Skip to content

Platform Changelog

The INJECT Exercise Platform (IXP) is released in different versions. Most significant changes between the releases are listed below.

This list is not complete, as each new release also includes numerous fixes and smaller improvements.

You might find useful

  • If you want to learn more about backend and frontend version compatibility, read the second section in our Installation Guide.
  • If you are looking for the changelog of the definitions, go here: definitions changelog
  • If you are interested in the definition and platform compatibility, go here: version compatibility

5.0.0

Better Instructor Experience

The instructor view has been improved with several new features and enhancements to make the instructor's experience more efficient and user-friendly:

  • improved email template selection UI
  • team selection filters for easier selection
  • dedicated instructor notes page
  • fixed email overlay closing unexpectedly
  • Czech language localization for instructor view

AI-powered instructor tools

New AI-powered tools have been integrated into the instructor view to assist instructors in facilitating the exercise and evaluating trainee performance. The required environmental variables need to be set up for these features to work:

  • email template suggestions
  • email and free-form evaluation based on a specified rubric

More Powerful Analytics

The analyst view has been enhanced with new features and improvements to provide more powerful analytics capabilities:

  • optimized analyst view performance
  • additional "room view" for easier team monitoring
  • additional cause-and-effect view for analyzing trainee actions
  • additional team clustering view for pattern recognition
  • improved trainee performance overview
    • resizable score section
    • collapsible instructor comments section
  • team selection filters for easier selection
  • sandbox action logging
    • logging the actions performed by trainees within a prepared sandbox VM directly to IXP
    • improved analyst views for command log analysis

Definition Editor

The definition editor has been refined to support even definitions created outside of the editor itself. Now you can use the editor together with tools you're used to, while still benefiting from the editor's visualization and validation features:

  • visual exercise flow diagram
  • support for exercise definitions created outside of the editor
    • only definitions with the latest version are supported

Visual Studio Code Extension

A Visual Studio Code Extension has been released to enhance the development experience by providing seamless integration with the platform. It supports:

  • updating older definition versions to the latest version
  • syntax checking
  • validation of the definition through a deployed instance of IXP
  • markdown files preview in YAML files
  • experimental definition test environment through a deployed instance of IXP

Definitions

A new unified storage was published through GitLab Definition registry, and all the provided definitions are listed here. Changes:

  • upgraded all definitions to definition version 0.24.7
  • published new exercise definition Ransomware Rezonio
  • published new exercise definition Remote Workers
  • published new exercise definition Supply Chain
  • published new exercise definition Threat Modeling

Trainee Experience Enhancements

Several improvements have been made to the trainee view to enhance the overall experience for trainees:

  • refined inject overlay interface
  • optional feedback on the correctness of questionnaire answers

Exercise Management Improvements

New quality-of-life features have been added to the exercise management interface to streamline exercise administration:

  • optimized exercise panel performance
  • bulk unassign team members from exercises
  • links to assigned exercises in the user detail page
  • instructor noticeboard real-time updates
  • Czech language localization for the exercise panel

Enhanced Security & Access Control

The platform's security and access control mechanisms have been strengthened to ensure a safer and more controlled environment:

  • added support for API token-based authentication (available on the Users page for Admins only)
  • replaced outdated document viewer dependency
  • improved navigation handling for exercises the user is not assigned to
  • refined user registration process (a secure password is provided by the platform via email)
  • improved password change interface

Core Platform Enhancements

Additional improvements have been made to the core platform to expand its capabilities:

  • extended exercise state tracking and management
    • additional states to recognize exercises paused, stopped, expired (duration ran out), and finished (a final milestone was reached)
  • expanded exercise definition options
    • an exhaustive changelog can be found here
  • multi-file attachment support for any content (injects, emails, questionnaires, ...)

4.0.1 (Frontend)

  • toolbar moved to the right side in the trainee view for better accessibility
  • fixed an issue where the email overlay in instructor view would close unexpectedly
  • added information about the recipients for emails in the instructor TODO-list
  • when switching between teams in instructor view, the same page now remains selected (e.g., emails, questionnaires)

4.0.2 (Backend)

  • fixed an issue where files uploaded by trainees during an exercise were not deleted from the database when the exercise was deleted
  • fixed an issue where exercise logs could contain uploaded files that were not actually uploaded during the exercise, see known issues for more details.

4.0.1 (Backend)

  • the database connection is now automatically closed when an exercise loop stops/finishes, which should prevent an excessive number of connections staying open unnecessarily
  • changed how update times are logged during the exercise, now only the updates which took longer than the average update time are logged
  • added a new environment variable which controls the maximum number of open connections to PostgreSQL, to utilize this new variable, use the new v4.0.1 compose file and add it to the .env file, see the setup for more details

4.0.0

New Exercise Definition Features

The exercise definition format was extended with new features to enable the creation of more complex and engaging exercises. The most important changes are listed below:

  • added new questionnaire capabilities
    • added automatically evaluated free-form questions
    • added configurable minimum and maximum length settings for free-form questions
    • added multiple choice questions
    • added repeatable questionnaires
      • allows teams to answer a single questionnaire multiple times until some condition is fulfilled, for more details, see the questionnaire documentation
    • added questionnaires, which can be submitted after the exercise finishes
  • added the option to mark email addresses as trusted
    • their emails are marked as digitally signed
  • added a documents drive
    • creating a space for important documents accessible throughout the exercise

An exhaustive changelog can be found here.

