Release notes-Release 76028

Release notes-Release 76028

February 10, 2021


Image exclusions

Added a new Image Exclusions configuration option to exclude system files from generating events from Windows endpoints. For more information, see Image Exclusions.

Removed shell_history table

The shell_history table has been removed from the default Uptycs seed profiles to optimize memory usage. For more information, see Uptycs Profiles.

User driven security

Enhanced the user driven security (UDS) feature to support macOS, Linux, and Windows endpoints. For more information, see User Driven Security.

Note : This enhancement is in the beta stage.

AWS event rules

Added AWS event rules (by using dynamic lookup tables) to detect the events generated by the use of new service, country, region, user and exfiltration from the RDS database instance. For more information, see AWS.


VirusTotal links

Added VirusTotal links in the PIVOTS tab that navigates to the relevant files, domains, and IP addresses that are responsible for the detection. For more information, see Detections.


Added the following API enhancements:

APIDescription (Support to...)
/detectionsExpose extra columns regiontenantId and tenantName.
  • Fetch all detections
    https://{{domain}}.uptycs.io/public/api/customers/{{customerId}}/detections
  • Fetch a specific detection
    https://{{domain}}.uptycs.io/public/api/customers/{{customerId}}/detections/{{detectionId}}
/destinationsSend alert notifications to S3 buckets.
/tags
  • Delete association of a tag accross multiple hosts via CSV.
  • Download the list of live host names that include a tag.
  • Download the list of all host names that include a tag.
  • Associate a tag via filter.
  • Associate a tag via CSV.
/alertRulesBulk update API.
/eventRulesBulk update API.

  • Process graph improvements for smaller screens.

  • Generating UDS reports in Slack is currently not supported for Windows endpoints.