Run the Assembler in AWS

We spilled the beans when we sent our quarterly release notes out, but for those that missed it (or are as excited as we are), you can now run the Assembler in AWS. We’re working on adding the self-service capability but in the meantime, reach out to your engagement manager to get things set up. Learn more about our other enhancements and updates.


We have a new addition to the share with you, the AWS Assembler. We listened to your requests and got right to work. To get started, head over to the Assemblers page and follow the instructions on the Download Installer modal. We’re working on the capability to self-service the AWS Assembler, but until then, our Engagement Managers are happy to help you get set up.

Other Enhancements

It’s the little things that matter. When you create an investigation, Workbench will now auto-select the “Organization Reported” option to save you one less click.

We’ve added informational text to our Edit Security Device modal to help you better understand the modal behavior.

Other fixes (and a few odds and ends)

  • Certain security device logo dimensions were being squashed in Workbench, but we fixed the issue.
  • Organization admins are no longer required to enter your 2FA code when editing a security device. Since this admin can no longer retrieve security device credentials from Workbench, we removed the security measure.
  • The Situation Report dashboard displayed closed remediation actions under the “Open remediation actions” section. This issue also threw off the count of open and closed remediation actions. Since we know how important the dashboard metrics are for you, we made sure to fix this issue as soon as we discovered it.
  • The navigation menu on our mobile site had been hiding behind other page elements, but this issue has been fixed.
  • We fixed an issue that disabled the info icon on the Alerts grid.
  • We fixed an issue that prevented users from being able to successfully create “File path” investigative actions when using raw mode.
  • Now when an incident is closed, completed remediation actions will preserve their “Completed” tag, while remediation actions not completed will display the “Closed” tag.