Trainee Performance Evaluation and Reflection

A set of new features was added to allow instructors to evaluate and reflect on trainee performance. Furthermore, instructors can now allow trainees to self-evaluate by looking at their performance overview:

  • added configurable score to milestone, learning activities, and learning objectives
  • added user score export to CSV to analyst view
  • added instructor comments for trainee actions
  • added performance overview to trainee view
    • enabled by instructors per-team

Improved Analytics Capabilities

The analyst view was extended with new features to allow better analysis of the actions performed during the exercise:

  • added new types of actions logged
    • added questionnaire submission logs
    • added questionnaire review logs
    • added file download logs
    • added milestone modification logs
    • with info about the source of the modification (automatic, trainee, or instructor action)
    • added confirmation button logs
  • added user info to action logs
    • allowing the analyst to distinguish between users within the same team
  • added team selection to analyst view
  • overhauled the overview page in analyst view
    • providing better insights into the exercise progress and trainee performance

Editor Updates

The editor has been updated to support the latest definition version. All known bugs were fixed, and the user experience was improved:

  • updated editor to support the latest definition version (0.23.3)
  • overhauled editor learning activity creation
    • with better user experience and activity type categorization

Extended Exercise and Platform Configuration

Significant new features were added to allow more flexible exercise and platform configuration:

  • added on-demand exercises with configurable time interval
    • these can be started by the assigned trainees at any time within the defined time interval
  • added multitenancy support
    • multiple exercises can be run simultaneously on the same platform instance
  • added optional log-collection in OpenSearch for exercises
    • logging the actions performed by trainees within a prepared sandbox VM
    • currently an experimental feature
  • added runtime platform configuration for admins
    • with maximum number of teams per exercise setting
    • with the default exercise loop update interval setting
  • added time format setting
    • with absolute, relative, and in-exercise time options
  • added Czech localization to trainee view

Improved User Management

More features were added for easier user management:

  • added guest account generation
    • with expiration configuration
    • with bulk account creation
    • with credentials export to CSV or PDF
  • added the option to change the initial generated password to a custom password
  • added the option for trainees to register to the platform by themselves
    • with allowed email domains configuration
  • added user tag management

New Exercise-Panel Features

Several new features were added to the exercise panel to improve the user experience:

  • added instructor noticeboard
    • allowing instructors to share important notes about the current usage of the platform
    • with configurable expiration for each note
  • added loading exercise definitions from GitLab

Technical Improvements

A significant technical improvement was made to the exercise loop to enhance the responsiveness of exercises:

  • fixed overrun issue in loop thread
    • allowing shorter exercise loop update intervals
    • making the exercise significantly more responsive
  • a number of performance improvements throughout the whole platform

Improved User Experience

Many smaller improvements were made to enhance the overall user experience:

  • refined forms within the platform
    • providing better feedback when creating exercises, submitting questionnaires, etc.

3.0.3 (frontend)

Adds a notification when the WebSocket connection fails. This notification will prompt users to log out and log in again to refresh the data.

3.0.2 (frontend)

Fixes email between teams. Increases the maximum number of teams per exercise to 50 (from 20).

3.0.1 (frontend)

Fixes the checkbox in table selection. Fixes exercise log download. Adds a descriptive message when downloading a file not supported by the file viewer.

3.0.0

Improved UI

Improvements were made to the platform to create a better user experience and increase efficiency:

  • improved home page
    • added ability to view non-running exercises
  • improved Instructor View
    • new Overview page
    • new Team Overview page
    • improved team selector
    • new ability to change milestone states for all/selected teams
    • new ability to move in-exercise time
  • improved Exercise Panel
    • new "info" button for definitions and exercises
  • extended Analyst View
    • new learning objectives page
    • new questionnaires page

New options for exercise definition

Additional optional features were added to the exercise definition format to enable you to create more complex and engaging exercises. The most important changes are listed below:

  • ability to embed media (audio, video, and images) in injects
  • support for more file types in document viewer (video, audio, and SVGs)
  • optional confirmation buttons in injects
  • open-ended questions
  • ability to define multiple info channels
  • added tools without parameters
  • improved overlay inject UI

An exhaustive changelog can be found here.

Furthermore, an interactive wizard called Editor was added for exercise definition. You can find more information about it here.

2.0.0

Changelog is not available for this version

1.0.0

Initial version of IXP