What's new at Draxion.

Upload any AI vendor contract or terms of service. Draxion extracts and risk-scores every clause that matters — data training policies, residency requirements, liability caps, IP ownership, GDPR Article 28 gaps — in under 30 seconds.

• PDF and DOCX contract upload support
• Automated clause extraction across 12 contract risk categories
• GDPR Article 28 gap analysis
• Risk score (0–100) per contract
• Negotiation point summary export
• Side-by-side vendor contract comparison

Family Educational Rights and Privacy Act (FERPA) provisions are now embedded in the Draxion regulatory knowledge base. Education sector customers can now generate FERPA-grounded AI acceptable use policies and compliance reports.

• 6 FERPA regulatory chunks added to knowledge base (34 CFR Part 99)
• FERPA compliance report available for education customers
• AI policy generator now includes FERPA as a selectable framework
• Student data classification added to DLP detection engine

The Data Leakage Prevention engine now detects a significantly expanded range of sensitive data patterns, with particular improvements to source code and financial data detection accuracy.

• Added detection for 14 additional programming language patterns
• SWIFT/BIC code detection added
• IBAN and account number patterns expanded to 34 country formats
• False positive rate reduced by 31% on source code detection
• Detection latency reduced from 180ms to 100ms average

Executives can now complete digital attestation workflows for AI system approvals, creating a timestamped, signed record of informed decision-making under EU AI Act Article 9 requirements.

• Digital attestation workflow for high-risk AI approvals
• EU AI Act risk classification per AI system
• Board dashboard showing all approvals, risk levels, and approvers
• Quarterly board report generation
• Personal liability exposure summary per executive

Security teams can now view aggregated AI risk scores by team, department, and business unit. Manager notification workflows automatically route high-risk alerts to the relevant team lead.

• Department-level risk heatmap dashboard
• Comparative risk ranking across teams
• DLP event concentration by department view
• Manager notification workflow configuration
• CSV export for department risk reports

Completed a comprehensive audit of all database row-level security policies and hardened organizational data isolation. No cross-organization data access was found. Additional defensive layers added.

• Full RLS policy audit across all tables
• Added organization_id validation on all API middleware layers
• Removed 3 legacy endpoints with overly permissive query patterns
• Added automated RLS test suite to CI/CD pipeline
• All SELECT * queries replaced with explicit column specifications

Sarbanes-Oxley Act compliance reporting is now available on Professional and Enterprise plans. Reports cover AI tool usage in financial reporting workflows and map controls to SOX Section 302 and 404 requirements.

• SOX Section 302, 404, 906 provisions embedded
• Financial data AI tool exposure assessment
• CEO/CFO attestation support documentation templates
• IT general controls mapping for AI systems

The detection feed has been completely rebuilt for performance and usability. Slack integration now routes alerts based on saved filter presets.

• Detection feed rebuilt — 10x rendering performance improvement
• Saved filter presets (up to 10 per organization)
• Slack alert routing by filter preset
• Email digest option (daily/weekly)
• Bulk export for any time range and filter
• Detection latency indicator added to dashboard header

Draxion officially enters private beta for qualified IT security and compliance professionals. The initial release includes Shadow AI Discovery, DLP scanning, employee risk scores, GDPR and NIST compliance reports, and the AI acceptable use policy generator.

• Shadow AI Discovery via Chrome extension
• DLP scanning for PII, credentials, and source code
• Employee risk scores (0–100)
• Real-time detection feed
• AI Acceptable Use Policy Generator
• GDPR compliance reports (48 regulatory chunks embedded)
• NIST AI RMF assessment report
• Tool approval workflow