drel
Changelog

What's new in Drel

Every release, documented. New features, improvements, fixes, and security updates.

0.9.0May 2026Latest

Risk & control library foundation, guided builder improvements, and a new brand page.

  • NewRisk and control library — browse and search the full threat and control catalog independently of an assessment.
  • NewBrand guidelines page at /brand with color palette, typography scale, lockup variants, and usage rules.
  • ImprovedGuided builder now surfaces contextual hints based on system type selection.
  • ImprovedAssessment pack export now includes the full remediation backlog with acceptance criteria.
  • FixedAttack path diagram edges were occasionally rendering behind node cards on Safari.
  • FixedCompliance section incorrectly showed EU AI Act as not applicable for internal tooling system types.
0.8.0April 2026

Design graph implementation, post-PR UX review, and local lifecycle QA pass.

  • NewDesign graph — visual representation of trust boundaries, data flows, and threat surfaces for each assessment.
  • NewDiagram compare view — diff two versions of an architecture diagram side by side.
  • ImprovedResults surface now groups findings by severity with collapsible sections.
  • ImprovedCopilot rail retains context across surface switches within the same assessment session.
  • FixedSession timeout was not correctly invalidating assessment draft state.
  • SecurityUpgraded dependency with known CVE in the PDF export pipeline.
0.7.0March 2026

Agentic Top 10 framework coverage, MAESTRO mapping, and enterprise assessment modes.

  • NewOWASP Agentic Top 10 — full threat mapping for multi-agent and tool-use architectures.
  • NewMAESTRO framework mapping (CSA) for multi-agent AI systems.
  • NewDeeper assessment mode for enterprise plans — expanded threat scenarios and control depth.
  • ImprovedGo / No-go verdict now includes a confidence indicator and the top 3 factors driving the decision.
  • ImprovedAttack path simulation covers lateral movement between agent tool boundaries.
  • FixedNIST AI RMF control references were using outdated identifiers from the pre-1.0 draft.
0.6.0February 2026

Free trial flow, assessment pack versioning, and evidence pack exports.

  • NewFree trial — 3 full AI Security Assessment Packs, no credit card required.
  • NewAssessment version history — compare any two versions of an assessment pack.
  • NewEvidence pack export — download a structured ZIP with all assessment artifacts for audit purposes.
  • ImprovedIntake questionnaire reduced from 12 to 8 questions without loss of assessment fidelity.
  • ImprovedSystem type selection now shows example architectures for each category.
  • FixedRemediation backlog items were not preserving custom priority overrides after re-assessment.
0.5.0January 2026

EU AI Act compliance mapping and enterprise security questionnaire pre-fill.

  • NewEU AI Act risk classification — each assessment now includes an Act risk tier and applicable obligations.
  • NewPre-answered enterprise security questionnaire — ready-to-send responses for vendor security reviews.
  • NewENISA AI Threat Landscape mapping added to all assessment packs.
  • ImprovedControls now include implementation guidance with code-level examples for common stacks.
  • SecurityTightened CSP headers to block inline script execution across all public routes.