The Cequence Unified API Protection (UAP) platform 8.6 release introduces a new Usage Dashboard, an expanded detection rules library, and a comprehensive security hardening pass across the platform. This release also delivers reporting refinements, upgrades to Strimzi (0.44.0 to 0.45.2) and Kafka (3.7.0 to 3.9.1), and a wide range of bug fixes that improve reliability and operational visibility.
The Usage Dashboard gives all tenants visibility into consumption metrics across the platform, including trend visualization, multi-window trend analysis, and flexible time period selection. The dashboard is available to all tenants without entitlement-based gating.
The detection rules library receives a significant expansion in this release, including the February 2026 rules bundle, new Bot Analyzer rules (R301–R312), re-enablement of rules R205 and R58, and new agentic detection rules covering the x402 protocol and Google UCP (R313–R316). These additions extend coverage of modern automation, AI agents, and emerging traffic patterns.
Security hardening at the infrastructure layer includes disabling self-signed certificates in Kibana by default, hardened security constraints for Airflow, and hardened security contexts in the Helm chart for the sde-service component. The Defender bridge is updated to release 6.1.0.
Usage dashboard
Release 8.6 introduces a Usage Dashboard that surfaces consumption metrics across the platform. The dashboard provides usage data display, trend visualization, multi-window trend analysis, and flexible time period selection. When the selected time range extends beyond available data, the dashboard displays data only for the available time frame. The dashboard is available to all tenants without entitlement-based access restrictions.
Expanded detection rules library
The Bot Analyzer rule set is significantly expanded in this release. The February 2026 rules bundle ships alongside new analyzer rules R301 through R312, the re-enablement of rules R205 and R58, and the unhiding of UTM rules. New agentic detection rules (R313–R316) add coverage for the x402 protocol and Google UCP. Rule R131 is renamed in this release.
Security hardening
Infrastructure-level hardening in this release covers three areas. Kibana now disables self-signed certificates by default. Airflow ships with hardened security constraints. The Helm chart applies hardened security contexts, including non-root execution and a read-only filesystem, for the sde-service component.
Defender bridge update
The Defender bridge is updated to release 6.1.0. UAP 8.6.0 is updated to consume the new bridge version, ensuring compatibility with the latest Defender capabilities.
Defender compatibility
The following table summarizes Defender compatibility requirements for this release.
| UAP release | Defender release | Compatibility |
| 8.4.x and 8.5.x | 6.0.0 or later; 6.0.1 or later | Compatible |
| 8.6.0 or later | 6.0.1 or later | Required |
Fixed issues
Release 8.6.2
Global policies are no longer cleared when the mitigation cache is cleared.
Release 8.6.1
CEQASP-11822: The Enable/Disable toggle on the Policy Edit page is restored and visible.
Global policies now appear correctly in the Clear Mitigator Cache dialog.
Release 8.6.0
CEQASP-10503: The Transactions Masked Viewer role now provides access to the Mitigation Transaction screen.
CEQASP-11224: Elasticsearch backup failures are now surfaced with an error rather than failing silently.
CEQASP-11237: S3 data export transformation scripts now execute correctly and no longer log the raw script in place of transformed output.
Report configurations are now included in import and export operations.
App tag matching on discovery now returns correct results.
Future timestamps in pipeline processing are now handled gracefully.
Source ID is now displayed in the UI.
Headers in the UI pod are now configurable for customer-specific deployments.
IP counts now correctly reflect the number of requests received and mitigated.
Kibana now disables self-signed certificates by default.
The Usage Dashboard is now available, providing consumption metrics with trend visualization, multi-window trend analysis, and flexible time period selection.
Processed count values now correctly reflect analyzed count values.
Counts displayed in reports now match counts displayed in the Cequence UAP platform.
Airflow now uses hardened security constraints.
The Helm chart now applies hardened security contexts, including non-root execution and a read-only filesystem, for the sde-service component.
The query time range on the Generated Reports page now matches the time range in the PDF report.
The Bot Summary Report now displays correct total threat counts across multiple endpoints.
Duplicate HTML element IDs across pages are resolved.
IP count now displays correctly when grouping by fingerprint label.
Trend caption and description are updated for accuracy.
The Bot Management card in the Usage Dashboard now displays analyze count rather than process count.
Average, peak, and low values in the Usage Dashboard are now consistent when the time range is changed.
Usage Dashboard graphs now plot and display correctly across all cards.
The February 2026 rules bundle is included in this release.
Bot Analyzer rules R301 through R312 are added. Rules R205 and R58 are re-enabled. UTM rules are now visible.
Agentic detection rules R313 through R316 are added, covering the x402 protocol and Google UCP. Rule R131 is renamed.
The month dropdown in the Usage Dashboard now displays correctly in light mode.
Email integration now supports batching, enabling transformation scripts to execute correctly.
The Usage Dashboard no longer displays a historical date range when no data is available.
All data endpoints are now populated correctly in the Usage Dashboard following an upgrade.
Per-algorithm dynamic fingerprint data is now included in integration exports.
The Defender bridge is updated to release 6.1.0.
Users in the View Only group no longer encounter a white screen when selecting settings options.
The Usage Dashboard displays data only for the available time frame when the selected time range extends beyond available data.
User preferences are now retrieved correctly when navigating to the Transaction Detection and Mitigation screens.
The log.message.format.version and inter.broker.protocol.version Kafka broker configurations are removed from the Helm chart.
Strimzi is updated to release 0.45.2 and Kafka to release 3.9.1.
Upgrade guides
Upgrade and rollback guides are available for the following paths.