Release notes-Release 85054
This release includes the following features and enhancements:
- New feature: Exposed audit configurations in the upt_asset_audit_configurations table.
- New feature: Support to filter event and alert rules based on common tags.
- New filter columns - Source and Service - on the Assets under management page. For more information, see Assets.
- New dialog to manage tags on the Asset details > Settings tab. The Manage tag dialog lets you create a new tag or assign an existing tag using the drop-down list of tags. For more information, see Tag management.
- Enhancement: Added the Rule count and Priority columns for the blocking policy profile list view. For more information, see Blocking.
- New standard: DISA STIG available for CentOS 8 and Ubuntu 16 (Add-on).
- New standard: NIST 800-53 for macOS.
- Added checks for endpoint battery condition (macOS).
- Added state parameters for launched services - running, loaded, and disabled (macOS).
Note : These compliance features and enhancements are supported on the endpoints running osquery version 4.6.5.x and higher.
- New feature: Support to add exceptions based on ancestry list - The Copy path button available to copy the ancestry list from the Alert Details page. For more information, see Alert Details.
- New feature: Support to add exceptions to event
rules (similar to alert rule exceptions) so events that match the
exception are not stored in the DB. For more information, see Event Rules.
Changes to event rules:
- Default rules: Enabled four rules for network IOCs in Uptycs Threat Intelligence.
- Default rules: Retired three rules for network IOCs.
- Delete functionality for threat group profiles and toolkit profiles. For more information, see Threat Profiles.
Provides connection status of all accounts.
No known issues.
- AWS Report runs not visible
- Duplicate locations in the 'cloud/location' API
- Cloud compliance chart showing services instead of standards
- NIST 800-53 standards reported true compliant for macOS endpoints even when the root login was enabled.
- Host compliance evidence drill-down data not displayed
- Event rule exception based on upt_asset_tag (when key and value are defined) not working
- Binary path not included in the description of the process node when an event was reported to the process_file_events table.
- Breadcrumbs are incorrect after specific navigation steps