Changelog

Every release,
on the record.

A reverse-chronological record of platform updates — features shipped, performance improvements, integration expansions, and security hardening.

Release history

What's shipped.

2026-06-13 — v0.9.0

Benchmark Transparency & Public ARES Architecture

  • ARES product name made public. Architecture documentation — STRATEGOS, SENTINEL, CRUCIBLE — published on the R&D page and in a dedicated blog post.
  • Benchmark methodology published in full: DVWA v10 (~53% detection rate), DVWA v12 (9 vulnerability classes), $1–3 per assessment task. No cherry-picked conditions; test environment and version stated explicitly.
  • Research page updated with live benchmark table and CVE disclosure framework.
  • Test suite: 2,054 passing tests across the full ARES stack.

2026-04-08 — v0.8.0 — Major release

STRATEGOS v2: Cross-Session Learning & Nash Equilibrium

  • STRATEGOS upgraded with cross-session learning: findings from prior assessments feed forward into future mission planning, improving target prioritisation over successive runs.
  • Nash equilibrium target prioritisation introduced — STRATEGOS now models adversarial defender response when ranking attack paths, not just vulnerability severity.
  • Dynamic concurrency management across all 76 sub-agents; STRATEGOS rebalances workload in real time as agent capacity fluctuates.
  • SENTINEL: Rules of Engagement file can now be hot-reloaded mid-mission without stopping the assessment.
  • Total codebase: 88,103 lines across the ARES stack.

2026-01-14 — v0.7.0 — Major release

ARES Alpha: 15 Clusters, 76 Sub-Agents Operational

  • All 15 ARES agent clusters operational: SCOUT (6), ORACLE (4), BREACH (5), SPIDER (8), PRISM (5), FORGE (6), HAVOC (4), NIMBUS (5), SKELETON KEY (6), PHANTOM (8), GHOST (4), NOMAD (5), LENS (4), SCRIBE (5), ANVIL (4) — 76 sub-agents total.
  • First complete end-to-end assessment run against DVWA target environment.
  • SCRIBE cluster delivers structured finding reports with CVSS scoring, evidence chains, and reproduction steps — no manual write-up required.
  • Assessment cost target achieved: $1–3 per task at production LLM pricing.

2025-09-22 — v0.5.0

CRUCIBLE: Full 4-Stage Validation Pipeline

  • CRUCIBLE validation pipeline complete: (1) schema validation, (2) cross-agent deduplication, (3) evidence grading L1–L4, (4) LLM reflector veto. Findings that fail any stage are dropped before reporting.
  • ≥0.85 confidence gate enforced on all reported vulnerabilities — ARES reports fewer findings, but every finding it reports has a full evidence chain.
  • Evidence grading levels defined: L1 (indicator only), L2 (corroborated by second agent), L3 (exploited in controlled condition), L4 (full proof-of-concept with reproduction).
  • First external deployment: assessment completed under authorised scope with CRUCIBLE gate live.

2025-03-10 — v0.4.0

SENTINEL: Safety Layer Hardened

  • SENTINEL kill switch operational: full mission halt in under 5 seconds via NATS message bus. Tested under concurrent 76-agent load.
  • All ARES tool execution moved into gVisor-sandboxed Docker containers — syscall surface reduced, no direct host access from any sub-agent.
  • Air-gap mode: ARES can operate fully offline for classified and disconnected environments; LLM inference routes to local model endpoint.
  • L0–L5 autonomy spectrum formalised: L0 (human approves every action) through L5 (fully autonomous within ROE bounds). Deployments default to L3.
  • Rules of Engagement file format v1 published: operators define target scope, excluded hosts, permitted techniques, and time windows in a single YAML file loaded at mission start.

2024-09-03 — v0.2.0

STRATEGOS Alpha & SENTINEL Prototype

  • STRATEGOS mission planner alpha: LLM-driven mission decomposition, DAG task scheduler with cycle detection to prevent infinite loops across dependent sub-agents.
  • SENTINEL prototype: scope boundary enforcement and manual pause/resume controls. Kill switch latency at this stage: ~30 seconds (target: <5s).
  • SCOUT cluster (6 sub-agents) first to reach production quality: host enumeration, port scanning, service fingerprinting, and certificate inspection fully automated.
  • CRUCIBLE stages 1–2 operational: schema validation and cross-agent deduplication prevent duplicate findings from concurrent agents covering the same target.

2024-03-15 — v0.1.0 — Foundation

Research Prototype & Architecture Decision

  • Phalanxia founded. Initial research into multi-agent architectures for autonomous penetration testing begins.
  • 15-cluster agent architecture designed: specialised clusters for reconnaissance, exploitation, lateral movement, credential harvesting, persistence, reporting, and validation.
  • Three-layer platform architecture established: STRATEGOS (mission planning), SENTINEL (safety), CRUCIBLE (validation). This separation of concerns becomes the core design invariant for the ARES stack.
  • DVWA selected as primary benchmark environment; baseline established for tracking detection rate improvement across versions.
Stay current

Get release notes in your inbox.

Customers on active plans receive changelog notifications automatically. New to Phalanxia? Start with a demo.