer with a structured layout that organizes add-in options by Integration Type (Microsoft 365, Google Workspace, Outlook, Diagnostic Tool) and adds a Check Platform Compatibility table — helping administrators quickly identify the correct add-in for their environment and avoid installing unsupported versions.
Improved Phishing Simulator > Campaign Manager export (PDF) to correctly display "-" in the Target Users column for campaigns in Scheduled or Idle status — ensuring exported reports accurately reflect that target user counts are not yet determined for campaigns that haven't started.
Bug Fixes:
Fixed an issue in Incident Responder > Analysis Details where clicking Download Email and confirming the zip password prompt returned an "Invalid request" error instead of downloading the file, ensuring analysts can now successfully download reported emails as password-protected zip files.
Fixed an issue in Quishing Simulator, Phishing Simulator, Smishing Simulator > Scenarios where filtering scenarios by language caused the page to freeze and return no results, ensuring language-based filtering now works correctly and displays matching scenarios as expected.
Fixed an issue in Reports > Gamification Report > Leaderboard where a user's Total Points shown in the list view did not match the points displayed in the user detail view, ensuring point data is now consistent across both views.
Fixed an issue in Phishing Simulator > Phishing Scenarios where the AI Ally button remained visible in the Email Template and Landing Page editors even when AI Ally was disabled in Company > Company Settings > AI Ally Settings, ensuring the editor correctly reflects the enabled/disabled state of the AI Ally feature.
Fixed two LDAP synchronization issues in Company > Target Users > Import from LDAP where (1) users' PreferredLanguage attribute set in Active Directory was not being synced to the Keepnet platform — preventing accurate language-based targeting in phishing campaigns — and (2) the Sync All Users option failed to list and import all users from the AD, causing incomplete user synchronization. Both issues are now resolved, ensuring full and accurate LDAP imports.
18 February
Improvements:
Improved Gamification Report > Leaderboard by calculating and displaying user badges asynchronously in the background (instead of computing them instantly for all users), improving page load performance and scalability for large organizations while ensuring badges appear reliably as they become ready.
Improved Phishing Simulator > MFA Data Submission scenarios to follow a real-world authentication flow by validating email/password first and then prompting for the MFA code (Click Only MFA scenarios are unchanged), resulting in a more accurate simulation and training experience aligned with common MFA standards.
Improved Phishing Simulator > Campaign Manager to show an accurate Total Target Users value by preventing the user count from being multiplied by the number of “Random scenarios for each user” scenarios, ensuring campaigns display the correct target audience size.
Improved Phishing Simulator > Campaign Manager > Scenarios > Training by prioritizing training results based on the company’s Preferred Language and sorting them by Created Date/Time (DESC), so users see the most relevant (and newest) trainings in their language first and can select content faster.
Improved Company Settings > Notification Templates by ensuring CC recipients are included correctly in Training Enrollment notifications sent via DEC settings, so users added to the CC field receive the email as expected.
Improved Company > Target Users by clearly indicating users who have been deleted from the system (e.g., disabled/greyed rows with a “This user has been deleted” status), making it easier to distinguish deleted users from active users during user management and targeting.
Improved Company > Target Users by automatically clearing the Active Users / Inactive Users widget filter when the filtered user count drops to 0 (e.g., after deleting the last listed user), preventing the widget from remaining selected and unclickable and allowing admins to continue filtering normally without needing to use Clear Filtering Options.
Improved O365 Investigation reliability when scanning large mailboxes by reducing Microsoft Graph message fetch page size for requests that include the Body field (to prevent oversized/truncated JSON responses and parse errors) and adding a retry mechanism with exponential backoff for initial fetch and pagination calls.
Improved Awareness Educator > Training Library duplication so that when a training material is cloned/duplicated, the original Vendor information is preserved on the new copy—maintaining content ownership and enabling consistent vendor-based reporting and management.
Improved the Security Growth Login notification template by adding support for Direct Email Creation (DEC) in the Email Delivery configuration, allowing organizations to send these notifications via DEC in addition to SMTP.
Improved the License Warning pop-up target user calculation to count only target users with Active status, excluding Inactive and Deleted target users for more accurate license usage warnings.
Improved Awareness Educator > Training Library grid view to correctly display poster thumbnails even when the uploaded poster file name contains Turkish/special characters, preventing URL parsing issues and ensuring posters render reliably.
Improved Company > Companies export (Excel/CSV) by including the newly added user metrics columns—Inactive Users, Deleted Users, and Monthly Users—in the generated report for more complete company-level reporting.
