Changelog version 1.9.2404.0
New: Multitenancy for selective Access Rights control and targeting of e.g. Detection Rules per tenant
New: Integration with LiveGuard Advanced cloud sandbox
Added: Ability to Report Incident as an action available in the Rules syntax
Added: Ability for Endpoint Detection types to be matched in the EI Rules (for elevation to Incident)
Added: Monitoring of selected Win API calls
Added: Canary files utilization for enhanced detection of Ransomware behaviors
Improved: Detection of multiple similar network events in a row (previously considered as "duplicates")
Improved: Signals about potentially suspicious events from Firewall and Network protection layers
Added: Ability to detect events of writing to and modifying multiple files
Added: Link between URL connections and dropped files (for improved investigation of Incidents)
Added: Ability to detect setting file attributes ("SetFileAttribute") on Linux
Added: Ability to detect and investigate a process deleting its files
Added: REST API now enables Incident Management capabilities
Added: REST API now allows searching for Executables and their metadata
Added: User Logout as a new action
Added: Submit files to LiveGuard Advanced analysis as a new action
Added: "Remember this device" for login when using 2FA
Improved: Database and general performance
Improved: Executable certificate signature verification method
Reactie toevoegen
Log in of registreer om een reactie te plaatsen.