Release notes-Release 87035

Release notes-Release 87035

August 22, 2021

This release includes the following features and enhancements:

Platform

New Feature OpenID Connect (OIDC) authentication

  • Support for new identity provider - OIDC authentication.

Enhancements

  • Increased retention period for Automated Threat Books from seven days to thirty days.

Compliance

Enhancements

  • Capability to choose multiple OS by using the drop-down list on the Host Compliance scan dialogs - Scheduled Scan, Scan Now, and Exception Scan.

Detections

Enhancements

  • Added the Edit Exceptions button on the Event Rule page for direct navigation to the Configure Alerts section.
  • Added the Event Table column on the Event Rules page that displays the event table name for each event rule.
  • The Action column on the Detections page has an option to assign a detection to users and close/open a detection.
  • Replaced the Timespan column with the Start Time column on the Detections page that provides Filter and Sort capabilities.
  • Navigation options on the alert information page - Asset Details, View Event Rules, View Alert Rules.

API

Added/enhanced the following APIs.


API
Description
/detections
API response fields :
- hasLateralMovement to display when the lateral movement from a detection is true or false.
- tacticCount to display the count of unique techniques detected for a particular detection.
/assets/slack/users
Slack integration in bulk by using a CSV file to enable User Driven Security.

Resolved Issues

  • Process carving is now getting disabled by setting the disable_process_carver flag to true.
  • The DELETE button on the Reports page remains active only for the user who created the report.