Improved Awareness Educator preview drawers by updating cover image requirements and validation (1:1 format, 320–1024 px, JPG/PNG), showing an in-app warning when dimensions don’t meet the criteria, and enhancing card/preview rendering for more consistent visuals across responsive layouts.
Improved the Just-in-Time (JIT) training flow by showing users how many points they will earn before they start reviewing the red flags, and confirming the points earned after they complete the training—making rewards clearer and the experience more motivating.
Bug Fixes:
Fixed Awareness Educator > Enrollments > Sending Report where Date First Sent, Date Last Sent, and Email Delivery columns could appear blank for some users, ensuring delivery details are displayed consistently across all enrollments.
Fixed an issue in MSSP multi-company Phishing Campaigns where selecting “First Use Company’s DEC config then fallback to default SMTP” could fail for sub-companies without a DEC configuration, causing the campaign to throw the “Unknown direct email creation type: 0” error instead of correctly falling back to SMTP delivery.
Fixed an issue in SCIM PATCH where email comparisons were handled case-sensitively, which could trigger a false-positive 409 Conflict (e.g., [email protected] vs [email protected]) and prevent user updates/synchronization; email matching is now case-insensitive and UpdateAsync includes improved error handling for more reliable SCIM updates.
Fixed an issue where some users could not see their assigned trainings in the Security Growth Dashboard; assigned enrollments are now displayed correctly so end users can view and start their trainings from the dashboard.
Fixed an issue in the public Free Phishing Email Analysis tool where uploading a valid .eml/.msg file and clicking Analyze could return an HTTP 500, ensuring analyses now complete successfully and return results as expected.
Fixed an issue where a number of training enrollments could remain stuck in “In Queue”, ensuring queued users now receive their training emails/content successfully and enrollment sending progresses as expected.
Fixed an issue in Quishing Simulator > Campaign Manager where the Printout/Individual Printout PDF download action could remain disabled (showing “PDF file not available for download yet”) for previously started campaigns in production, ensuring customers can reliably download campaign PDFs from the campaign instance Actions menu.
Fixed an issue where users who reported a simulation email were not appearing in the Campaign Report’s Reporters tab (and related Reported views) for some tenants, ensuring reporting activity is accurately reflected in campaign analytics.
05 February
New Features:
Added Duration and Level details to the Training Preview in Awareness Educator > Training Library, allowing admins to instantly see a training’s estimated completion time and difficulty level while previewing, making it easier to select the right content before sending.
Added Agentic AI Settings to Company > Company Settings, allowing admins to enable/disable Agentic AI, choose the Execution Mode (Approval-Gated or Autonomous), and configure Safeguards and Behavioral Policies through expandable sections and toggles for centralized control of AI actions across the organization.
Added Agentic AI Microlearning support for Vishing role-play trainings, enabling admins to generate a complete vishing training in minutes, preview it via an auto-created training URL, and publish/share it directly to the platform (and to a selected group) for fast, hands-on learner delivery through an interactive call simulation experience.
Improvements:
Improved Phishing Reporter > Download History by renaming unclear add-in labels to more descriptive names (e.g., “Spam Integration” → “Ribbon View”, “Legacy Version” → “Page View”), making it easier for customers and support teams to immediately understand which Microsoft 365 add-in version was downloaded.
Improved Gamification Report > User Timeline by awarding +500 points when a user reports a real email that is confirmed as Phishing or Malicious by Incident Responder, and displaying the earned points clearly within the Activity Timeline card to better recognize secure behavior and encourage reporting.
Improved Phishing (Smishing, Quishing) Simulator > Campaign Manager > New by fixing the Select Training dropdown behavior so it remains properly anchored to the input field while scrolling, preventing the list from shifting out of place and making training selection more consistent during campaign creation.
Improved Phishing Simulator > Landing Pages by enhancing Custom Scripts handling so JavaScript runs reliably on published landing pages (including when scripts are imported), ensuring interactive elements (e.g., password visibility toggle and language selection) work consistently without requiring manual script placement adjustments.
Improved Company > Target Users by preventing actions on already deleted users—disabling Delete User and Add Group operations for deleted records—ensuring admins no longer encounter “Not Found” errors and clearly understand that deleted users cannot be removed again or added to groups.
Improved Awareness Educator > Training Library by adding “Secure Coding” as a selectable Category during training creation and editing, enabling admins to better classify and manage secure coding–focused training content.
Improved Company > Companies by enhancing the Monthly Users column with clearer UX, including an info tooltip that explains the metric (users added during the selected month, regardless of current status), helping MSSPs interpret monthly billing figures more confidently.
