Portal 68055 - Release Details

Portal 68055 - Release Details

Announcing Uptycs platform 68055, released Sep 12, 2020


New Features


Threat intelligence dashboard

A new Threat intelligence dashboard is available to view and monitor threat indicators, threat sources and threat alerts. For more information, refer to Threat Intelligence section in help. Contact Uptycs support to activate this feature.


Compliance overview dashboard

An AWS Compliance Overview dashboard is available to view and monitor cloud compliance that relates to CIS for AWS services. For more information, refer to Compliance Dashboard in help. Contact Uptycs support to activate this feature.


Compliance profiles

A new feature is available to create and manage Compliance Profiles for non-cloud compliance via the Configuration menu. For more information, refer to Compliance profiles in help.


Alert exceptions

An option is available to add alert exceptions to the default and custom event rules (including the default AWS event rules) using the Wizard option. Alert exceptions for AWS event rules are limited to the AWS account ID, region, and tags. For more information, refer to Event rules in help.


Improvements / Fixes


Custom dashboard widgets

New custom dashboard widgets are available that include the Gauge chart, Sunburst chart, Area chart, and Plot chart. For more information, refer to Custom Dashboards in help.


Update previously integrated AWS accounts

An enhancement is available that shows a warning message on the AWS integration page to update the previously integrated AWS accounts with their list. For more information, refer to AWS in help.


Cached queries

The Cloud Security and Compliance dashboards now support cached queries data that refresh every hour. For more information, refer to Cloud Security and Compliance in help. 


CloudTrail logs ingestion

By default, CloudTrail logs now show only non-readOnly events from AWS. To get readOnly events, contact Uptycs support.

SQL Event/Alert rules


Other enhancements / fixes


As a part of performance improvement, now it is mandatory to enter the :to parameter in a SQL Event/Alert rule. However, the SQL rules containing the :from and :to parameters are also valid. For example:

SELECT * from etc_hosts WHERE etc_hosts.upt_time >= TIMESTAMP :from AND etc_hosts.upt_time < TIMESTAMP :to;

Other SQL rules without the :to parameter are not valid and they result in a format error.


The following customer related issues were also addressed in this release

  • Fixed an issue for the users without admin role. Now they cannot add asset groups to themselves.
  • Fixed an issue with the IPv6 custom threat source alerts. Now IPv6 custom threat sources are generating alerts.