VigilGuard 1.8.0 Higher Detection Accuracy, Smarter Scaling

Version 1.8.0 continues the 1.7.x line with a focus on three areas: detection accuracy on encoded and obfuscated attacks, scaling that adapts to the host it runs on, and broader coverage across browsers and AI platforms. The detection and performance work lands first; the new platform surfaces extend where Vigil Guard runs.

The upgrade stays backward compatible for integrations and security policies, with one exception that operators should plan for: a metrics label change documented in the operator notes below.

The detection layer received its largest accuracy upgrade of the 1.x line, aimed at attacks that hide their payload behind encoding and obfuscation. The heuristic signal now recognizes a broad family of evasion techniques used to smuggle injection payloads, including Unicode-tag injection, zero-width characters, homoglyphs, base-N encodings, ROT13, and leetspeak.

Two model components were upgraded at the same time. The neural detector behind the injection signal classifier moves to a new model generation, and a new embedding engine now powers the semantic (vector-similarity) signal, with added carrier and intent gating that sharpens its decisions.

The decision engine's signal weights were recalibrated to the values below, with the block threshold held at 40. The rebalancing raises true-positive rates on encoded attacks without widening the false-positive envelope.

Production profiles (prod-32, prod-64, prod-128, prod-256-balanced) no longer ship a single fixed shape. Each profile now scales service replicas to the host class, so a larger host actually serves more traffic. The injection signal classifier scales from 2 to 4 replicas and the semantic worker from 1 to 2 replicas where the host supports it. The four profiles require 20, 28, 36, and 52 CPU cores respectively.

Admission budgets are now resource-aware as well. API in-flight and batch-concurrency limits are resolved from host facts through the scaling lock rather than applied as one static value across every profile. When the system sheds load, overload responses (HTTP 503) now emit explicit admission metrics with a fail-closed client contract.

Inside the injection signal classifier, new runtime controls reduce inference cost without changing detection quality: a decision-exact early exit and independent batching lanes for short and long inputs. Production and dev profiles now use a short batching lane at 2 ms and a long lane at 10 ms, with early exit enabled in enforce mode and an environment-only rollback path.

The browser extension now installs and runs on Microsoft Edge. Edge is served as a mirror of the Chrome build: the same signed package, the same extension ID, and the same update and force-install policies, so anything shipped to Chrome reaches Edge automatically. Browser telemetry now reports Edge as Edge, and enterprise fleets can deploy it through Group Policy, Intune, or Jamf using the Microsoft Edge policy namespace. In-product Help documents the Edge deployment path.

Two new protected platforms join the list. Microsoft 365 Copilot Chat (Copilot O365) is now a first-class platform at m365.cloud.microsoft, copilot.cloud.microsoft, and m365copilot.com, with prompts captured and redacted before submission. Public Copilot and Copilot O365 are tracked as separate platforms with independent rules and distinct event source IDs. Z.ai (chat.z.ai) is added as a first-class platform with its own rule, Web UI entry, and icon.

The release includes targeted fixes, several in the PII detection engine. Bare, checksum-valid Polish NIP and REGON identifiers are now detected directly. Ticket and reference number shapes and grouped monetary values are no longer misclassified as phone numbers, while explicit phone context is preserved. The regex fallback now runs only on genuine engine failover paths, never after a successful empty response.

On the extension side, the Copilot O365 composer is redacted before submission with duplicate scans suppressed so each submission is scanned exactly once, and the enterprise managed-storage policy schema for disabled and monitor-only platforms loads correctly again on both Chrome and Edge.

One change is potentially breaking. The API counter vigil_api_guard_capacity_rejections_total now carries a reason label (ingress_saturated, llm_saturated, semantic_saturated, timeout_budget) so shed 503s can be attributed by cause. Adding a label changes the series identity, so any dashboard or alert that selects the previously unlabeled series directly will see a reset or gap across the upgrade. Switch to an aggregated form such as sum(rate(vigil_api_guard_capacity_rejections_total[5m])) for continuity.

The upgrade engine now runs a capacity preflight and commits the scaling lock transactionally, propagates the scaling resolver's exit code instead of masking failures, and rolls back cleanly if a preflight or commit step fails. The host-config channel for selecting the scaling profile is unchanged. In-product Help has been synced to v1.8 across the browser-extension, installation, quick-start, web-interface, and API-reference sections, mirrored for Chrome and Microsoft Edge.

VigilGuard Enterprise 1.8.0 is available to all customers under active support. The upgrade is recommended first in environments exposed to encoded or obfuscated injection attempts and in fleets standardizing on Microsoft Edge or Microsoft 365 Copilot.