Improved Vishing Simulator by adding a new Australia (+61) caller phone number option for vishing campaigns, enabling customers to run more realistic local-call simulations for users in the +61 region.
Improved Company > Target Users (Monthly Users) reporting by extending the monthly user summary to also include December (end-of-year / 31 Dec) data, so admins can view a complete month-over-month baseline across the year instead of seeing results starting only from January.
Bug Fixes:
Fixed an issue in Company > Target Users where the Monthly Users widget could incorrectly include users deleted in the previous month after switching to a new billing month, ensuring the Monthly Users count accurately reflects the unique users for the selected month.
Fixed an issue in Phishing Simulator > Scenarios where scenario tags were not visible for customer companies after sharing a scenario with “Available For: All Companies”, ensuring the Tags column displays the tags correctly.
Fixed an issue in Phishing Simulator > Campaign Manager > Campaign Reports where the Groups field could display duplicate group names for users (e.g., after being added/removed multiple times from the same group), ensuring the Groups column and downloaded report outputs list each target group only once for accurate campaign reporting.
Fixed an issue in Company > Company Settings > Notification Templates where the CC field could disappear in the Enrollment Notification Template, ensuring admins can again add and manage CC recipients and the CC addresses are included correctly in outgoing enrollment emails.
Fixed an issue in Awareness Educator > Poster & Infographic enrollments where Download links in enrollment emails could incorrectly display the Keepnet domain (e.g., api.keepnetlabs.com) instead of the customer’s whitelabeled domain, ensuring recipients always see and access content through the correct branded domain.
Fixed an issue in Company > Companies (Create/Edit) > License where selecting “Custom” for License Expiry Date showed the calendar days as disabled, preventing admins from choosing an expiry date; ensuring custom license end dates can now be selected successfully.
Fixed an issue in Company > Target Users > Groups where selecting users via checkbox in SCIM-managed groups incorrectly enabled the “Remove Users” bulk action and could result in an HTTP 500 error; ensuring SCIM group members cannot be removed manually and the bulk remove action is now properly disabled.
Fixed an issue in Company > Target Users where after filtering via the Active Users or Inactive Users widget, deleting the last user could drop the widget count to 0 while the filter remained selected (and became unclickable), preventing users from clearing the filter from the widget; ensuring the widget filter is now automatically cleared when the count reaches zero.
Fixed an issue where reminder emails could still be sent after a company was deleted, ensuring all active enrollment reminders are automatically stopped during the company deletion process so users no longer receive notifications for removed companies.
Fixed an issue where saving a Scheduled Report could return an HTTP 500 error when the System User timezone was set to UTC and a different timezone was selected in the report schedule, ensuring scheduled reports can be created and saved reliably regardless of timezone combinations.
Fixed an issue where searching within a Target Group could cause an error in Company > Target Users > Target Group Users, ensuring admins can reliably search and filter users inside target groups without interruptions.
Fixed an issue where Microsoft Teams training notifications could fail for specific admin users, ensuring admins can resend and successfully deliver Teams-based training messages without system errors from the Awareness Educator > Enrollments > Training Report > Sending Report (Microsoft Teams Notifications) flow.
Fixed an issue where exported Phishing Campaign reports could miss the “Target Group” column in downloaded Excel/CSV files, ensuring Download/Export outputs for Submitted MFA Code, Reporters, Sending Report, Replied, and Summary tabs now include the user’s associated target group for accurate reporting and analysis.
22 January
New Features:
Added Monthly Users widgets in Company > Target Users, which displays the total number of unique users included in the selected billing month regardless of their current status (Active, Inactive, or Deleted), allowing MSSPs to clearly track billable user counts and use this view as an auditable reference for monthly billing.
Added Security Culture Score (Survey Gauge) widget to Reports > Executive Reports, visualizing the organization’s overall security culture as a single, participant-weighted survey score, with trend vs previous period and industry benchmark comparison for quick executive-level insight.
Added Target Group visibility in Phishing Campaign Reports so each campaign report tab (e.g., Clicked, Opened, Data Submitted, No Response, etc.) now shows which selected target group(s) a user belongs to from the groups chosen when the campaign was launched. Admins can open the Groups field to view the exact group names, making it easier to review results by groups without manual cross-checking.
Improvements:
Improved Company > Target Users search and sorting behavior by enabling proper sorting when filtering users with “Deleted” status, ensuring deleted users are now listed and ordered correctly alongside other statuses when sorting is applied.
Improved Company > Target Users sorting by fixing an issue where sorting/filtering by UpdateTime (Status Updated) failed, ensuring users can now reliably sort the Target Users list by the latest update time without errors.
