v3.1

Published: 11.01.2025

New Features

Added External Asset Discovery Policy under Scenario/Discovery/Integration module for artifact collection to External Asset Discovery grid under Analysis and Investigation section. Also added other External Exposure Analysis grids: Domain Analysis, SSL Certificate Analysis, External NMAP Script Scan Analysis, External Vulnerability Scan Analysis, Cybersquatting, Darkweb, Data Breaches, Leaked Credentials, All Data. Settings for these grids are added to MSSP level. Added new External Exposure objects to Classification rules. For short analysis by mentioned grids External Exposure Overview dashboard was added.
Added Windows OS Patching Policy under Vulnerability Management module. Data about Windows Patch updates comes to the Security Assurance - Windows Patch Management grids.
Added Endpoint Security Software Analysis Policy under Asset module for artifact collection to Endpoint Security Software Activity grid, that was added under Analysis and Investigation - Threat Analytics section.
Added Microsoft Defender Health Analysis Policy under Asset module for artifact collection to Microsoft Defender Analysis grid, that was added under Analysis and Investigation - Asset section.
Added Windows Script Content Analysis grid, that was added under the Analysis and Investigation - Threat Analytics section.
Added System Health Check under SUPERORG Management on MSSP level. Also added functionality to send emails when issues are detected during monitoring.
Expanded IP Scan & Penetration Testing Policy to Tenable Nessus Network Scan and OpenVAS Credentials.
Added Linux Remediation Approval Management and implemented a dependency on it.
Added "AI Risk Score" and "AI Response" columns and “Ask AI Feedback for Displayed” button to the grids."AI Risk Score" and "AI Response" columns are filled in accordance with the AI response to the question. This functionality has also been added to the Shadow IT dashboard. AI feedback is limited to 512 chars.
Added “Approve AI Findings” button to the Classification & Enrichment in Shadow IT dashboard. It adds records to Trusted Artifacts if AI Risk Score <=69.
Added “Clear AI Responses for Displayed” button to the AI Feedback Wizard.
Added new tab Process Management to GRC - Risk and Opportunity Management. Created Process can be added to the Risk entry.
Added possibility to create Incidents directly from Notify on Match and Scenario Rules.
Added new remediation function for Windows Local Users & Windows Local Administrator grids to change Local User password.
Added Shadow IT Report based on Shadow-IT Dashboard.
Added functionality to track deployed packages in CLAPI.
Added automatic enabling Multi-Factor Authentication (MFA) for the Admin account.
Added a "Username" field to Windows Sysmon Threat Analysis, populated with values from Sysmon logs or the process username property and fixed the problem with the search bar.
Added GRC Dashboard and renamed GRC Summary as GRC Impact Analysis Dashboard.

Improvements

Improved Top and Right click menu structure for all grids. Removed “Remove” action. Added "Reclassify" action to top "...", row "..." and right-click.
Made next GRC improvements: reordered columns, Set Value is added to Top ... menu, Control Applicable=Yes filter is activated by default in the Control Activity grid, added Risk Owner Users and Risk Owner Groups.
Improved data adding to Classification rules using “Is one of (exact)” option.
Improved Threat Monitor to set the Event ID to 1 if it is null.
Improved Elastic Management with Health checks and Auto index cleaning.
Improved the Status button to ensure Sysmon is not monitored when the Sysmon policy is inactive.
Improved Vulnerability Scan Results grid with "Show Original Data" right-click action and column "original_data" with output scanners data for ZAP, openVAS and Nessus.
Improved Service Desk grid with the following updates: updated grid column order; Enabled opening the Edit view for an incident/request by clicking on the title; Added a right-click action to "Add Activity"; enhanced related alerts and assets selection to support search functionality.
Added time column to the OSQuery - Shell History.
Added "Assigned Groups" column to the "Policy Management" grid.
Removed “Dashboard view” option for all grids.

Bug fixes

Fixed records visibility problem for Windows Agent Content Search Results grid.
Fixed regular grid menu error in Console browser.
Fixed Control Mapping data coming to Risk management record by CIS Safeguard value.
Fixed bulk Linux remediation job creation.
Fixed Remediation Functions double sync from Global.
Fixed Risk score calculation/updating for GRC Risk records.
Fixed Incident creation flow for different cases.
Fixed an issue with package removal.
Fixed an issue in Shadow IT where the bottom filter buttons were not applied.
Fixed an issue with adding text to reports.
Fixed an issue with filtering from aggregation in grids.
Fixed AD Credentials to hide the password text for enhanced security.
Fixed an issue with updating Incidents/Requests.
Fixed error during adding to Image and Network Access Exclusions rules for Windows Sysmon Threat Analysis grid.

