If you like to stay up-to-date through email notifications, we’ve got you covered. You can now sign up to receive notifications when a resilience recommendation is created or updated and when an analyst completes an action. We keep the emails short and to the point but if you need to reply, it will go to our SOC (we enjoy a good laugh, so images like cat pyjama-jam are welcomed). Read on to learn about the other enhancements (we’re looking at you Endgame customers).
Highlights
We’ve added five new investigative actions for Endgame devices
We’ve expanded our Endgame integration to include Query IP, Query Domain, Query Host, Query User, and Query File hunting capabilities. These enhancements enable analysts to query for specific evidence based on user-selected investigative actions and time range.
More email options
We’ve added more email notification options. You can now select to receive notifications for resilience recommendations. With this option, we’ll notify you when a resilience recommendation is added, updated, commented on, or when the status changes. You can also select to receive notifications when an analyst completes an action.
We’ll keep an eye out on the number of emails we’ll send you. This will prevent you from receiving an overwhelming amount of emails (in a short timeframe) should a rapid number of non-unique events happen.
Other Enhancements
If you were part of our cloud early access program, you might notice some changes in your metrics. All the data is the same, we’ve just improved the functionality in Workbench, so alerts from cloud devices display as Cloud instead of SIEM.
Other fixes (and a few odds and ends)
- We fixed a bug that prevented data results from displaying correctly in Data Viewer.
- We’ve improved the bulk assign feature in the alert assign page to only show relevant assignees.
- We fixed a minor error in the flow of numbers for the authenticator.
- We fixed an issue where our backend was correctly blocking functionality, but Workbench wasn’t.
- We fixed a bug that caused specific devices to show up multiple times on the Alerts Analysis dashboard.
- We fixed a bug that disabled our ability to run specific investigative actions against one of our cloud devices.