Improved Safari browser behavior to ensure the correct company-specific favicon is displayed on browser tabs when switching between different customers, preventing previously visited customer icons from appearing incorrectly and providing a consistent, accurate brand experience across company switches.
Improved Company creation by automatically setting the default Date Format and Time Format based on the selected Country, while still allowing admins to manually override these formats when needed, so companies start with the correct regional formatting and avoid inconsistent date/time display.
Improved Incident Responder > Manual Investigation filtering by renaming the “URL” filter to “Domain” and keeping the placeholder aligned with domain-only input, so users clearly understand the filter expects a domain value and avoid failed searches caused by past label confusion.
Bug Fixes:
Fixed an issue in phishing campaigns using the “Start Training Immediately” option where users clicking the “Start Training” button on the landing page were shown a “This training is not available for you” error, even though the training was correctly assigned.
Fixed an issue in Company > Companies where the column renamed to “License Limit” in the UI was still exported as “User Limit” in downloaded reports (PDF/CSV/Excel), ensuring column names are now consistent between the interface and exported files.
Fixed an issue in Campaign Reports (Opened, Opened Attachment, and No Response tabs) where exported reports did not correctly list all Target Groups for users who belonged to multiple groups, ensuring all associated groups are now fully and consistently included in downloaded files.
Fixed an issue in Awareness Educator > Training Library where duplicating a training assigned to multiple roles failed with a “Training role not found” error, ensuring multi-role training content can now be duplicated successfully.
Fixed an issue in Smishing Simulator > Smishing Report where the associated training name was displayed as “undefined” in phishing-related reports, ensuring the correct training name is now shown consistently across smishing and phishing report views.
07 January
Improvements:
Improved Content Language selection ordering in Awareness Educator > Send Training by sorting available languages alphabetically, so admins can find and select the desired content language faster and experience a more consistent and predictable selection flow.
Improved Direct Email Creation (DEC) error messages across Awareness Educator and DEC-enabled modules by validating domain selection before sending and displaying clearer, actionable error messages, so admins can immediately understand why a delivery failed and resolve domain configuration issues without confusion or unnecessary support tickets.
Improved Phishing Scenario preview for multi-language landing page templates by ensuring merge tags (such as user name fields) are correctly resolved in all supported languages, not only the company’s preferred language, so admins can accurately preview localized landing pages without missing or empty placeholders.
Improved simulation email template import handling to prevent unnecessary HTML duplication during repeated imports, eliminating redundant <div> nesting, reducing code bloat, and ensuring imported templates remain clean, performant, and visually consistent across multiple save or import actions.
Bug Fixes:
Fixed an issue where system reminder emails were not sent to users in Awareness Educator trainings, even when reminder settings were enabled, ensuring reminder emails are now delivered correctly based on the configured schedule and completion conditions.
Fixed an issue where users could access and complete trainings while the email delivery status was still “Queued” or failed, which caused reporting inconsistencies and missing activity timeline logs, ensuring trainings become accessible only after valid delivery and user activities are now logged correctly.
Fixed an issue where values entered in IP Addresses, URLs, and Attachments fields were not saved in Incident Responder > Integrations > Advanced Settings, including Batch Import entries, ensuring all manually added and bulk-imported data is now persisted correctly after saving.
Fixed an issue in the Security Growth Dashboard user info endpoint by adding proper null checks when the target user record is missing, ensuring deleted target users are handled correctly and receive an appropriate unauthorized response instead of unknown errors.
Fixed inaccurate status, progress calculation, and error messaging in the Job Log page by correctly reflecting completed and failed processes, capping progress at 100%, and displaying real failure reasons only when jobs are genuinely stuck or errored, ensuring users can clearly understand job outcome.
Fixed an issue where setting a default filter in the Trash tab also affected the Enrollments tab in Awareness Educator, ensuring filters applied in Trash no longer impact active enrollment listings and each tab now preserves its own independent filter state.
Fixed an issue where “Set as default filter” stopped applying correctly when switching tabs in Simulation and Training Reports, ensuring saved default filters are consistently applied to both the filter interface and report data after page refreshes or tab changes.
Fixed an issue where adding a second page to landing page templates triggered a “Landing page orders need to be unique” error, ensuring multi-page landing pages can now be created and saved successfully across phishing scenarios and data submission templates.
Fixed an issue where the “Create Scenario” button was incorrectly positioned on the Campaign Manager > Training tab when using the AI Ally scenario selection, causing confusion in the training configuration flow.
Last updated