Log In

v4.0

Published: 26.07.2025

New Features

  • Added a new Role structure, allowing organization members to be assigned specific Roles by Admin that define their access to pages and actions within the organization.

  • Added integration with Palo Alto Cortex XDR to receive Alerts and Incidents. Configuration requires setting Remote Credentials with Type - Palo Alto Cortex API Credentials and Integration Settings with Type - Palo Alto Cortex XDR. Data is available in Artifact Analysis under Threat Analytics - Palo Alto Cortex XDR Alerts (Incidents).

  • Added Palo Alto Cortex XDR Analysis Policy to collect data from Cortex XDR Service (should be installed additional from the Packages). Data comes to Artifact Analysis - Asset - Palo Alto Cortex XDR Analysis grid.

  • Added a Windows Performance Analysis Policy to collect performance data from the CyberCyte agent. Data is displayed in grids under Asset Management - Performance Management. Performance Dashboard (the first tab) was added for enhanced data visualization.

  • Added Prowler integration for enhanced security auditing, with support for Azure and AWS users. We can configure it by setting Remote Credentials and defining a Policy that located Scenario/Discovery/Integration - Cloud Configuration & Identity Analysis. Data comes to the Security Assurance - Cloud Configuration Management - Prowler Assessment Results grid.

  • Added Windows Browser Add-on Management Policy to collect browser Add-on. Data comes to Artifact Analysis under Windows - Windows Browser Add-on Analysis grid. Added functionality for users to create a remediation job to remove unnecessary or unwanted browser add-ons, enhancing browser security and performance.

  • Added Wazuh CIS Integration to enhance security controls assessment. Configuration requires setting up the Wazuh Security Controls Assessment Policy, located under the Hardening and Configuration Management module. Data is available in Security Assurance under Hardening and Configuration Management - Wazuh Security Controls Results.

  • Added “Windows Failed Logins Threshold Analysis” and “RDP Login Activity” to Artifact Collection Parameters to increase data collection capabilities in Windows Event Log Analysis Policy. Data is available in Artifact Analysis under Threat Analytics - Windows Failed Login Analysis, Windows RDP Login Activity grids.

  • Added Trellix integrations that can be set in the Endpoint Security Software policy under Security Software Names.

  • Added Agentless Windows and Linux Collection Rules under Artifact Collection Parameters in Rule and Policy.

  • Added more AI questions to the GRC module, Prowler, and other grids. Improved AI based analysis.

  • Added AI based Remediation option for Internal Vulnerability Scan Results grid. To use it, need to select Display value for AI response in AI Vulnerability Recommendation column and select Windows or Linux remediation for script. Script can be modified.

  • Added GRC Incidents and ToDo at the MSSP level, with synchronization to the organization level.

  • Added GRC Document Template at the MSSP level, with synchronization to the organization level. Also added linking Document Template with main GRC entities.

  • Added Update Applications button to top menu in Windows Application grid for bulk update applications.

  • Added new remediation type 'Update Installed .NET Framework(s)' for Discovered Devices grid.

  • Added a "Send for Confirmation" feature to GRC Documents, allowing users to submit documents for review. Confirmation results are now displayed on the User Dashboard for easy access and tracking.

  • Added "Update Related Controls" and "Discover Relate Mappings" buttons to Control Activity for Control mapping. Also, it was reworked and extended mapping in GRC module.

  • Added Export All Data (from DB) option to all grids. Using this option, we can export all the columns contained in the database (not only those that are presented on UI). The presentation of exported data has also been improved.

  • Added Re-Initialize options to row action in Windows Applications Job grid.

  • Added Delete Failed Entries to top actions in Windows Package Management Logs grid.

  • Added to the top option to view training videos.

  • Added xAI / Grok support.

  • Added API Void source for Enrichment.

  • Added support for Kaspersky APIs to enhance threat intelligence querying capabilities.

  • Added OpenRouter.ai support.

  • Added charts to Windows Package Management Logs grid.

  • Added MAC History column to Device Management grid.

Improvements

  • Improved Host Analysis dashboard.

  • Improved grids with adding Show AI results buttons and Tag filter. Added opportunity to add Review date and Comment from the row action; bulk add and delete Tag in the grid Action. Also, it was reworked column order. Added opportunity to quick view row value by tap on value in Last Update Date column.

  • Improved the Notable Events grid at the MSSP level by adding new options, including the ability to add Notes and send Emails directly from each row. Also added Classification rules directly for MSSP level including support for specifying the organization ID.

  • Improved Shadow-IT dashboard: now displays a Tags column for permitted items when the eye icon is clicked, with the "+" icon toggling to "-" to remove "Trusted Artifacts" and "Not Shadow-IT" tags.

  • Improved GRC grids (Risk, Documents, Controls, Security Controls, Control Activity) with new options to quickly Set Values directly from the row.

  • Improved Remediation flow for Windows and Linux jobs creation. Currently, all jobs will be created in Waiting Approval status, and we added the opportunity to bulk approve or reject all Waiting Approval jobs.

  • Improved Package Job synchronization with adding validation error during incorrect package creation and the output of synchronization job errors in the scheduling.

  • Improved a system to randomly select AI models for queries based on rate limits, optimizing performance and resource usage.

  • Improved Notification Rule visibility by hiding inapplicable Rule type.

  • Added CVE-XXXX and CVSS Base Score value search on Vulnerability dashboards.

  • Added ‘Terminate (Unknown) Process if Not Allow Listed’ checkbox for Threat Monitoring Policy to terminate all processes that are not in the Whitelist.

  • Added Health State Reason column to Palo Alto Cortex XDR, CrowdStrike, Microsoft Defender Analysis grids to track reason for Unhealthy status.

  • Added Privacy Policy agreement during user registration.

  • Added Properties field to Asset Class that added ability to set Additional Properties in the Asset grid (GRC module).

  • Reworked order and naming in left menu for Dashboards, Analysis and Investigation, Response Management, Security Assurance.

  • The following renaming and interface structure changes were made: Active Directory grids renamed as Repository Discovered grids, Remediation & Response settings as Remediation Settings, Analysis & Investigation subitem as Artifact Analysis, Threat Hunting as Analysis & Investigation, Threat Response as Response Management.

Bug fixes

  • Fixed an issue with organization user access to MSSP level pages.

  • Fixed an issue with duplicated records coming in Windows Asset Activity Tracking grid.

  • Fixed an issue with missing data in email column in the Repository Discovered Users grid.

  • Fixed an issue with undeleting packages during uninstalling Linux agent.

Previousv4.0.1Nextv3.3.10

Last updated

Was this helpful?