📋 Changelog · Career Framework

Changelog

Version history for the Insider Threat Analyst Career Framework. This site is actively maintained and updated based on community feedback, new research, and evolving practice.

v1.0.1 2026-03-31
  • New DITMAC / BTAC — DOD Insider Threat Management & Analysis Center added to Research card, Behavioral Models card, and annotated bibliography. Includes BTAC Bulletin and Beyond the Bulletin podcast links
  • New NITAM (National Insider Threat Awareness Month) — full history 2019–2025 with themes, CDSE/NITTF resources, and stakeholder engagement toolkit links added to annotated bibliography
  • New U.S. Department of State Insider Threat Program — Office of the Insider Threat Program, Insider Threat Quarterly, FAM references added to annotated bibliography
  • New Steve Crimando, MA, CTM — Behavioral Science Applications, DHS NTER, ATAP, ASIS EPIC. Added to Behavioral Models card and annotated bibliography
  • New "Spot the Bias — Practitioner Edition" interactive quiz added to Analytical Rigor section. Eight self-demonstrating bias examples with click-to-reveal answers
  • New Reviews page — community feedback and totally unbiased self-assessment. Footer link (⭐)
  • Fixed FS-ISAC restored to Standards, Government & Professional Bodies card (dropped in v1.0.0 resource reorganization)
  • Changed Robinson (Purdue, 2025) moved from Audit & Maturity card to Research & Vendor Intelligence card — better fit for TTP trend analysis research
v1.0.0 2026-03-26
  • New MVP 1.0 — framework promoted from "In Progress" to MVP status following CMU SEI OSIT presentation
  • New International & EMEA resources section — NPSA HoMER, NPSA Influencing Leaders guide, NCSC malicious insider guidance, IRRG publications list, IRPA/Five Eyes alliance, UMD Graduate Certificate in Insider Risk (credit: Mark Handy, Nicholas Tuppen)
  • New AI/ML Security Training & Certification section — OWASP Top 10 for LLM Applications, Proofpoint AI Data Security & Agent Security Specialist certifications, 10 AI/ML foundational training platforms (credit: Mark Handy)
  • New Stewart & Handy (2024) insider threat maturity model added to annotated bibliography
  • New insiderthreatmatrix.com promoted with expanded description as companion resource
  • Changed INSA elevated from single paper to organisation-level entry covering full insider threat white paper series
  • Changed Navigation reordered across all pages: New here? · Framework · KSA Matrix · Clusters · Governance · Wellness · References · Contributors · Suggest
  • Changed Footer restructured: link reorder, vibe-coded line separated from contact email
  • New "Latest Updates" chiclet replaces features banner — pulsing orange link to changelog near theme toggle
  • New New tab preference poll — appears after 3rd external link click, collects user feedback via Formspree
  • New Mark Handy added to Contributors — maturity model co-author, AI/ML training resources, INSA/IRPA/UMD suggestions
  • New Nicholas Tuppen (Bank of America) added to Contributors — IRRG publications list, EMEA resources
  • Changed CMU SEI OSIT Working Group moved to prominent position in contributor list
  • Fixed OG image filename mismatch corrected across all pages (og-image.png → ogimage.png)
  • Changed Internal navigation links no longer force new tabs — same-site links open in same tab
  • New IIA GTAG: Auditing Insider Threat Programs added to Standards card, Audit & Maturity card, and annotated bibliography
  • New CompTIA SecAI+ (CY0-001) AI security certification added to AI/ML references and cluster training
  • New Rowland Bartlett added to Contributors — "Top 5" priority KSA filter idea
  • New "Where insider threat fits" section on governance page — HRM, BeTM, and CI relationship framing
  • Changed Resources tab reorganized into three cards: Standards/Government/Professional Bodies, Communities of Practice, Research/Vendor Intelligence
v0.5.1 2026-03-24
  • New Governance page — authorship model, KSA stability commitments, change process, NICE relationship, update cadence, AI/ML emerging threat roadmap, community ecosystem (IRPA/FIRPA, CoEs, OSIT, NITSIG)
  • New Community & ecosystem section — IRPA (Five Eyes alliance), Australian/Canadian/US Insider Risk CoEs, CMU SEI OSIT Working Group, NITSIG, DTEX i³
