Detect 1.1.0 was released on May 7, 2023.

This version includes the following features by stack component:


  • Security tests were remapped to the new concept of a Dynamic Security Policy. Each test was renamed and mapped to a policy unit, which are currently Antivirus and Next-Gen Antivirus.
  • The Prelude security team is now monitoring CISA advisories and alerts and building representative security tests. These tests carry an additional property called alert, which contains the associated advisory, alert or CVE identifier.
  • Tests that were not mappable to policy units have been removed.


  • The user interface was refreshed, highlighting a new test category called "Emerging Threats". Tests containing an "alert" property are automatically organized under this category. The latest Emerging Threat is highlight in the top-right corner of the UI.
  • The search capability in the interface has been temporarily disabled. This will be getting resolved in a future release.


  • Custom security tests can now contain Go build flags, which allow you to compile tests for a single operating system (vs all supported OS').


  • Map and Unmap API routes have been removed. These routes are no longer necessary as creating tests (POST:/build/test) now supports mapping a unit at test creation.
  • Attaching and detaching partners changed route modules, from /iam/partner to /partner.
  • Splunk is a new partner integration, supported from the CLI. Attaching a Splunk instance will forward all test results to it.
  • Accounts can now be flipped to AUTOPILOT mode, which will schedule every new Antivirus and Next-Gen Antivirus security test to run for 3 days on all endpoints. This is an experimental feature only available in the CLI.


  • Attaching and detaching partners occurs through the command prelude partner <command> instead of prelude iam <command>.