What's new in ThreatCast
BYOK key encryption (AES-256-GCM), rate limiting on AI endpoints, security headers on all middleware paths, WCAG accessibility: skip-to-content, landmarks, ARIA labels, reduced motion support, focus-visible outlines.
Bring Your Own Key for Pro & Enterprise. Support for Anthropic Claude, OpenAI GPT-4o (native JSON mode), and Google Gemini. API key validation, encrypted storage, model selection per provider.
New angular shield logo with targeting reticle, neon cyan (#00ffd5) colour, monospace THREATCAST wordmark. Updated across landing, portal, admin, emails, certificates, and OG image.
GDPR compliance (data export, account deletion, org deletion). Admin IP allowlist + access logging. Loading screen with rotating cyber tips during exercise generation. Broadcast email system. 5 cron jobs for engagement.
Head-to-head duels with email notifications, adaptive difficulty targeting weak spots, 22 real-world incident references, weekly challenge emails, daily drills, XP/streaks, campaigns.
Password reset, plan enforcement (Starter/Growth/Pro/Enterprise), terms, privacy, onboarding wizard, feature flags, scheduled reports.
Two full pentests passed. Rate limiting, auth hardening, info leak prevention, tenant isolation, input validation.
Broadcasts, threat intel feed, review queue, activity feed, audit log, feature flags, email log with KPIs.
MITRE ATT&CK heatmap, compliance evidence (ISO 27001, NIST CSF, SOC 2, NIS2, DORA, PCI DSS), benchmarks, leaderboard.
AI playbook generation, PDF/Word export, certificates with 1-year expiry, custom branding, AI adaptive learning.
Real-time team exercises with Pusher, 8 SIEM/XDR connectors, Slack bot, email verification.
AI-generated exercises with Claude Sonnet, 21 themes, custom characters, exercise cloning, star ratings.
NextAuth.js v5, multi-tenant RBAC, 12-language i18n, MFA/TOTP, Prisma + Neon PostgreSQL, Vercel deployment.