  • Changed A-SYNTH01 wording refined: "multi-source behavioral and technical data" → "multi-source data — endpoint, cloud, HR, physical, identity" for specificity (credit: Bidemi Ologunde)
  • New CISA Microsoft Expanded Cloud Logs Playbook added to references and SIEM cluster training
  • New OpenID Foundation — Identity Management for Agentic AI added to references and AI/ML cluster training
  • Changed AI/ML emerging cluster description expanded: agentic AI as insider-like access holders, three-dimension threat taxonomy (tool, vector, enabler)
  • New Bidemi Ologunde, PhD, CICA added to Contributors — A-SYNTH01 refinement, CISA cloud logs, agentic AI threat vector
  • New CMU SEI OSIT Working Group added to Contributors
  • New Features banner on framework page linking to clusters, references, governance
  • Changed Navigation updated across all pages — added 📜 Governance link
v0.5.0 2026-03-22
  • New Competency clusters page — 17 skill domains with training paths (free → paid), cert anchors, KSA listings, and concentration relevance. Browse by Technical, Investigative, Intelligence, Program, Cross-cutting, and Emerging groups
  • New KSA Matrix — cluster column added with color-coded pills and cluster filter chips (17 clusters filterable)
  • New Annotated bibliography / references page — APA-formatted research, reports, and publications with practitioner annotations
  • New Changelog page (you're looking at it)
  • New Contact email: hello@insiderthreatanalyst.com
  • New Frank Greitzer (SOFIT 2.0 / Cogility) added to Contributors — suggested bibliography page and mitigation strategy mapping
  • Changed Navigation updated across all pages — added References link
  • Changed Footer updated across all pages — added changelog link and contact email
  • New Competency cluster taxonomy: 122 KSAs mapped to 16 clusters + 1 emerging, with training resources and concentration priority matrix
v0.4.0 2026-03-20
  • New Site-wide navigation bar (secondary nav with active page highlighting)
  • New Animated gradient accent stripe (blue → teal shimmer) on all pages
  • New 7 new tool tiles (21 total): TIP, Forensic imaging, NDR, CSPM, Data classification, Deception, GRC
  • New "Where to start" guidance box with maturity-based tool tiers
  • New Gandalf — Lakera AI added to training platforms
  • New Tim Schnurr's InT Framework & Maturity Assessment added to Audit & maturity section
  • New Section jumper navigation on start.html and wellness.html
  • New Back-to-top button on all pages
  • New Easter eggs (classified mode, Konami code, footer quotes, source comment)
  • Changed Instruction box simplified to single line
  • Changed All external links now open in new tabs
  • Changed Tools FAQ rewritten with maturity-based guidance
  • Changed Tim Schnurr added to Contributors (DataTheftNews + GitHub project)
  • Fixed Tool tile tooltips — removed broken tool-tip-up CSS, all tooltips now show below consistently
  • Removed FS-ISAC ★ Recommended badge from conference tile
v0.3.0 2026-03-16 – 2026-03-18
  • New Career Roadmap gap analysis modal with career pathway visualization
  • New NICE Framework expansion — adjacent work role mapping
  • New Export features for career roadmap and framework data
  • New Suggest page with Cloudflare Worker backend for feedback collection
  • New Contributors page
  • New Feedback widget (thumbs up/down) on all pages
  • Fixed Comprehensive link audit — broken links repaired, duplicate URLs removed
  • Changed Deployed on Cloudflare Pages at insiderthreatanalyst.com
v0.2.0 2026-02 – 2026-03
  • New KSA Matrix page — full filterable matrix with 122 KSAs across 8 concentrations
  • New Wellness page — analyst mental health, burnout prevention, organizational program guidance
  • New Start Here page — onboarding guide for new practitioners
  • New Dark mode toggle across all pages
  • Changed Framework page expanded with Resources tab, Media tab, and adjacent roles section
v0.1.0 2026-01
  • New Initial framework: 5-level career ladder, 8 concentrations, competency dimensions
  • New Certifications & training panel with level-based recommendations
  • New Threats & tools tab with insider threat tool landscape

🚀 Start here · 📚 References · 🤝 Contributors · Changelog · 💬 Suggest

Vibe-coded with Claude™ · hello@insiderthreatanalyst.com