Previousv3.1.1 Nextv3.0.10

Last updated 1 month ago

Was this helpful?

v3.1

Published: 11.01.2025

New Features

Added External Asset Discovery Policy under Scenario/Discovery/Integration module for artifact collection to External Asset Discovery grid under Analysis and Investigation section. Also added other External Exposure Analysis grids: Domain Analysis, SSL Certificate Analysis, External NMAP Script Scan Analysis, External Vulnerability Scan Analysis, Cybersquatting, Darkweb, Data Breaches, Leaked Credentials, All Data. Settings for these grids are added to MSSP level. Added new External Exposure objects to Classification rules. For short analysis by mentioned grids External Exposure Overview dashboard was added.
Added Windows OS Patching Policy under Vulnerability Management module. Data about Windows Patch updates comes to the Security Assurance - Windows Patch Management grids.
Added Endpoint Security Software Analysis Policy under Asset module for artifact collection to Endpoint Security Software Activity grid, that was added under Analysis and Investigation - Threat Analytics section.
Added Microsoft Defender Health Analysis Policy under Asset module for artifact collection to Microsoft Defender Analysis grid, that was added under Analysis and Investigation - Asset section.
Added Windows Script Content Analysis grid, that was added under the Analysis and Investigation - Threat Analytics section.
Added System Health Check under SUPERORG Management on MSSP level. Also added functionality to send emails when issues are detected during monitoring.
Expanded IP Scan & Penetration Testing Policy to Tenable Nessus Network Scan and OpenVAS Credentials.
Added Linux Remediation Approval Management and implemented a dependency on it.
Added "AI Risk Score" and "AI Response" columns and “Ask AI Feedback for Displayed” button to the grids."AI Risk Score" and "AI Response" columns are filled in accordance with the AI response to the question. This functionality has also been added to the Shadow IT dashboard. AI feedback is limited to 512 chars.
Added “Approve AI Findings” button to the Classification & Enrichment in Shadow IT dashboard. It adds records to Trusted Artifacts if AI Risk Score <=69.
Added “Clear AI Responses for Displayed” button to the AI Feedback Wizard.
Added new tab Process Management to GRC - Risk and Opportunity Management. Created Process can be added to the Risk entry.
Added possibility to create Incidents directly from Notify on Match and Scenario Rules.
Added new remediation function for Windows Local Users & Windows Local Administrator grids to change Local User password.
Added Shadow IT Report based on Shadow-IT Dashboard.
Added functionality to track deployed packages in CLAPI.
Added automatic enabling Multi-Factor Authentication (MFA) for the Admin account.
Added a "Username" field to Windows Sysmon Threat Analysis, populated with values from Sysmon logs or the process username property and fixed the problem with the search bar.
Added GRC Dashboard and renamed GRC Summary as GRC Impact Analysis Dashboard.

Improvements

Improved Top and Right click menu structure for all grids. Removed “Remove” action. Added "Reclassify" action to top "...", row "..." and right-click.
Made next GRC improvements: reordered columns, Set Value is added to Top ... menu, Control Applicable=Yes filter is activated by default in the Control Activity grid, added Risk Owner Users and Risk Owner Groups.
Improved data adding to Classification rules using “Is one of (exact)” option.
Improved Threat Monitor to set the Event ID to 1 if it is null.
Improved Elastic Management with Health checks and Auto index cleaning.
Improved the Status button to ensure Sysmon is not monitored when the Sysmon policy is inactive.
Improved Vulnerability Scan Results grid with "Show Original Data" right-click action and column "original_data" with output scanners data for ZAP, openVAS and Nessus.
Improved Service Desk grid with the following updates: updated grid column order; Enabled opening the Edit view for an incident/request by clicking on the title; Added a right-click action to "Add Activity"; enhanced related alerts and assets selection to support search functionality.
Added time column to the OSQuery - Shell History.
Added "Assigned Groups" column to the "Policy Management" grid.
Removed “Dashboard view” option for all grids.

Bug fixes

Fixed records visibility problem for Windows Agent Content Search Results grid.
Fixed regular grid menu error in Console browser.
Fixed Control Mapping data coming to Risk management record by CIS Safeguard value.
Fixed bulk Linux remediation job creation.
Fixed Remediation Functions double sync from Global.
Fixed Risk score calculation/updating for GRC Risk records.
Fixed Incident creation flow for different cases.
Fixed an issue with package removal.
Fixed an issue in Shadow IT where the bottom filter buttons were not applied.
Fixed an issue with adding text to reports.
Fixed an issue with filtering from aggregation in grids.
Fixed AD Credentials to hide the password text for enhanced security.
Fixed an issue with updating Incidents/Requests.
Fixed error during adding to Image and Network Access Exclusions rules for Windows Sysmon Threat Analysis grid.

Previousv3.1.1 Nextv3.0.10

Last updated 1 month ago

Was this helpful?